Lucene search
K

7035 matches found

PyPA
PyPA
•added 2 days ago•4 views

TensorFlow has Null Pointer Error in LookupTableImportV2

ImpactThe function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE.pythonimport tensorflow as tfv = [email protected]=Truedef test: func = tf.rawops.LookupTableImportV2 para='tablehandle': v.handle,'keys': 62.98910140991211,...

7.5CVSS6.6AI score0.00358EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

TensorFlow has segmentation fault in tfg-translate

ImpactOut-of-bounds access due to mismatched integer type sizes in ValueMap::Manager::GetValueOrCreatePlaceholder. Bug with tfg-translate call to InitMlir. The problem happens with generic functions, as it is already handled for non-generic functions. This is because they, unlike non-generic...

7.5CVSS6.6AI score0.00516EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow has Null Pointer Error in RandomShuffle with XLA enable

ImpactNPE in RandomShuffle with XLA enable pythonimport tensorflow as tffunc = tf.rawops.RandomShufflepara = 'value': 1e+20, 'seed': -4294967297, 'seed2': [email protected]=Truedef test: y = funcpara return ytest PatchesWe have patched the issue in GitHub commit...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow has Null Pointer Error in RandomShuffle with XLA enable

ImpactNPE in RandomShuffle with XLA enable pythonimport tensorflow as tffunc = tf.rawops.RandomShufflepara = 'value': 1e+20, 'seed': -4294967297, 'seed2': [email protected]=Truedef test: y = funcpara return ytest PatchesWe have patched the issue in GitHub commit...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize

ImpactNPE in QuantizedMatMulWithBiasAndDequantize with MKL enable pythonimport tensorflow as tffunc = tf.rawops.QuantizedMatMulWithBiasAndDequantizepara='a': tf.constant138, dtype=tf.quint8, 'b': tf.constant4, dtype=tf.qint8, 'bias': 31.81644630432129, 47.21876525878906, 109.95201110839844,...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•1 views

TensorFlow has Segfault in Bincount with XLA

ImpactWhen running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor.pythonimport tensorflow as tffunc = tf.rawops.Bincountpara='arr': 6, 'size': 804, 'weights': 52, [email protected]=Truedef fuzzjit...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow has Null Pointer Error in LookupTableImportV2

ImpactThe function tf.rawops.LookupTableImportV2 cannot handle scalars in the values parameter and gives an NPE.pythonimport tensorflow as tfv = [email protected]=Truedef test: func = tf.rawops.LookupTableImportV2 para='tablehandle': v.handle,'keys': 62.98910140991211,...

7.5CVSS6.6AI score0.00358EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow has Floating Point Exception in TFLite in conv kernel

ImpactConstructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. PatchesWe have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa.The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1. For...

7.5CVSS6.7AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow has Segfault in Bincount with XLA

ImpactWhen running with XLA, tf.rawops.Bincount segfaults when given a parameter weights that is neither the same shape as parameter arr nor a length-0 tensor.pythonimport tensorflow as tffunc = tf.rawops.Bincountpara='arr': 6, 'size': 804, 'weights': 52, [email protected]=Truedef fuzzjit...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow has double free in Fractional(Max/Avg)Pool

Impactnnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported.pythonimport tensorflow as tfimport osimport numpy as npfrom tensorflow.python.ops...

8CVSS6.7AI score0.00148EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•2 views

TensorFlow has null dereference on ParallelConcat with XLA

ImpactWhen running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero.pythonimport tensorflow as tffunc = tf.rawops.ParallelConcatpara = 'shape': 0, 'values': [email protected]=Truedef test: y = funcpa...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

TensorFlow has Floating Point Exception in TFLite in conv kernel

ImpactConstructing a tflite model with a paramater filterinputchannel of less than 1 gives a FPE. PatchesWe have patched the issue in GitHub commit 34f8368c535253f5c9cb3a303297743b62442aaa.The fix will be included in TensorFlow 2.12. We will also cherrypick this commit on TensorFlow 2.11.1. For...

