20 matches found
EUVD-2021-0293
Malware in sbrugna...
CVE-2021-29552
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...
BIT-TENSORFLOW-2021-29552 CHECK-failure in `UnsortedSegmentJoin`
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...
BIT-TENSORFLOW-2022-29204 Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...
SUSE CVE-2022-29197
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...
Missing validation causes denial of service via `UnsortedSegmentJoin`
Impact The implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack: python import tensorflow as tf tf.rawops.UnsortedSegmentJoin inputs=tf.constant"this", shape=12,...
Google TensorFlow Denial of Service Vulnerability (CNVD-2022-44170)
Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4 due to a vulnerability in tf.rawops. UnsortedSegmentJoin has incomplete validation of the input parameters. An attacker could use this...
Google TensorFlow Input Validation Error Vulnerability (CNVD-2022-44175)
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from the fact that tf.rawops.UnsortedSegmentJoin does not fully validat...
CVE-2022-29204 Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...
Stack overflow
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...
CVE-2022-29197
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...
CVE-2022-29197 Missing validation causes denial of service in TensorFlow via `UnsortedSegmentJoin`
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack. T...
Google TensorFlow 输入验证错误漏洞
Google TensorFlow, an end-to-end open source platform for machine learning from Google, Inc. is vulnerable in versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4 due to a vulnerability in tf.rawops. UnsortedSegmentJoin has incomplete validation of the input parameters. An attacker could use this...
Google TensorFlow输入验证错误漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. An input validation error vulnerability exists in TensorFlow versions prior to 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which stems from the fact that tf.rawops.UnsortedSegmentJoin does not fully validat...
CHECK-failure in `UnsortedSegmentJoin`
Impact An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin: python import tensorflow as tf inputs = tf.constant, dtype=tf.string segmentids = tf.constant, dtype=tf.int32 numsegments = tf.constant, dtype=tf.int32 separator = ''...
PYSEC-2021-678
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...
PYSEC-2021-189
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...
Code injection
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of numsegments tensor argument for UnsortedSegmentJoin. This is because the...
CVE-2021-29552
TensorFlow vulnerability CVE-2021-29552 is a denial-of-service in UnsortedSegmentJoin caused by an out-of-bounds CHECK on an empty num_segments scalar. Affected TF versions include those in the 2.1.x–2.5.x range; the issue stems from treating num_segments as a valid scalar and failing when the te...
Google TensorFlow 安全漏洞
Google TensorFlow is a suite of end-to-end open source platforms for machine learning from Google USA. A security vulnerability exists in Google TensorFlow 2.4.2, 2.3.3, 2.2.3, 2.1.4, which can be exploited by an attacker to cause a denial of service by controlling the value of the num segments...