Lucene search
K

7035 matches found

PyPA
PyPA
•added 2020/09/25 7:15 p.m.•10 views

PYSEC-2020-308

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of dlpack.todlpack can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing ...

7.1CVSS7.1AI score0.00681EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-115

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

4.3CVSS6.7AI score0.00684EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-118

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

8.8CVSS7.2AI score0.00938EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•8 views

PYSEC-2020-121

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

5.8CVSS6.9AI score0.00537EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-125

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...

9CVSS6.9AI score0.01235EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•9 views

PYSEC-2020-127

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS7.1AI score0.00903EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-272

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

4.3CVSS6.7AI score0.00684EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•7 views

PYSEC-2020-277

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...

6.3CVSS6.9AI score0.0072EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-278

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

5.8CVSS6.9AI score0.00537EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•8 views

PYSEC-2020-282

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...

9CVSS6.9AI score0.01235EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•7 views

PYSEC-2020-310

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

8.8CVSS7.2AI score0.00938EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-312

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...

6.3CVSS6.9AI score0.0072EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-313

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has the same shape as the values one. The values in these tensors are always accessed...

5.8CVSS6.9AI score0.00537EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-324

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•8 views

PYSEC-2020-120

In Tensorflow before version 2.3.1, the SparseCountSparseOutput implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the indices tensor has rank 2. This tensor must be a matrix because code assumes its elements are access...

6.3CVSS6.9AI score0.0072EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•10 views

PYSEC-2020-129

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...

9CVSS7AI score0.00944EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•7 views

PYSEC-2020-132

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•8 views

PYSEC-2020-275

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of SparseFillEmptyRowsGrad uses a double indexing pattern. It is possible for reverseindexmapi to be an index outside of bounds of gradvalues, thus resulting in a heap buffer overflow. The issue is patched in...

8.8CVSS7.2AI score0.00938EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•10 views

PYSEC-2020-284

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS7.1AI score0.00903EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-286

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...

9CVSS7AI score0.00944EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-289

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a nullptr buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one...

5.9CVSS6.9AI score0.008EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•7 views

PYSEC-2020-307

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to dlpack.todlpack there is a memory leak following an expected validation failure. The issue occurs because the status argument during validation failures is not properly checked. Since each of the above methods ca...

4.3CVSS6.7AI score0.00684EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•6 views

PYSEC-2020-317

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the Shard API in TensorFlow expects the last argument to be a function taking two int64 i.e., long long arguments. However, there are several places in TensorFlow where a lambda taking int or int32 arguments is being used. In...

9CVSS6.9AI score0.01235EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•7 views

PYSEC-2020-321

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...

9CVSS7AI score0.00944EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•5 views

PYSEC-2020-136

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...

4.3CVSS6.7AI score0.00632EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•7 views

PYSEC-2020-316

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Hence, the code is...

6.8CVSS7.4AI score0.00563EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•7 views

PYSEC-2020-328

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimensionality of output tensor,...

4.3CVSS6.7AI score0.00632EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•8 views

PYSEC-2020-123

In Tensorflow before version 2.3.1, the RaggedCountSparseOutput implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the splits tensor generate a valid partitioning of the values tensor. Thus, the code sets ...

5.9CVSS7.2AI score0.00844EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•7 views

PYSEC-2020-137

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the...

8.1CVSS6.9AI score0.00556EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/25 7:15 p.m.•8 views

PYSEC-2020-319

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling tf.rawops.GetSessionHandle or tf.rawops.GetSessionHandleV2 results in a null pointer dereference In linked snippet, in eager mode, ctx-sessionstate returns nullptr. Since...

5.3CVSS7.1AI score0.00903EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/09/23 1:15 p.m.•6 views

PYSEC-2020-209

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disablegpgcheck is set to False, which is the default behavior. This flaw...

7.1CVSS7.2AI score0.00233EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/09/22 8:15 a.m.•8 views

PYSEC-2020-227

All versions of package cabot are vulnerable to Cross-site Scripting XSS via the Endpoint column...

8.2CVSS6.5AI score0.01266EPSS
Exploits1References5Affected Software1
PyPA
PyPA
•added 2020/09/17 6:15 p.m.•53 views

PYSEC-2020-93

A heap overflow in Sqreen PyMiniRacer aka Python Mini Racer before 0.3.0 allows remote attackers to potentially exploit heap corruption...

9.8CVSS7.3AI score0.02498EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/17 2:15 p.m.•6 views

PYSEC-2020-19

In Apache Airflow 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit...