7.5CVSS6.7AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

TensorFlow has null dereference on ParallelConcat with XLA

ImpactWhen running with XLA, tf.rawops.ParallelConcat segfaults with a nullptr dereference when given a parameter shape with rank that is not greater than zero.pythonimport tensorflow as tffunc = tf.rawops.ParallelConcatpara = 'shape': 0, 'values': [email protected]=Truedef test: y = funcpa...

7.5CVSS6.6AI score0.00391EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow has double free in Fractional(Max/Avg)Pool

Impactnnops.fractionalavgpoolv2 and nnops.fractionalmaxpoolv2 require the first and fourth elements of their parameter poolingratio to be equal to 1.0, as pooling on batch and channel dimensions is not supported.pythonimport tensorflow as tfimport osimport numpy as npfrom tensorflow.python.ops...

8CVSS6.7AI score0.00148EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

ImpactOut of bounds read in GRUBlockCellGradpythonfunc = tf.rawops.GRUBlockCellGradpara = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3, 0....

7.5CVSS6.9AI score0.00383EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•5 views

TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad

ImpactOut of bounds read in GRUBlockCellGradpythonfunc = tf.rawops.GRUBlockCellGradpara = 'x': 21.1, 156.2, 83.3, 115.4, 'hprev': array136.5, 136.6, 'wru': array26.7, 0.8, 47.9, 26.1, 26.2, 26.3, 'wc': array 0.4, 31.5, 0.6, 'bru': array0.1, 0.2 , dtype=float32, 'bc': 0x41414141, 'r': array0.3, 0....

7.5CVSS6.9AI score0.00383EPSS
Exploits0References6Affected Software1
PyPA
PyPA
•added 2 days ago•5 views

Tensorflow vulnerable to Out-of-Bounds Read

ImpactWhen the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs.pythontf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 PatchesWe have...

9.1CVSS7AI score0.0038EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•2 views

Tensorflow vulnerable to Out-of-Bounds Read

ImpactWhen the BaseCandidateSamplerOp function receives a value in trueclasses larger than rangemax, a heap oob vuln occurs.pythontf.rawops.ThreadUnsafeUnigramCandidateSampler trueclasses=0x100000,1, numtrue = 2, numsampled = 2, unique = False, rangemax = 2, seed = 2, seed2 = 2 PatchesWe have...

9.1CVSS7AI score0.0038EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

Invalid char to bool conversion when printing a tensor

ImpactWhen printing a tensor, we get it's data as a const char array since that's the underlying storage and then we typecast it to the element type. However, conversions from char to bool are undefined if the char is not 0 or 1, so sanitizers/fuzzers will crash. PatchesWe have patched the issue ...

7.5CVSS7AI score0.00389EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2 days ago•6 views

OpenStack Cinder, glance, and Nova vulnerable to Path Traversal

An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, a...

5.7CVSS6.7AI score0.01025EPSS
Exploits1References11Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

OpenStack Cinder, glance, and Nova vulnerable to Path Traversal

An issue was discovered in OpenStack Cinder before 19.1.2, 20.x before 20.0.2, and 21.0.0; Glance before 23.0.1, 24.x before 24.1.1, and 25.0.0; and Nova before 24.1.2, 25.x before 25.0.2, and 26.0.0. By supplying a specially created VMDK flat image that references a specific backing file path, a...

5.7CVSS6.7AI score0.01025EPSS
Exploits1References11Affected Software1
PyPA
PyPA
•added 2 days ago•2 views

Heap overflow in `QuantizeAndDequantizeV2`

ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.pythonimport tensorflow as [email protected] test:...

9.1CVSS7AI score0.00401EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

Heap overflow in `QuantizeAndDequantizeV2`

ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.pythonimport tensorflow as [email protected] test:...

