Lucene search
K
PypaMost viewed

5616 matches found

PyPA
PyPA
added yesterday3 views

`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`

ImpactIf SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None PatchesWe have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8.The fix will be included...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Cross-site Scripting in kiwitcms

A stored XSS in a kiwi Test Plan can run malicious javascript which could be chained with an HTML injection to perform a UI redressing attack clickjacking and an HTML injection which disables the use of the history page...

7.1CVSS6.7AI score0.00454EPSS
Exploits1References5Affected Software1
PyPA
PyPA
added yesterday3 views

`MirrorPadGrad` heap out of bounds read

ImpactIf MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error.pythonimport tensorflow as tftf.rawops.MirrorPadGradinput=1, paddings=0x77f00000,0xa000000, mode = 'REFLECT' PatchesWe have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92.The...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

`tf.raw_ops.Mfcc` crashes

ImpactIf ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

`CHECK` fail via inputs in `SdcaOptimizer`

ImpactInputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer.pythonimport tensorflow as tftf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

`CHECK_EQ` fail via input in `SparseMatrixNNZ`

ImpactAn input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ.pythonimport tensorflow as tftf.rawops.SparseMatrixNNZsparsematrix= PatchesWe have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693.The fix...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Out of bounds write in grappler in Tensorflow

ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. PatchesWe have patched the issue in GitHub commit...

9.1CVSS7.2AI score0.00449EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

Heap overflow in `QuantizeAndDequantizeV2`

ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.pythonimport tensorflow as [email protected] test:...

9.1CVSS7.2AI score0.00401EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

Segfault in `CompositeTensorVariantToComponents`

ImpactAn input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents.pythonimport tensorflow as tfencode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2meta=...

7.5CVSS7AI score0.0049EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday3 views

`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`

ImpactIf tf.rawops.TensorListResize is given a nonscalar value for input size, it results CHECK fail which can be used to trigger a denial of service attack.pythonimport numpy as npimport tensorflow as tfa = datastructures.tftensorlistnewelements = tf.constantvalue=3, 4, 5b = np.zeros0, 2, 3,...

7.5CVSS7AI score0.00439EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

`CHECK` fail via inputs in `PyFunc`

ImpactAn input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc.pythonimport tensorflow as tfvalue = tf.constantvalue=1,2token = b'\xb0'dataType = tf.int32tf.rawops.PyFuncinput=value,token=token,Tout=dataType PatchesWe have patched the issue in GitHub commit...

7.5CVSS7AI score0.0045EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Overflow in `ResizeNearestNeighborGrad`

ImpactWhen tf.rawops.ResizeNearestNeighborGrad is given a large size input, it overflows.import tensorflow as tfaligncorners = Truehalfpixelcenters = Falsegrads = tf.constant1, shape=1,8,16,3, dtype=tf.float16size = tf.constant1879048192,1879048192, shape=2,...

7.5CVSS7AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Seg fault in `ndarray_tensor_bridge` due to zero and large inputs

ImpactIf a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. E.g. the following raises an error:pythonnp.ones0, 231, 231An example of a proof of concept:pythonimport numpy as npimport tensorflow as tfinputval =...

7.5CVSS6.9AI score0.0033EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Lin CMS vulnerable to Improper Authentication

An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator...

6.6CVSS6.7AI score0.01016EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Out of bounds segmentation fault due to unequal op inputs in Tensorflow

Impact tf.rawops.DynamicStitch specifies input sizes when it is registered. cppREGISTEROP"DynamicStitch" .Input"indices: N int32" .Input"data: N T" .Output"merged: T" .Attr"N : int = 1" .Attr"T : type" .SetShapeFnDynamicStitchShapeFunction;When it receives a differing number of inputs, such as wh...

7.5CVSS7AI score0.0035EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday3 views

Overflow in `ImageProjectiveTransformV2`

ImpactWhen tf.rawops.ImageProjectiveTransformV2 is given a large output shape, it overflows.pythonimport tensorflow as tfinterpolation = "BILINEAR"fillmode = "REFLECT"images = tf.constant0.184634328, shape=2,5,8,3, dtype=tf.float32transforms = tf.constant0.378575385, shape=2,8,...

7.5CVSS7AI score0.0043EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Segfault in `tf.raw_ops.TensorListConcat`

ImpactIf tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack.pythonimport tensorflow as tftf.rawops.TensorListConcat inputhandle=tf.data.experimental.tovarianttf.data.Dataset.fromtensorslices1, 2, 3,...

7.5CVSS7AI score0.0043EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Overflow in `FusedResizeAndPadConv2D`

ImpactWhen tf.rawops.FusedResizeAndPadConv2D is given a large tensor shape, it overflows.pythonimport tensorflow as tfmode = "REFLECT"strides = 1, 1, 1, 1padding = "SAME"resizealigncorners = Falseinput = tf.constant147, shape=3,3,1,1, dtype=tf.float16size = tf.constant1879048192,1879048192,...

