Lucene search
K
GoogleTensorflow

431 matches found

CVE
CVE
added 2021/08/12 11:0 p.m.105 views

CVE-2021-37692

CVE-2021-37692 affects TensorFlow and centers on a segfault in string tensor deallocation during garbage collection when the encoding of a string tensor fails (e.g., mismatched dimensions). The root cause is an assumption that encoding succeeded, leading to use of the finalizer of the tensor with...

5.5CVSS5.7AI score0.00172EPSS
CVE
CVE
added 2022/02/04 10:32 p.m.105 views

CVE-2022-23578

TensorFlow vulnerability CVE-2022-23578 describes a memory leak: if a graph node is invalid, ImmutableExecutorState::Initialize can leak the previously allocated memory when item->kernel is reset to nullptr. The issue affects TensorFlow; the fix is planned for TensorFlow 2.8.0, with cherry-pic...

4.3CVSS4.7AI score0.00716EPSS
CVE
CVE
added 2022/05/20 11:15 p.m.105 views

CVE-2022-29212

TensorFlow vulnerability CVE-2022-29212 affects TFLite model loading due to quantization scale handling. During quantization, values can have a scale > 1, but code assumed sub-unit scaling; this triggers a TFLITE_CHECK_LT assertion when QuantizeMultiplierSmallerThanOneExp is used, causing a cr...

5.5CVSS5.6AI score0.00316EPSS
CVE
CVE
added 2022/11/18 12:0 a.m.105 views

CVE-2022-41898

TensorFlow CVE-2022-41898 causes a crash when SparseFillEmptyRowsGrad is given empty inputs. The issue was patched in commit af4a6a3c8b95022c351edae94560acc61253a1b8 and will be included in TensorFlow 2.11; the patch will also be cherry-picked to 2.10.1, 2.9.3, and 2.8.4, which are within the sup...

7.5CVSS6.2AI score0.0044EPSS
CVE
CVE
added 2021/05/14 7:35 p.m.104 views

CVE-2021-29520

TensorFlow CVE-2021-29520 concerns a heap buffer overflow in Conv3DBackprop* due to missing validation that assumes input, filter_sizes, and out_backprop have identical shapes. Multiple sources (OSV entries and GHSA advisory) corroborate the issue and patch lineage. The vulnerability affects Conv...

7.8CVSS5.6AI score0.00224EPSS
CVE
CVE
added 2021/05/14 7:21 p.m.104 views

CVE-2021-29601

TensorFlow/TFLite concatentation is vulnerable to an integer overflow in the TFLite kernel used for concatenation. The issue arises because TFLite uses int for tensor dimensions while TensorFlow uses int64, allowing crafted inputs where a concatenation dimension overflows an int. Public details i...

7.1CVSS6.5AI score0.00192EPSS
CVE
CVE
added 2021/08/12 10:45 p.m.104 views

CVE-2021-37663

CVE-2021-37663 arises from incomplete validation in tf.raw_ops.QuantizeV2 in TensorFlow. Affected: TensorFlow versions before 2.6.0 (patch committed 6da6620...). The issue can trigger undefined behavior via binding a null pointer or out-of-bounds access; if axis is provided, min_range/max_range l...

7.8CVSS7.8AI score0.00173EPSS
CVE
CVE
added 2021/08/12 9:55 p.m.104 views

CVE-2021-37686

CVE-2021-37686 – TensorFlow TFLite infinite loop in strided_slice . The issue is in the TFLite strided_slice implementation where the new ellipsis in axis definitions can cause ellipsis_end_idx to be smaller than i. This prevents the inner loop from advancing i, and a continued loop skips the out...

5.5CVSS5.7AI score0.00173EPSS
CVE
CVE
added 2022/02/04 10:32 p.m.104 views

CVE-2022-23564

CVE-2022-23564 (TensorFlow) : The issue is a denial-of-service in TensorFlow caused by an invalidated CHECK assertion when decoding a resource handle tensor from protobuf, triggered by user-controlled arguments. Affected: TensorFlow (TF) processes; root cause is an assertion failure path during r...

6.5CVSS6.4AI score0.00469EPSS
CVE
CVE
added 2022/05/20 9:55 p.m.104 views

CVE-2022-29196

CVE-2022-29196 applies to TensorFlow. Before versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, Conv3DBackpropFilterV2 does not fully validate input arguments, specifically not validating that filter_sizes is a vector. This triggers a CHECK failure and can be leveraged to cause a denial of service. The iss...

