7044 matches found
Type confusion leading to `CHECK`-failure based denial of service in TensorFlow
ImpactThe macros that TensorFlow uses for writing assertions e.g., CHECKLT, CHECKGT, etc. have an incorrect logic when comparing sizet and int values. Due to type conversion rules, several of the macros would trigger incorrectly. PatchesWe have patched the issue in GitHub commit...
Access control issue in AlekSIS-Core
An access control issue in aleksis/core/util/authhelpers.py: ClientProtectedResourceMixin of AlekSIS-Core v2.8.1 and below allows attackers to access arbitrary scopes if no allowed scopes are specifically set...
Segfault if `tf.histogram_fixed_width` is called with NaN values in TensorFlow
ImpactThe implementation of tf.histogramfixedwidth is vulnerable to a crash when the values array contain NaN elements:pythonimport tensorflow as tfimport numpy as nptf.histogramfixedwidthvalues=np.nan, valuerange=1,2The implementation assumes that all floating point operations are defined and th...
Unrestricted Attachment Upload
ImpactInvenTree allows unrestricted upload of files as attachments to various database fields. Potentially dangerous files such as HTML files containing malicious javascript can be uploaded, and when opened by the user run the malicious code directly in the users browser.Note that the upload of...
CSV Injection in inventree
Improper Neutralization of Formula Elements in a CSV File in GitHub repository inventree/inventree prior to 0.7.2...
Heap buffer overflow due to incorrect hash function in TensorFlow
ImpactThe TensorKey hash function used total estimated AllocatedBytes, which a is an estimate per tensor, and b is a very poor hash function for constants e.g. int32t. It also tried to access individual tensor bytes through tensor.data of size AllocatedBytes. This led to ASAN failures because the...
Core dump when loading TFLite models with quantization in TensorFlow
ImpactCertain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling.Thus, since code was calling...
Code injection in `saved_model_cli` in TensorFlow
ImpactTensorFlow's savedmodelcli tool is vulnerable to a code injection:savedmodelcli run --inputexprs 'x=print"malicious code to run"' --dir ./--tagset serve --signaturedef servingdefaultThis can be used to open a reverse shell savedmodelcli run --inputexprs 'hello=exec"""\nimport...
Incomplete validation in signal ops leads to crashes in TensorFlow
ImpactThe tf.compat.v1.signal.rfft2d and tf.compat.v1.signal.rfft3d lack input validation and under certain condition can result in crashes due to CHECK-failures. Patches We have patched the issue in GitHub commit 0a8a781e597b18ead006d19b7d23d0a369e9ad73 merging GitHub PR 55274.The fix will be...
Segfault and OOB write due to incomplete validation in `EditDistance` in TensorFlow
ImpactThe implementation of tf.rawops.EditDistance has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service:pythonimport tensorflow as tfhypothesisindices = tf.constant-1250999896764, shape=3, 3, dtype=tf.int64 hypothesisvalues = tf.constant0...
Potential double free of buffer during string decoding
ImpactWhat kind of vulnerability is it? Who is impacted?When an error occurs while reallocating the buffer for string decoding, the buffer gets freed twice.Due to how UltraJSON uses the internal decoder, this double free is impossible to trigger from Python. PatchesHas the problem been patched?...
Missing validation crashes `QuantizeAndDequantizeV4Grad`
ImpactThe implementation of tf.rawops.QuantizeAndDequantizeV4Grad does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.rawops.QuantizeAndDequantizeV4Grad gradients=tf.constant1,...
Missing validation causes denial of service via `Conv3DBackpropFilterV2`
ImpactThe implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.strings.unsortedsegmentjoin inputs='123', segmentids=0, numsegments=-1The...
Missing validation causes denial of service via `SparseTensorToCSRSparseMatrix`
ImpactThe implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfindices = tf.constant53, shape=3, dtype=tf.int64values =...
Integer overflow in `SpaceToBatchND`
ImpactThe implementation of tf.rawops.SpaceToBatchND in all backends such as XLA and handwritten kernels is vulnerable to an integer overflow:pythonimport tensorflow as tfinput = tf.constant-3.5e+35, shape=10,19,22, dtype=tf.float32blockshape = tf.constant-1879048192, shape=2,...