7.5CVSS6.9AI score0.0043EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

`CHECK` fail in `BCast` overflow

ImpactIf BCast::ToShape is given input larger than an int32, it will crash, despite being supposed to handle up to an int64. An example can be seen in tf.experimental.numpy.outer by passing in large input to the input b.pythonimport tensorflow as tfvalue = tf.constantshape=2, 1024, 1024, 1024,...

7.5CVSS6.9AI score0.00439EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Segfault via invalid attributes in `pywrap_tfe_src.cc`

ImpactIf a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors as input ksizes.pythonimport numpy as npimport...

7.5CVSS7AI score0.00404EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

FPE in `tf.image.generate_bounding_box_proposals`

ImpactWhen running on GPU, tf.image.generateboundingboxproposals receives a scores input that must be of rank 4 but is not checked.pythonimport tensorflow as tfa = tf.constantvalue=1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0, 1.0b =...

7.5CVSS7AI score0.00439EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)

An exponential ReDoS Regular Expression Denial of Service can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the getfiletransfertype method...

7.5CVSS7.2AI score0.00816EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday3 views

Overflow in `tf.keras.losses.poisson`

Impacttf.keras.losses.poisson receives a ypred and ytrue that are passed through functor::mul in BinaryOp. If the resulting dimensions overflow an int32, TensorFlow will crash due to a size mismatch during broadcast assignment.pythonimport numpy as npimport tensorflow as tftruevalue =...

7.5CVSS7AI score0.0044EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday3 views

pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)

An exponential ReDoS Regular Expression Denial of Service can be triggered in the pymatgen PyPI package, when an attacker is able to supply arbitrary input to the GaussianInput.fromstring method...

7.5CVSS7.2AI score0.00816EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday3 views

Apache Pulsar Disabled Certificate Validation for OAuth Client Credential Requests makes C++/Python Clients vulnerable to MITM attack

The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an attacker to perform a man in the middle attack and intercept and/or...

8.1CVSS7.2AI score0.00704EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

Inventree vulnerable to Stored Cross-site Scripting

Inventree prior to 0.8.3 is vulnerable to stored cross-site scripting by uploading SVG files. Version 0.8.3 contains a patch for this issue...

8.2CVSS6.6AI score0.00601EPSS
Exploits1References7Affected Software1
PyPA
PyPA
added yesterday3 views

When matrix-nio receives forwarded room keys, the receiver doesn't check if it requested the key from the forwarder

When matrix-nio before 0.20 requests a room key from our devices, it correctly accepts key forwards only if they are a response to a previous request. However, it doesn't check that the device that responded matches the device the key was requested from.This allows a malicious homeserver to inser...

8.6CVSS6.9AI score0.00555EPSS
Exploits0References6Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices`

ImpactIf Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tffilename = tf.constant""tensornames = tf.constant"" Savedata = tf.casttf.random.uniformshape=1, minval=-10000,...

7.5CVSS7AI score0.00396EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal`

ImpactParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tfseed = 1618seed2 = 0shape = tf.random.uniformshape=3, minval=-10000,...

7.5CVSS7AI score0.00396EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

Flask-Security vulnerable to Open Redirect

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\\evil.com/path. This vulnerability is only...

6.1CVSS6.7AI score0.00895EPSS
Exploits1References6Affected Software1
PyPA
PyPA
added yesterday3 views

Twisted vulnerable to NameVirtualHost Host header injection

When the host header does not match a configured host, twisted.web.vhost.NameVirtualHost will return a NoResource resource which renders the Host header unescaped into the 404 response allowing HTML and script injection.Example configuration:pythonfrom twisted.web.server import Sitefrom...

5.4CVSS6.5AI score0.01156EPSS
Exploits1References10Affected Software1
PyPA
PyPA
added yesterday3 views

jwcrypto token substitution can lead to authentication bypass

The JWT code can auto-detect the type of token being provided, and this can lead the application to incorrect conclusions about the trustworthiness of the token.Quoting the private disclosure we received : "Under certain circumstances, it is possible to substitute a .. signed JWS with a JWE that ...

5.9AI score0.00435EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

Powerline Gitstatus vulnerable to arbitrary code execution

powerline-gitstatus aka Powerline Gitstatus before 1.3.2 allows arbitrary code execution. git repositories can contain per-repository configuration that changes the behavior of git, including running arbitrary commands. When using powerline-gitstatus, changing to a directory automatically runs gi...

7.8CVSS7.3AI score0.0042EPSS
Exploits1References8Affected Software1
PyPA
PyPA
added yesterday3 views

OpenStack Sushy-Tools and VirtualBMC Improper Preservation of Permissions

An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2. Changing the boot device configuration with these packages removes password protection from the managed libvirt XML domain. NOTE: this only affects an "unsupported, production-like configuration."...

5.5CVSS6.2AI score0.0022EPSS
Exploits0References10Affected Software1
PyPA
PyPA
added yesterday3 views

Ansible leaks password to logs

A flaw was found in Ansible in the amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to take advantage of this issue as the module is handling the parameter insecurely, leading to the password leaking in the logs...