5.5CVSS5.6AI score0.00317EPSS
CVE
CVE
added 2022/09/16 10:5 p.m.104 views

CVE-2022-36018

TensorFlow CVE-2022-36018 describes a denial-of-service risk in RaggedTensorToVariant when rt_nested_splits contains tensors with ranks other than one. The issue triggers a CHECK failure that can be exploited remotely to disrupt service. A fix was committed (88f93dfe691563baa4ae1e80ccde2d5c7a1438...

7.5CVSS6.4AI score0.00383EPSS
CVE
CVE
added 2022/12/06 12:0 a.m.104 views

CVE-2022-41902

CVE-2022-41902 in TensorFlow describes an out-of-bounds read/crash caused by MakeGrapplerFunctionItem input-size handling. A GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7 fixes the issue, and the fix will be released in TensorFlow 2.11.0. The same patch has been cherry-picked to TensorFl...

9.1CVSS7.9AI score0.00449EPSS
CVE
CVE
added 2021/05/14 7:16 p.m.103 views

CVE-2021-29573

CVE-2021-29573 concerns TensorFlow. The flaw is a division-by-zero in tf.raw_ops.MaxPoolGradWithArgmax caused by the implementation not validating the batch dimension is non-zero before dividing. The issue affects TensorFlow’s MaxPoolGradWithArgmax path and is addressed in the fix that will be in...

5.5CVSS4.7AI score0.00189EPSS
CVE
CVE
added 2021/08/12 10:55 p.m.103 views

CVE-2021-37669

TensorFlow CVE-2021-37669 describes a denial-of-service in tf.raw_ops.NonMaxSuppressionV5 (and CombinedNonMaxSuppression) caused by an integer-to-unsigned conversion when resizing a std::vector with a user-controlled output_size. Negative output_size leads to a crash due to implicit conversion to...

5.5CVSS5.5AI score0.00175EPSS
CVE
CVE
added 2022/02/04 10:32 p.m.103 views

CVE-2022-23585

CVE-2022-23585 refers to a memory-leak vulnerability in TensorFlow's PNG decoding path. After calling png::CommonInitDecode(..., &decode), allocated buffers may remain if an error path triggers OP_REQUIRES, and are not freed before function termination, creating a potential leak. The issue affect...

6.5CVSS5.6AI score0.00992EPSS
CVE
CVE
added 2022/05/20 10:30 p.m.103 views

CVE-2022-29208

TensorFlow CVE-2022-29208: The tf.raw_ops.EditDistance implementation has incomplete validation, allowing crafted negative values to cause an out-of-bounds write and segmentation-fault based DoS. Affected versions are 2.6.4, 2.7.2, 2.8.1, and 2.9.0; patches exist and fixes are included in 2.9.0 (...

7.1CVSS6.8AI score0.00378EPSS
CVE
CVE
added 2022/09/16 10:50 p.m.103 views

CVE-2022-36027

TensorFlow's CVE-2022-36027 affects the TFLite/TensorFlow converter path for per-channel quantized transposed convolutions, where converting these ops can segfault and crash the Python process. The issue has been patched in commit aa0b852a4588cea4d36b74feb05d93055540b450, with the fix slated for ...

7.5CVSS6.5AI score0.00596EPSS
CVE
CVE
added 2022/11/18 12:0 a.m.103 views

CVE-2022-41911

CVE-2022-41911 affects TensorFlow; root cause is an undefined char-to-bool conversion when printing a tensor, leading to sanitizer/fuzzer crashes. Patch is in GitHub commit 1be74370327 and will be included in TensorFlow 2.11.0, with backports to 2.10.1, 2.9.3, and 2.8.4. Public detail confirms im...

7.5CVSS6.1AI score0.00389EPSS
CVE
CVE
added 2021/05/14 7:21 p.m.102 views

CVE-2021-29600

Summary: CVE-2021-29600 concerns TensorFlow’s TFLite OneHot operator, where the division-by-zero arises from prefix_dim_size calculation when an indices dimension is 0. This is triggered by crafted models and affects multiple TensorFlow/TFLite release lines, with a fix planned for TensorFlow 2.5....