Undefined behavior when users supply invalid resource handles
ImpactMultiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid:pythonimport tensorflow as tftf.rawops.QueueIsClosedV2handle=pythonimport tensorflow as tftf.summary.flushwriter= In graph mode, it would have been impossible to perform these API...
Missing validation causes denial of service via `LSTMBlockCell`
ImpactThe implementation of tf.rawops.LSTMBlockCell does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.rawops.LSTMBlockCell x=tf.constant0.837607, shape=28,29, dtype=tf.float32,...
Missing validation causes denial of service via `DeleteSessionTensor`
ImpactThe implementation of tf.rawops.DeleteSessionTensor does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfhandle = tf.constant"", shape=0,...
Segfault due to missing support for quantized types
ImpactThere is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types added after migration to TF 2.x:pythonimport numpy as npimport tensorflow as...
Denial of service in `tf.ragged.constant` due to lack of validation
ImpactThe implementation of tf.ragged.constant does not fully validate the input arguments. This results in a denial of service by consuming all available memory:pythonimport tensorflow as tftf.ragged.constantpylist=,raggedrank=8968073515812833920 PatchesWe have patched the issue in GitHub commit...
Missing validation causes denial of service via `UnsortedSegmentJoin`
ImpactThe implementation of tf.rawops.UnsortedSegmentJoin does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.rawops.UnsortedSegmentJoin inputs=tf.constant"this", shape=12,...
Missing validation causes denial of service via `StagePeek`
ImpactThe implementation of tf.rawops.StagePeek does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfindex = tf.constant, shape=0, dtype=tf.int32tf.rawops.StagePeekindex=index,...
Missing validation causes denial of service via `GetSessionTensor`
ImpactThe implementation of tf.rawops.GetSessionTensor does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfhandle = tf.constant"", shape=0,...
Missing validation causes denial of service via `Conv3DBackpropFilterV2`
ImpactThe implementation of tf.rawops.Conv3DBackpropFilterV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tftf.rawops.Conv3DBackpropFilterV2 input=tf.constant.5053710941,...
Missing validation results in undefined behavior in `QuantizedConv2D`
ImpactThe implementation of tf.rawops.QuantizedConv2D does not fully validate the input arguments:pythonimport tensorflow as tfinput = tf.constant1, shape=1, 2, 3, 3, dtype=tf.quint8filter = tf.constant1, shape=1, 2, 3, 3, dtype=tf.quint8 bad argsmininput = tf.constant, shape=0,...
Missing validation results in undefined behavior in `SparseTensorDenseAdd
ImpactThe implementation of tf.rawops.SparseTensorDenseAdd does not fully validate the input arguments:pythonimport tensorflow as tfaindices = tf.constant0, shape=17, 2, dtype=tf.int64avalues = tf.constant, shape=0, dtype=tf.float32ashape = tf.constant6, 12, shape=2, dtype=tf.int64b =...
Missing validation causes denial of service via `LoadAndRemapMatrix`
ImpactThe implementation of tf.rawops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport tensorflow as tfckptpath = tf.constant "/tmp/warmstartingutiltest5kl2a3pc/tmpph76tep2/model-0"...
aptdaemon Information Disclosure via Improper Input Validation in Transaction class
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an...
Pallets Werkzeug vulnerable to Path Traversal
In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names such as C: in Windows pathnames...
Mirumee Saleor CSRF Protection Disabled
In Mirumee Saleor 2.7.0 fixed in 2.8.0, CSRF protection middleware was accidentally disabled, which allowed attackers to send a POST request without a valid CSRF token and be accepted by the server...
Openstack cinder Improper handling of ScaleIO backend credentials
An insecure-credentials flaw was found in all openstack-cinder versions before openstack-cinder 14.1.0, all openstack-cinder 15.x.x versions before openstack-cinder 15.2.0 and all openstack-cinder 16.x.x versions before openstack-cinder 16.1.0. When using openstack-cinder with the Dell EMC ScaleI...
ClusterLabs crmsh vulnerable to shell code injection
An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call crm history when crm is run were able to execute commands via shell code injection to the crm history commandline, potentially allowing escalation of privileges...