9.1CVSS7AI score0.00401EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2 days ago•5 views

`CHECK_EQ` fail via input in `SparseMatrixNNZ`

ImpactAn input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ.pythonimport tensorflow as tftf.rawops.SparseMatrixNNZsparsematrix= PatchesWe have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693.The fix...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

Overflow in `ResizeNearestNeighborGrad`

ImpactWhen tf.rawops.ResizeNearestNeighborGrad is given a large size input, it overflows.import tensorflow as tfaligncorners = Truehalfpixelcenters = Falsegrads = tf.constant1, shape=1,8,16,3, dtype=tf.float16size = tf.constant1879048192,1879048192, shape=2,...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

Out of bounds write in grappler in Tensorflow

ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. PatchesWe have patched the issue in GitHub commit...

9.1CVSS7AI score0.00449EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2 days ago•2 views

Segfault in `CompositeTensorVariantToComponents`

ImpactAn input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents.pythonimport tensorflow as tfencode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2meta=...

7.5CVSS6.9AI score0.0049EPSS
Exploits1References8Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

`CHECK` fail via inputs in `PyFunc`

ImpactAn input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc.pythonimport tensorflow as tfvalue = tf.constantvalue=1,2token = b'\xb0'dataType = tf.int32tf.rawops.PyFuncinput=value,token=token,Tout=dataType PatchesWe have patched the issue in GitHub commit...

7.5CVSS6.9AI score0.0045EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

Overflow in `ResizeNearestNeighborGrad`

ImpactWhen tf.rawops.ResizeNearestNeighborGrad is given a large size input, it overflows.import tensorflow as tfaligncorners = Truehalfpixelcenters = Falsegrads = tf.constant1, shape=1,8,16,3, dtype=tf.float16size = tf.constant1879048192,1879048192, shape=2,...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

Segfault in `CompositeTensorVariantToComponents`

ImpactAn input encoded that is not a valid CompositeTensorVariant tensor will trigger a segfault in tf.rawops.CompositeTensorVariantToComponents.pythonimport tensorflow as tfencode = tf.rawops.EmptyTensorListelementdtype=tf.int32, elementshape=10, 15, maxnumelements=2meta=...

7.5CVSS6.9AI score0.0049EPSS
Exploits1References8Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

`CHECK` fail via inputs in `PyFunc`

ImpactAn input token that is not a UTF-8 bytestring will trigger a CHECK fail in tf.rawops.PyFunc.pythonimport tensorflow as tfvalue = tf.constantvalue=1,2token = b'\xb0'dataType = tf.int32tf.rawops.PyFuncinput=value,token=token,Tout=dataType PatchesWe have patched the issue in GitHub commit...

7.5CVSS6.9AI score0.0045EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•6 views

Out of bounds write in grappler in Tensorflow

ImpactThe function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. PatchesWe have patched the issue in GitHub commit...

9.1CVSS7AI score0.00449EPSS
Exploits0References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess

ImpactAn input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. PatchesWe have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48.The fix will be included in TensorFlow 2.11.0. We will also cherry...

9.8CVSS7AI score0.00579EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`

ImpactIf SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None PatchesWe have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8.The fix will be included...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

`CHECK` fail via inputs in `SdcaOptimizer`

ImpactInputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer.pythonimport tensorflow as tftf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

`CHECK` fail via inputs in `SparseFillEmptyRowsGrad`

ImpactIf SparseFillEmptyRowsGrad is given empty inputs, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.SparseFillEmptyRowsGrad reverseindexmap=, gradvalues=, name=None PatchesWe have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8.The fix will be included...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess

ImpactAn input poolingratio that is smaller than 1 will trigger a heap OOB in tf.rawops.FractionalMaxPool and tf.rawops.FractionalAvgPool. PatchesWe have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48.The fix will be included in TensorFlow 2.11.0. We will also cherry...