7.8CVSS5.3AI score0.00201EPSS
CVE
CVE
added 2021/08/12 8:30 p.m.102 views

CVE-2021-37635

CVE-2021-37635 affects TensorFlow: heap out-of-bounds access in sparse reduction operations due to missing validation of reduction groups/indices. Patch committed (87158f43f05f2720a374f3e6d22a7aaa3a33f750) and fixes planned for TensorFlow 2.6.0, with cherry-picks for 2.5.1, 2.4.3, and 2.3.4. Publ...

7.3CVSS7.2AI score0.00167EPSS
CVE
CVE
added 2021/08/12 8:55 p.m.102 views

CVE-2021-37662

CVE-2021-37662 stems from a TensorFlow vulnerability where a reference binding to nullptr in BoostedTreesCalculateBestGainsPerFeature and BoostedTreesCalculateBestFeatureSplitV2 may trigger undefined behavior due to input not being validated in stats_ops.cc. GitHub patches 9c87c32c7... and 429f00...

7.8CVSS7.2AI score0.00189EPSS
CVE
CVE
added 2021/08/12 10:40 p.m.102 views

CVE-2021-37665

CVE-2021-37665 : TensorFlow vulnerable due to incomplete validation in MKL requantization (range per-channel and per-channel ops). The root cause is insufficient validation of input dimensions/arguments, allowing undefined behavior (binding a null pointer, heap out-of-bounds access). A patch was ...

7.8CVSS7.8AI score0.00185EPSS
CVE
CVE
added 2021/11/05 7:55 p.m.102 views

CVE-2021-41197

CVE-2021-41197 concerns TensorFlow where treating large tensor shapes can overflow int64, causing a CHECK-failure abort during shape construction (notably in operations like tf.math.segment_, SparseCwise , and depthwise-related paths). The issue is addressed by upstream fixes, with the primary pa...

5.5CVSS4.8AI score0.00307EPSS
CVE
CVE
added 2021/11/05 10:25 p.m.102 views

CVE-2021-41228

CVE-2021-41228 affects TensorFlow’s saved_model_cli, where user-supplied strings are passed to eval, enabling code injection. The vulnerability exists in affected TensorFlow releases’ saved_model_cli tool and can allow arbitrary code execution on the host where the CLI runs. Public documentation ...

7.8CVSS7.6AI score0.00208EPSS
CVE
CVE
added 2022/02/04 10:32 p.m.102 views

CVE-2022-23575

TensorFlow vulnerability CVE-2022-23575 arises from an integer overflow in OpLevelCostEstimator::CalculateTensorSize when processing an operation with a very large tensor. The issue affects TensorFlow and was mitigated by a patch in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3 (...

6.5CVSS6.7AI score0.00783EPSS
CVE
CVE
added 2022/02/04 10:32 p.m.102 views

CVE-2022-23590

CVE-2022-23590 affects TensorFlow. A maliciously altered GraphDef from a SavedModel can trigger a crash by calling ValueOrDie on an error StatusOr, crashing the TensorFlow process. Patches exist in GitHub commits and will be included in TensorFlow 2.8.0 and 2.7.1; remediation in practice is to up...

7.5CVSS6.4AI score0.00973EPSS
CVE
CVE
added 2022/05/20 9:50 p.m.102 views

CVE-2022-29198

CVE-2022-29198 concerns TensorFlow’s tf.raw_ops.SparseTensorToCSRSparseMatrix, where input validation is incomplete for dense_shape and indices. This can trigger a CHECK failure, potentially enabling a denial of service. The issue is documented to affect TensorFlow versions prior to 2.9.0, 2.8.1,...

5.5CVSS5.5AI score0.00317EPSS
CVE
CVE
added 2022/05/20 11:25 p.m.102 views

CVE-2022-29210

CVE-2022-29210 affects TensorFlow 2.8.0, where TensorKey's hash using AllocatedBytes() and tensor.data() can cause a heap-buffer/ASAN-related issue leading to a denial of service. The issue is patched in TensorFlow 2.9.0 and also back-ported to 2.8.1. IBM Watson Discovery bulletin and OSV entries...

5.5CVSS5.5AI score0.00225EPSS
CVE
CVE
added 2019/12/16 8:15 p.m.101 views

CVE-2019-16778

CVE-2019-16778 : In TensorFlow before 1.15, a heap-based buffer overflow can occur in UnsortedSegmentSum when the Index template argument is int32. Data_size and num_segments are truncated from int64 to int32, potentially producing negative numbers and out-of-bounds memory access. The issue is de...