PyDio Stored XSS Vulnerability
A stored XSS vulnerability exists in the web application of Pydio through 8.2.2 that can be exploited by levering the file upload and file preview features of the application. An authenticated attacker can upload an HTML file containing JavaScript code and afterwards a file preview URL can be use...
OpenStack Keystone allows information disclosure during account locking
OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking related to PCI DSS features. By guessing the name of an account and failing to authenticate multiple times, any unauthenticated...
wolfCrypt leaks cryptographic information via timing side channel
wolfSSL and wolfCrypt 4.0.0 and earlier when configured without --enable-fpecc, --enable-sp, or --enable-sp-math contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about th...
OpenStack Nova can leak consoleauth token into log files
An issue was discovered in OpenStack Nova before 18.2.4, 19.x before 19.1.0, and 20.x before 20.1.0. It can leak consoleauth tokens into log files. An attacker with read access to the service's logs may obtain tokens used for console access. All Nova setups using novncproxy are affected. This is...
Matrix Sydent mishandles emails
util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registration restrictions that are based on e-mail domain, if the allowedlocal3pids option is enabled. This occurs because of potentially unwanted behavior in Python, in which an email.utils.parseaddr call on...
Cobbler is vulnerable to code injection
templateapi.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other products, does not disable the ability of the Cheetah template engine to execute Python statements contained in templates, which allows remote authenticated administrators to execute arbitrary code via a...
Missing validation causes `TensorSummaryV2` to crash
ImpactThe implementation of tf.rawops.TensorSummaryV2 does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service attack:pythonimport numpy as npimport tensorflow as tftf.rawops.TensorSummaryV2 tag=np.array'test', tensor=np.array3,...
XML External Entity (XXE) in Django
The XML libraries for Python as used in OpenStack Keystone Essex and Folsom, Django, and possibly other products allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity XXE attack...
XML Entity Expansion (XEE) in Django
The XML libraries for Python, as used in OpenStack Keystone Essex, Folsom, and Grizzly; Compute Nova Essex and Folsom; Cinder Folsom; Django; and possibly other products allow remote attackers to cause a denial of service resource consumption and crash via an XML Entity Expansion XEE attack...
OpenStack Compute (Nova) Resource limit circumvention in Nova private flavors
The "create an instance" API in OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly enforce the os-flavor-access:ispublic property, which allows remote authenticated users to boot arbitrary flavors by guessing the flavor id. NOTE: this issue is due to an incomplete fix for...
Plone anonymous access to sub-objects in CMFEditions where KwAsAttributes classes were publishable
The CMFEditions component 2.x in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2 does not prevent the KwAsAttributes classes from being publishable, which allows remote attackers to access sub-objects via unspecified vectors, a different vulnerability than CVE-2011-3587...
Plone XSS Vulnerability
Cross-site scripting XSS vulnerability in skins/plonetemplates/defaulterrormessage.pt in Plone before 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the typename parameter to Members/ipa/createObject...
Fabric vulnerable to symlink attack on tmp files
Fabric before 1.1.0 allows local users to overwrite arbitrary files via a symlink attack on 1 a /tmp/fab..tar file or 2 certain other files in the top level of /tmp/...
Zope Command Execution Vulnerability
Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in Plone 4.0.x through 4.0.9, 4.1, and 4.2 through 4.2a2, allows remote attackers to execute arbitrary commands via vectors related to the p class in OFS/misc.py and the use of Python modules...
Cobbler subject to Command Injection
A Command Injection in actionpower.py in Cobbler prior to v2.6.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the 1 username or 2 password fields to the powersystem method in the xmlrpc API...
Review Board Cross-site scripting (XSS) vulnerability in the reviews dropdown
Cross-site scripting XSS vulnerability in the auto-complete widget in htdocs/media/rb/js/reviews.js in Review Board 1.6.x before 1.6.17 and 1.7.x before 1.7.10 allows remote attackers to inject arbitrary web script or HTML via a full name...
OpenStack Compute (Nova) vulnerable to denial of service via XML Entity Expansion attack
The security group extension in OpenStack Compute Nova Grizzly 2013.1.3, Havana before havana-3, and earlier allows remote attackers to cause a denial of service resource consumption and crash via an XML Entity Expansion XEE attack. NOTE: this issue is due to an incomplete fix for CVE-2013-1664...
OpenStack Compute Nova Improper Access Control
The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...