Lucene search
K
GoogleTensorflow

431 matches found

CVE
CVE
added 2021/05/14 7:25 p.m.100 views

CVE-2021-29619

CVE-2021-29619 affects TensorFlow via tf.raw_ops.SparseCountSparseOutput, where passing invalid arguments (including fuzzing-derived inputs) can cause a segfault. Connected sources confirm this is a TensorFlow in-tree issue with a fix planned for TensorFlow 2.5.0 and cherry-picks in supported 2.x...

5.5CVSS4.8AI score0.00194EPSS
CVE
CVE
added 2022/09/16 9:5 p.m.100 views

CVE-2022-35974

Summary: CVE-2022-35974 affects TensorFlow via QuantizeDownAndShrinkRange when given nonscalar input_min/input_max, causing a segfault and a potential denial of service. The issue has been patched in commit 73ad1815ebcfeb7c051f9c2f7ab5024380ca8613 and the fix will be included in TensorFlow 2.10.0...

7.5CVSS6.4AI score0.00423EPSS
CVE
CVE
added 2022/09/16 10:50 p.m.100 views

CVE-2022-36017

TensorFlow Requantize vulnerability (CVE-2022-36017): If Requantize is invoked with input_min, input_max, and requested_output_min/max tensors of nonzero rank, it can segfault and enable a denial-of-service. A fix was committed (785d67a78a1d533759fcd2f5e8d6ef778de849e0) and will be included in Te...

7.5CVSS6.4AI score0.00423EPSS
CVE
CVE
added 2021/05/14 7:11 p.m.99 views

CVE-2021-29536

TensorFlow’s CVE-2021-29536 is a heap buffer overflow in QuantizedReshape triggered when the input_min/input_max tensors are empty. The issue arises because code assumes scalar inputs and accesses .flat()(0), which overflows if the tensors contain no elements. The fix is included in TensorFlow 2....

7.8CVSS5.8AI score0.00211EPSS
CVE
CVE
added 2021/05/14 7:15 p.m.99 views

CVE-2021-29584

CVE-2021-29584 and related issues affect TensorFlow where integer overflow in building tensor shapes can trigger a CHECK-fail, causing a denial-of-service via aborts on both CPU and GPU tensor shape computations (e.g., in SparseSplit and segment/shape handling). Root cause: shape construction use...

5.5CVSS4.9AI score0.00189EPSS
CVE
CVE
added 2021/08/12 9:40 p.m.99 views

CVE-2021-37667

TensorFlow: CVE-2021-37667 involves a NULL pointer dereference in UnicodeEncode where the code reads input_splits[0] before validating emptiness. A patch is in commit 2e0ee46f..., fixes to be included in TensorFlow 2.6.0 and backported to 2.5.1, 2.4.3, and 2.3.4. Affected: tf.raw_ops.UnicodeEncod...

7.8CVSS7.6AI score0.00173EPSS
CVE
CVE
added 2021/11/05 10:5 p.m.99 views

CVE-2021-41218

CVE-2021-41218 affects TensorFlow: the AllToAll shape-inference code can perform a division by zero when split_count is 0. This is concrete in multiple sources (NVD entry and OSV listings) and tied to TF’s tensor shape inference path for AllToAll. The documented remediation is upgrading to Tensor...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2022/02/03 11:1 a.m.99 views

CVE-2022-21726

TensorFlow CVE-2022-21726 affects the Dequantize path, where axis validation is insufficient and can cause heap-out-of-bounds reads. The issue arises when axis is -1 (default) or any large positive value not checked against input dimensions, reading past the dimensions array. A fix is planned for...

8.8CVSS8.4AI score0.00818EPSS
CVE
CVE
added 2022/09/16 10:15 p.m.99 views

CVE-2022-35997

TensorFlow CVE-2022-35997 affects tf.sparse.cross where an input separator that is not a scalar triggers a CHECK failure, enabling a denial-of-service condition. The issue is mitigated by patch commit 83dcb4dbfa094e33db084e97c4d0531a559e0ebf, with the fix slated for TensorFlow 2.10.0 and cherry-p...

