10 matches found
PYSEC-2026-1040 TensorFlow vulnerable to `CHECK` fail in `TensorListScatter` and `TensorListScatterV2`
Impact When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=2, 2, 2, dtype=tf.float16, maxval=None...
EUVD-2022-6949
Malicious code in bioql PyPI...
FreeBSD : py-tensorflow -- denial of service vulnerability (ae132c6c-d716-11ed-956f-7054d21a9e2a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ae132c6c-d716-11ed-956f-7054d21a9e2a advisory. - TensorFlow is an open source platform for machine learning. The implementation of...
SUSE CVE-2022-35991
TensorFlow is an open source platform for machine learning. When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...
`CHECK` fail in `TensorListScatter` and `TensorListScatterV2` in eager mode
Impact Another instance of CVE-2022-35991, where TensorListScatter and TensorListScatterV2 crash via non scalar inputs inelementshape, was found in eager mode and fixed. python import tensorflow as tf arg0=tf.random.uniformshape=2, 2, 2, dtype=tf.float16, maxval=None arg1=tf.random.uniformshape=2...
py-tensorflow -- denial of service vulnerability
Kang Hong Jin, Neophytos Christou, 刘力源 and Pattarakrit Rattankul report: Another instance of CVE-2022-35935, where SobolSample is vulnerable to a denial of service via assumed scalar inputs, was found and fixed. Pattarakrit Rattankul reports: Another instance of CVE-2022-35991, where...
CVE-2022-35991
TensorFlow is an open source platform for machine learning. When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. We have patched the issue in GitHub commit...
TensorFlow vulnerable to `CHECK` fail in `TensorListScatter` and `TensorListScatterV2`
Impact When TensorListScatter and TensorListScatterV2 receive an elementshape of a rank greater than one, they give a CHECK fail that can trigger a denial of service attack. python import tensorflow as tf arg0=tf.random.uniformshape=2, 2, 2, dtype=tf.float16, maxval=None...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google, Inc. in the United States. A security vulnerability exists in Google TensorFlow that stems from TensorListScatter and TensorListScatterV2 failing to give an assertion when they receive an elementsha...
PT-2022-23089
Name of the Vulnerable Software and Affected Versions TensorFlow versions prior to 2.10.0 TensorFlow versions 2.9.1 and earlier TensorFlow versions 2.8.1 and earlier TensorFlow versions 2.7.2 and earlier Description TensorFlow is an open source platform for machine learning. When TensorListScatte...