9.8CVSS6.7AI score0.00777EPSS
CVE
CVE
added 2021/05/14 7:11 p.m.101 views

CVE-2021-29535

CVE-2021-29535 affects TensorFlow’s QuantizedMul implementation. The vulnerability arises when four quantization thresholds are passed as inputs and may be empty tensors, causing a heap buffer overflow by accessing .flat()(0) on an empty buffer. This is rooted in the code path in quantized_mul_op...

7.8CVSS5.8AI score0.00211EPSS
CVE
CVE
added 2021/05/14 7:17 p.m.101 views

CVE-2021-29555

TensorFlow CVE-2021-29555 describes a denial-of-service vulnerability in tf.raw_ops.FusedBatchNorm caused by a division operation based on the last tensor dimension, which can be triggered by user-provided input. The issue affects the FusedBatchNorm path and has been patched; TensorFlow 2.5.0 wil...

5.5CVSS4.6AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:16 p.m.101 views

CVE-2021-29566

TensorFlow: CVE-2021-29566 is a heap-out-of-bounds (OOB) access in tf.raw_ops.Dilation2DBackpropInput due to missing input validation. This can cause writes outside the heap during backprop, as per the OSV/GHSA entries. The issue is fixed in TensorFlow 2.5.0 with cherry-picks to 2.4.2, 2.3.3, 2.2...

7.8CVSS5.4AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:16 p.m.101 views

CVE-2021-29570

CVE-2021-29570 affects TensorFlow and specifically the tf.raw_ops.MaxPoolGradWithArgmax path. The vulnerability is a heap out-of-bounds read caused by using the same value to index two different arrays without guaranteed equal sizes, leading to reads beyond heap data when provided crafted inputs....

7.1CVSS5.1AI score0.00154EPSS
CVE
CVE
added 2021/05/14 7:16 p.m.101 views

CVE-2021-29574

CVE-2021-29574 concerns TensorFlow. The issue is an undefined behavior in tf.raw_ops.MaxPool3DGradGrad where inputs can be empty and trigger null-pointer dereferences due to lack of input validation in pooling_ops_3d.cc. Affected context includes TensorFlow versions in the 2.x line with planned f...

7.8CVSS5.4AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:15 p.m.101 views

CVE-2021-29577

CVE-2021-29577 describes a heap-buffer-overflow in TensorFlow’s tf.raw_ops.AvgPool3DGrad caused by an assumption that orig_input_shape and grad have similar first/last dimensions without proper validation. Public sources (NVD, OSV, GHSA) confirm the issue and its impact as a memory corruption vul...

7.8CVSS5.5AI score0.00211EPSS
CVE
CVE
added 2021/08/12 10:20 p.m.101 views

CVE-2021-37672

TensorFlow CVE-2021-37672 is a heap-based out-of-bounds read vulnerability in SdcaOptimizerV2 caused by not validating example_labels length against the number of examples. The issue is disclosed in GHSA-5HJ3-VJJF-F5M7 with a code example and fix details. Patches were applied in the GitHub commit...

5.5CVSS5.7AI score0.00172EPSS
CVE
CVE
added 2021/11/05 9:50 p.m.101 views

CVE-2021-41208

CVE-2021-41208 involves TensorFlow boosted trees code with missing validation. The root cause is incomplete validation in boosted trees APIs, enabling a local attacker to trigger denial of service (via dereferencing null pointers or CHECK failures) and to cause undefined behavior (binding referen...

8.8CVSS7.6AI score0.00168EPSS
CVE
CVE
added 2022/02/03 1:19 p.m.101 views

CVE-2022-21738

TensorFlow CVE-2022-21738 describes an integer overflow in SparseCountSparseOutput (kernels/count_ops.cc) that can crash a TensorFlow process when its result is used for memory allocation. The vulnerability affects TensorFlow releases including 2.5.3, 2.6.3, and 2.7.1, with a fix planned for Tens...

6.5CVSS6.7AI score0.00783EPSS
CVE
CVE
added 2022/09/16 10:20 p.m.101 views

CVE-2022-35991

TensorFlow CVE-2022-35991 affects TensorListScatter and TensorListScatterV2 when element_shape has rank greater than one, triggering a CHECK failure that can lead to a denial of service. The issue is documented in OSV entries (BIT-TENSORFLOW-2022-35991) and related advisories, which confirm a pat...