7.5CVSS6.7AI score0.00712EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday3 views

protobuf-cpp and protobuf-python have potential Denial of Service issue

SummaryA message parsing and memory management vulnerability in ProtocolBuffer’s C++ and Python implementations can trigger an out of memory OOM failure when processing a specially crafted message, which could lead to a denial of service DoS on services using the libraries.Reporter:...

7.5CVSS6.8AI score0.01191EPSS
Exploits0References13Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to segfault in `SparseBincount`

ImpactIf SparseBincount is given inputs for indices, values, and denseshape that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfbinaryoutput = Trueindices = tf.random.uniformshape=, minval=-10000,...

7.5CVSS7AI score0.00423EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` fail in `tf.linalg.matrix_rank`

ImpactWhen tf.linalg.matrixrank receives an empty input a, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tfa = tf.constant, shape=0, 1, 1, dtype=tf.float32tf.linalg.matrixranka=a PatchesWe have patched the issue in GitHub commi...

7.5CVSS7AI score0.00405EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` fail in `MaxPool`

ImpactWhen MaxPool receives a window size input array ksize with dimensions greater than its input tensor input, the GPU kernel gives a CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as npinput = np.ones1, 1, 1, 1ksize = 1, 1, 2, 2strid...

7.5CVSS7AI score0.00396EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` fail in `Conv2DBackpropInput`

ImpactThe implementation of Conv2DBackpropInput requires inputsizes to be 4-dimensional. Otherwise, it gives a CHECK failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfstrides = 1, 1, 1, 1padding = "SAME"usecudnnongpu = Trueexplicitpaddings = dataformat =...

7.5CVSS7AI score0.00383EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` fail in `LRNGrad`

ImpactIf LRNGrad is given an outputimage input tensor that is not 4-D, it results in a CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tfdepthradius = 1bias = 1.59018219alpha = 0.117728651beta = 0.404427052inputgrads = tf.random.uniformshape=4, 4, 4, 4...

7.5CVSS7AI score0.00396EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to segfault in `QuantizedAdd`

ImpactIf QuantizedAdd is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfToutput = tf.qint32x = tf.constant140, shape=1, dtype=tf.quint8y = tf.constant26, shape=10, dtype=tf.quint8mi...

7.5CVSS7AI score0.00409EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` fail in `FractionalMaxPoolGrad`

ImpactFractionalMaxPoolGrad validates its inputs with CHECK failures instead of with returning errors. If it gets incorrectly sized inputs, the CHECK failure can be used to trigger a denial of service attack:pythonimport tensorflow as tfoverlapping = Trueoriginput = tf.constant.453409232,...

7.5CVSS7AI score0.00396EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to segfault in `RaggedBincount`

ImpactIf RaggedBincount is given an empty input tensor splits, it results in a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfbinaryoutput = Truesplits = tf.random.uniformshape=0, minval=-10000, maxval=10000, dtype=tf.int64, seed=-7430values =...

7.5CVSS7AI score0.00423EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to segfault in `QuantizedBiasAdd`

ImpactIf QuantizedBiasAdd is given mininput, maxinput, minbias, maxbias tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfouttype = tf.qint32input = tf.constant85,170,255, shape=3, dtype=tf.quint8bias =...

7.5CVSS6.9AI score0.00409EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` fail in `FakeQuantWithMinMaxVars`

ImpactIf FakeQuantWithMinMaxVars is given min or max tensors of a nonzero rank, it results in a CHECK fail that can be used to trigger a denial of service attack.pythonimport tensorflow as tfnumbits = 8narrowrange = Falseinputs = tf.constant0, shape=2,3, dtype=tf.float32min = tf.constant0,...

7.5CVSS7AI score0.00383EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` failure in `TensorListReserve` via missing validation

ImpactIn core/kernels/listkernels.cc's TensorListReserve, numelements is assumed to be a tensor of size 1. When a numelements of more than 1 element is provided, then tf.rawops.TensorListReserve fails the CHECKEQ in CheckIsAlignedAndSingleElement.pythonimport tensorflow as...

7.5CVSS7AI score0.00547EPSS
Exploits0References8Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to `CHECK` failures in `AvgPool3DGrad`

ImpactThe implementation of AvgPool3DGradOp does not fully validate the input originputshape. This results in an overflow that results in a CHECK failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfksize = 1, 1, 1, 1, 1strides = 1, 1, 1, 1, 1padding =...

7.5CVSS7AI score0.00383EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to segfault in `QuantizedAvgPool`

ImpactIf QuantizedAvgPool is given mininput or maxinput tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack.pythonimport tensorflow as tfksize = 1, 2, 2, 1strides = 1, 2, 2, 1padding = "SAME"input = tf.constant1, shape=1,4,4,2,...

7.5CVSS7AI score0.00409EPSS
Exploits0References7Affected Software1
PyPA
PyPA
added yesterday3 views

TensorFlow vulnerable to floating point exception in `Conv2D`

ImpactIf Conv2D is given empty input and the filter and padding sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack.pythonimport tensorflow as tfimport numpy as npwith tf.device"CPU": also can be...

7.5CVSS7AI score0.00396EPSS
Exploits0References7Affected Software1
Total number of security vulnerabilities5000