7.5CVSS6.4AI score0.00405EPSS
CVE
CVE
added 2021/05/14 7:35 p.m.98 views

CVE-2021-29585

TensorFlow/TFLite padding compute path has a division-by-zero in ComputeOutSize when stride is 0, enabling a potential denial-of-service scenario via crafted models. The issue affects padding logic in TF Lite; patches were applied in commit 49847ae and a fix is planned for TensorFlow 2.5.0 with c...

7.8CVSS5.4AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:21 p.m.98 views

CVE-2021-29605

CVE-2021-29605 is a TensorFlow/TFLite vulnerability where the TFLiteIntArray allocation path suffers an integer overflow. The function TfLiteIntArrayGetSizeInBytes(int size) can return a negative value when size is large, causing malloc to receive an invalid (potentially non-allocatable) size. Th...

7.1CVSS5.8AI score0.0022EPSS
CVE
CVE
added 2021/05/14 7:21 p.m.98 views

CVE-2021-29606

CVE-2021-29606 is a TensorFlow/TFLite issue: a specially crafted TFLite model can trigger a heap-based out-of-bounds read in the Split_V operator when axis_value is outside [0, NumDimensions(input)]. The root cause is SizeOfDimension dereferencing an out-of-bounds index in the tensor shape array....

7.8CVSS7.1AI score0.00215EPSS
CVE
CVE
added 2021/05/14 7:25 p.m.98 views

CVE-2021-29617

CVE-2021-29617 affects TensorFlow via a CHECK-fail in tf.strings.substr when given invalid arguments, causing a denial-of-service. The issue is tied to inputs to tf.strings.substr and is addressed by a fix planned for TensorFlow 2.5.0, with cherry-picks into 2.4.2, 2.3.3, 2.2.3, and 2.1.4 as thes...

5.5CVSS4.8AI score0.0023EPSS
CVE
CVE
added 2021/08/12 8:35 p.m.98 views

CVE-2021-37644

TensorFlow CVE-2021-37644 involves a local issue where providing a negative value in the num_elements argument to tf.raw_ops.TensorListReserve triggers a runtime abort when std::vector.resize is called with an invalid size. The vulnerability details are supported by a GitHub advisory describing t...

5.5CVSS5.7AI score0.00152EPSS
CVE
CVE
added 2021/08/12 8:25 p.m.98 views

CVE-2021-37659

Summary: CVE-2021-37659 affects TensorFlow. Affected: TensorFlow’s cwise operations may bind a reference to null pointer, causing heap out-of-bounds reads and undefined behavior when inputs have mismatched element counts. The issue is documented with a GitHub patch (commit 93f428fd1768df147171ed6...

7.8CVSS7.3AI score0.00176EPSS
CVE
CVE
added 2022/09/16 9:0 p.m.98 views

CVE-2022-35973

CVE-2022-35973 affects TensorFlow and is caused when QuantizedMatMul receives nonscalar inputs for min_a, max_a, min_b, or max_b, leading to a segfault that can trigger a denial of service. The fix was implemented in a GitHub commit (aca766ac7693bf29ed0df55ad6bfcc78f35e7f48) and will be included ...

7.5CVSS6.4AI score0.00423EPSS
CVE
CVE
added 2021/05/14 7:12 p.m.97 views

CVE-2021-29525

TensorFlow CVE-2021-29525: Division by zero in tf.raw_ops.Conv2DBackpropInput. Root cause is division by a caller-controlled quantity in conv_grad_input_ops.h. Patched in TensorFlow 2.5.0, with cherrypicks back to 2.4.2, 2.3.3, 2.2.3 and 2.1.4. Upgrading to 2.5.0 or applying the cherry-picked pat...

7.8CVSS5.3AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:12 p.m.97 views

CVE-2021-29530

CVE-2021-29530 concerns TensorFlow’s SparseMatrixSparseCholesky: passing an invalid permutation could trigger a null pointer dereference due to incomplete input validation in the underlying code, allowing continuation after a failed check. Public sources (NVD, OSV, GHSA) describe the issue in Ten...

7.8CVSS5.6AI score0.00232EPSS
CVE
CVE
added 2021/05/14 7:11 p.m.97 views

CVE-2021-29542

Summary: CVE-2021-29542 affects TensorFlow’s StringNGrams function in tf.raw_ops. The vulnerability arises when input leads to a case where num_tokens is 0 and data_start_index equals 0 (left padding present), causing an out-of-bounds read of data[-1] in the loop that builds an n-gram, leading to...