7.5CVSS6.4AI score0.00441EPSS
CVE
CVE
added 2022/11/18 12:0 a.m.101 views

CVE-2022-41891

CVE-2022-41891 (TensorFlow) : A segmentation fault occurs in tf.raw_ops.TensorListConcat when element_shape is []; this can trigger a denial-of-service. A patch was committed (fc33f3dc4c14051a83eec6535b608abe1d355fde) and will be included in TensorFlow 2.11. TensorFlow 2.10.1, 2.9.3, and 2.8.4 wi...

7.5CVSS6AI score0.0043EPSS
CVE
CVE
added 2021/05/14 7:36 p.m.100 views

CVE-2021-29514

TensorFlow RaggedBincount vulnerability (CVE-2021-29514) in the RaggedBincount kernel can cause a heap out-of-bounds write when the splits argument references an invalid SparseTensor, leading to a write at out(-1, bin). The issue is triggered by setting splits(0) to 7, causing batch_idx to remain...

7.8CVSS5.6AI score0.00211EPSS
CVE
CVE
added 2021/05/14 7:36 p.m.100 views

CVE-2021-29518

CVE-2021-29518 describes a vulnerability in TensorFlow where, in eager mode, session operations can dereference a null session_state pointer, leading to undefined behavior. Concrete details from connected documents show the root cause in tensor flow core/kernels/session_ops.cc, where ctx->sess...

7.8CVSS5.5AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:11 p.m.100 views

CVE-2021-29541

CVE-2021-29541 : TensorFlow StringNGrams vulnerability — the implementation of data_splits is not fully validated, allowing a null pointer dereference when ngram computation leads to zero/negative output size. This can cause a crash (null pointer dereference) on affected TensorFlow builds. A fix ...

5.5CVSS4.7AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:10 p.m.100 views

CVE-2021-29547

CVE-2021-29547 affects TensorFlow QuantizedBatchNormWithGlobalNormalization. The issue is a heap/out-of-bounds vulnerability caused by inputs being allowed to be empty; when any input is empty, flat()(0) accesses data outside of bounds, enabling a segfault/denial of service. Patches were applied ...

5.5CVSS4.7AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:10 p.m.100 views

CVE-2021-29554

CVE-2021-29554 affects TensorFlow: DenseCountSparseOutput can cause a denial of service via a division-by-zero runtime error. Root cause is computing a divisor from user data without validating zero, yielding num_batch_elements = 0 and a divide operation. Affected TF releases are mitigated by a f...

5.5CVSS4.7AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:17 p.m.100 views

CVE-2021-29556

CVE-2021-29556 affects TensorFlow cores with a Denial of Service via a division-by-first-dimension in tf.raw_ops.Reverse. The vulnerability arises because N = input.dim_size(0) is used to compute cost_per_unit, enabling a user-controlled trigger (through the tensor’s first dimension) to cause a F...

5.5CVSS4.6AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:15 p.m.100 views

CVE-2021-29578

CVE-2021-29578 : TensorFlow’s tf.raw_ops.FractionalAvgPoolGrad is vulnerable to a heap-based buffer overflow caused by a missing validation of pooling sequence arguments against the out_backprop tensor shape. Multiple connected sources corroborate the issue and provide the same root cause. The mi...

7.8CVSS5.6AI score0.00211EPSS
CVE
CVE
added 2021/05/14 7:22 p.m.100 views

CVE-2021-29596

CVE-2021-29596: TensorFlow/TFLite EmbeddingLookup suffers a division-by-zero in EmbeddingLookup when the first dimension of value is 0. Affected component is the TFLite operator in TensorFlow; root cause is a division by zero in embedding_lookup.cc. The documented fix is to include a patch in Ten...

7.8CVSS5.3AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:20 p.m.100 views

CVE-2021-29608

TensorFlow CVE-2021-29608 maps to a RaggedTensorToTensor validation flaw: input checks only ensure one tensor is non-empty, enabling potential heap out-of-bounds/NULL dereference undefined behavior in release builds. Multiple sources (NVD, OSV/GHSA advisories) describe a local-attack surface lead...

7.8CVSS6.2AI score0.00234EPSS
CVE
CVE
added 2021/05/14 7:25 p.m.100 views

CVE-2021-29616

CVE-2021-29616 affects TensorFlow: the TrySimplify path in Grappler dereferences a null pointer in corner cases (optimizing a node with no inputs). This is a null-dereference vulnerability in the TensorFlow optimization code, not a user-facing attack surface description. The issue has been fixed ...

7.8CVSS5.4AI score0.00206EPSS
Total number of security vulnerabilities431