Google TensorFlow Input Validation Error Vulnerability (CVE-2022-29192)

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to an input validation error in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which originates in tf.rawops QuantizeAndDequantizeV4Grad does not fully validate the input parameters and c...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-44160)

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to input validation errors in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, stemming from tf.rawops DeleteSessionTensor does not fully validate the input parameters and can be exploited ...

Google TensorFlow code issue vulnerability (CNVD-2022-44171)

Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4 are vulnerable to a code issue stemming from tf.rawops. QuantizedConv2D does not fully validate input parameters. No detailed...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-44167)

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to input validation errors in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, stemming from tf.rawops LoadAndRemapMatrix does not fully validate the input parameters and can be exploited t...

Google TensorFlow integer overflow vulnerability (CNVD-2022-44166)

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable to integer overflow in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which originates from tf.rawops. SpaceToBatchND has an integer overflow problem. An attacker could use this...

Google TensorFlow Denial of Service Vulnerability (CNVD-2022-44170)

Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4 due to a vulnerability in tf.rawops. UnsortedSegmentJoin has incomplete validation of the input parameters. An attacker could use this...

Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-44175)

Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from the fact that tf.rawops.UnsortedSegmentJoin does not fully validat...

CVE-2021-29522

TensorFlow CVE-2021-29522 concerns division-by-zero in Conv3DBackprop* paths. Multiple connected sources (NVD entry, OSV advisories, GHSA advisory, CNVD entry, BIT-TENSORFLOW OSV) show that tf.raw_ops.Conv3DBackpropInputV2/Conv3DBackpropFilterV2 may fail to validate non-empty inputs, leading to a...

CVE-2021-29564

TensorFlow vulnerability CVE-2021-29564: a null pointer dereference in tf.raw_ops.EditDistance due to incomplete input parameter validation in the EditDistance kernel (edit_distance_op.cc). Impact is a potential crash/crash-like denial of service; fix is committed and will be in TensorFlow 2.5.0 ...