6.1CVSS6.4AI score0.25076EPSS
Exploits0References10Affected Software1
PyPA
PyPA
•added 2020/09/17 1:15 p.m.•5 views

PYSEC-2020-222

While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests via a number of templated text fields in the product that would allow arbitrary access to Python’s os package in the web application process in versions 0.37.1. It was thus...

8.8CVSS7.1AI score0.03076EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/09/15 10:15 a.m.•6 views

PYSEC-2020-29

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli...

6.5CVSS7.3AI score0.03217EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added 2020/09/11 6:15 p.m.•8 views

PYSEC-2020-3

An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, where sensitive data is exposed to content and json output. This flaw allows an attacker to access the logs or outputs of performed tasks to read keys used in playbooks from other users within the uri...

5.5CVSS6.5AI score0.00568EPSS
Exploits1References3Affected Software1
PyPA
PyPA
•added 2020/09/11 6:15 p.m.•5 views

PYSEC-2020-4

A flaw was found in the Ansible Engine when using moduleargs. Tasks executed with check mode --check-mode do not properly neutralize sensitive data exposed in the event data. This flaw allows unauthorized users to read this data. The highest threat from this vulnerability is to confidentiality...

5.5CVSS6.3AI score0.00407EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/09/09 6:15 p.m.•9 views

PYSEC-2020-145

Python TUF The Update Framework reference implementation before version 0.12 it will incorrectly trust a previously downloaded root metadata file which failed verification at download time. This allows an attacker who is able to serve multiple new versions of root metadata i.e. by a...

8.7CVSS6.9AI score0.00553EPSS
Exploits0References5Affected Software1
PyPA
PyPA
•added 2020/09/04 8:15 p.m.•6 views

PYSEC-2020-173

The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorizedkeys file. This occurs in downloadhttpurl in internal/download.py...

7.5CVSS9AI score0.03028EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2020/09/01 1:15 p.m.•6 views

PYSEC-2020-33

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. FILEUPLOADDIRECTORYPERMISSIONS mode was not applied to intermediate-level directories created in the process of uploading files. It was also not applied to intermediate-level...

7.5CVSS6.9AI score0.03969EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added 2020/09/01 1:15 p.m.•7 views

PYSEC-2020-34

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 when Python 3.7+ is used. The intermediate-level directories of the filesystem cache had the system's standard umask rather than 0o077...

7.5CVSS6.9AI score0.0327EPSS
Exploits0References12Affected Software1
PyPA
PyPA
•added 2020/08/31 4:15 a.m.•6 views

PYSEC-2020-43

An issue was discovered in Flask-CORS aka CORS Middleware for Flask before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format...

7.5CVSS6.9AI score0.04017EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2020/08/27 10:15 p.m.•8 views

PYSEC-2020-252

The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName...

9.8CVSS7.1AI score0.00759EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2020/08/27 10:15 p.m.•8 views

PYSEC-2020-251

The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, the openssl binary is called without the -verifyhostname option...

9.8CVSS7AI score0.00951EPSS
Exploits1References2Affected Software1
PyPA
PyPA
•added 2020/08/26 7:15 p.m.•7 views

PYSEC-2020-243

An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths ...

8.3CVSS7.1AI score0.01715EPSS
Exploits1References4Affected Software1
PyPA
PyPA
•added 2020/08/26 3:15 a.m.•8 views

PYSEC-2020-161

A flaw was found in the solariszone module from the Ansible Community modules. When setting the name for the zone on the Solaris host, the zone name is checked by listing the process with the 'ps' bare command on the remote machine. An attacker could take advantage of this flaw by crafting the na...

7.3CVSS7.1AI score0.00418EPSS
Exploits0References4Affected Software1
PyPA
PyPA
•added 2020/08/21 6:15 p.m.•9 views

PYSEC-2020-266

Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execution vulnerability in the Streams module. This exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit, it's possible to...

8.5CVSS7.5AI score0.02037EPSS
Exploits0References3Affected Software1
PyPA
PyPA
•added 2020/08/21 5:15 p.m.•10 views

PYSEC-2020-265

In Red Discord Bot before version 3.3.11, a RCE exploit has been discovered in the Trivia module: this exploit allows Discord users with specifically crafted usernames to inject code into the Trivia module's leaderboard command. By abusing this exploit, it's possible to perform destructive action...

9.6CVSS7AI score0.00923EPSS
Exploits0References2Affected Software1
PyPA
PyPA
•added 2020/08/14 5:15 p.m.•8 views

PYSEC-2020-71

In openapi-python-client before version 0.5.3, clients generated with a maliciously crafted OpenAPI Document can generate arbitrary Python code. Subsequent execution of this malicious client is arbitrary code execution...

9CVSS7.6AI score0.0158EPSS
Exploits0References4Affected Software1
Total number of security vulnerabilities7035