9.8CVSS7AI score0.00579EPSS
Exploits1References6Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

`CHECK_EQ` fail via input in `SparseMatrixNNZ`

ImpactAn input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ.pythonimport tensorflow as tftf.rawops.SparseMatrixNNZsparsematrix= PatchesWe have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693.The fix...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•6 views

`CHECK` fail via inputs in `SdcaOptimizer`

ImpactInputs densefeatures or examplestatedata not of rank 2 will trigger a CHECK fail in SdcaOptimizer.pythonimport tensorflow as tftf.rawops.SdcaOptimizer sparseexampleindices=4 tf.random.uniform5,5,5,3, dtype=tf.dtypes.int64, maxval=100, sparsefeatureindices=4 tf.random.uniform5,5,5,3,...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

`MirrorPadGrad` heap out of bounds read

ImpactIf MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error.pythonimport tensorflow as tftf.rawops.MirrorPadGradinput=1, paddings=0x77f00000,0xa000000, mode = 'REFLECT' PatchesWe have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92.The...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

`FractionalMaxPoolGrad` Heap out of bounds read

ImpactIf FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

`tf.raw_ops.Mfcc` crashes

ImpactIf ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`

ImpactIf tf.rawops.TensorListResize is given a nonscalar value for input size, it results CHECK fail which can be used to trigger a denial of service attack.pythonimport numpy as npimport tensorflow as tfa = datastructures.tftensorlistnewelements = tf.constantvalue=3, 4, 5b = np.zeros0, 2, 3,...

7.5CVSS6.9AI score0.00439EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

Segfault in `tf.raw_ops.TensorListConcat`

ImpactIf tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack.pythonimport tensorflow as tftf.rawops.TensorListConcat inputhandle=tf.data.experimental.tovarianttf.data.Dataset.fromtensorslices1, 2, 3,...

7.5CVSS6.9AI score0.0043EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•5 views

`CHECK_EQ` fail in `tf.raw_ops.TensorListResize`

ImpactIf tf.rawops.TensorListResize is given a nonscalar value for input size, it results CHECK fail which can be used to trigger a denial of service attack.pythonimport numpy as npimport tensorflow as tfa = datastructures.tftensorlistnewelements = tf.constantvalue=3, 4, 5b = np.zeros0, 2, 3,...

7.5CVSS6.9AI score0.00439EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•3 views

Segfault in `tf.raw_ops.TensorListConcat`

ImpactIf tf.rawops.TensorListConcat is given elementshape=, it results segmentation fault which can be used to trigger a denial of service attack.pythonimport tensorflow as tftf.rawops.TensorListConcat inputhandle=tf.data.experimental.tovarianttf.data.Dataset.fromtensorslices1, 2, 3,...

7.5CVSS6.9AI score0.0043EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•5 views

`tf.raw_ops.Mfcc` crashes

ImpactIf ThreadUnsafeUnigramCandidateSampler is given input filterbankchannelcount greater than the allowed max size, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.Mfcc spectrogram = 1.38, 6.32, 5.75, 9.51, samplerate = 2, upperfrequencylimit = 5.0, lowerfrequencylimit = 1.0,...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•5 views

`MirrorPadGrad` heap out of bounds read

ImpactIf MirrorPadGrad is given outsize input paddings, TensorFlow will give a heap OOB error.pythonimport tensorflow as tftf.rawops.MirrorPadGradinput=1, paddings=0x77f00000,0xa000000, mode = 'REFLECT' PatchesWe have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92.The...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

`FractionalMaxPoolGrad` Heap out of bounds read

ImpactIf FractionMaxPoolGrad is given outsize inputs rowpoolingsequence and colpoolingsequence, TensorFlow will crash.pythonimport tensorflow as tftf.rawops.FractionMaxPoolGrad originput = 1, 1, 1, 1, 1, origoutput = 1, 1, 1, outbackprop = 3, 3, 6, rowpoolingsequence = -0x4000000, 1, 1,...

7.5CVSS6.9AI score0.0044EPSS
Exploits1References7Affected Software1
PyPA
PyPA
•added 2 days ago•4 views

Segfault via invalid attributes in `pywrap_tfe_src.cc`

ImpactIf a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a nullptr, which is not caught. An example can be seen in tf.compat.v1.extractvolumepatches by passing in quantized tensors as input ksizes.pythonimport numpy as npimport...

7.5CVSS7AI score0.00404EPSS
Exploits1References7Affected Software1
Total number of security vulnerabilities7035