5.5CVSS5AI score0.00198EPSS
CVE
CVE
added 2021/05/14 7:22 p.m.97 views

CVE-2021-29587

TensorFlow/TFLite SpaceToDepth has a division-by-zero flaw in the Prepare step when block_size can be zero. This is triggered by crafted inputs/models and can lead to instability/DoS. The issue is mitigated by a patch in TensorFlow 2.5.0 (and cherry-picks to 2.4.2, 2.3.3, 2.2.3, 2.1.4). Remediati...

7.8CVSS5.4AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:22 p.m.97 views

CVE-2021-29588

TensorFlow/TFLite issue: the TransposeConv operator in the TFLite backend is vulnerable to a division-by-zero when stride_h/stride_w can be 0, enabling a crafted model to trigger a fault. Root cause follows from the division calculations in optimized_ops.h, requiring callers to validate stride ar...

7.8CVSS5.5AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:21 p.m.97 views

CVE-2021-29598

The CVE-2021-29598 entry concerns TensorFlow’s SVDF TFLite operator, where a division-by-zero can occur if params->rank is 0. The SVDF implementation in TensorFlow Lite is the affected component; the root cause is a rank-dependent modulo check that can fail when rank is 0, leading to a crash/d...

7.8CVSS5.3AI score0.00201EPSS
CVE
CVE
added 2022/02/03 10:48 a.m.97 views

CVE-2022-21730

Summary: CVE-2022-21730 describes an out-of-bounds read in TensorFlow’s FractionalAvgPoolGrad due to invalid input handling. This affects TensorFlow releases prior to the fixed patch and is resolved by the fix in TensorFlow 2.8.0, with cherry-picks to 2.7.1, 2.6.3, and 2.5.3. Affected component: ...

8.1CVSS7.9AI score0.00815EPSS
CVE
CVE
added 2022/11/18 12:0 a.m.97 views

CVE-2022-41888

CVE-2022-41888 (TensorFlow) affects the GPU path of tf.image.generate_bounding_box_proposals where the scores input must be rank 4 but this is not checked. TensorFlow patch cf35502463a88ca7185a99daa7031df60b3c1c98 fixes this, with the fix to be included in TensorFlow 2.11 and cherry-picked to Ten...

7.5CVSS6.2AI score0.00439EPSS
CVE
CVE
added 2022/11/18 12:0 a.m.97 views

CVE-2022-41894

CVE-2022-41894 affects TensorFlow/TFLite CONV_3D_TRANSPOSE reference kernel. The bug increments data_ptr by num_channels instead of output_num_channels, enabling an out-of-bounds write to the bias buffer when input channels exceed output channels. Attack requires using the reference kernel resolv...

8.1CVSS7.5AI score0.00523EPSS
CVE
CVE
added 2020/12/10 10:10 p.m.96 views

CVE-2020-26267

CVE-2020-26267 affects TensorFlow where tf.raw_ops.DataFormatVecPermute does not validate src_format and dst_format, allowing uninitialized memory accesses, out-of-bounds reads, or crashes by assuming a NHWC permutation. Affected releases include various TensorFlow branches; fixes are published i...

7.8CVSS5.9AI score0.00241EPSS
CVE
CVE
added 2021/05/14 7:12 p.m.96 views

CVE-2021-29526

Summary: CVE-2021-29526 affects TensorFlow’s Conv2D path, where the division by a caller-controlled quantity in tf.raw_ops.Conv2D can trigger a division by zero. This vulnerability is supported by multiple sources in connected documents (OSV entries and NVD/CVE references) that describe the under...

5.5CVSS4.7AI score0.00198EPSS
CVE
CVE
added 2021/05/14 7:12 p.m.96 views

CVE-2021-29527

CVE-2021-29527 is a TensorFlow division-by-zero vulnerability in tf.raw_ops.QuantizedConv2D caused by a caller-controlled quantity in quantized_conv_ops.cc (lines 257–259). The fix is expected in TensorFlow 2.5.0, with cherry-picks to 2.4.2, 2.3.3, 2.2.3 and 2.1.4; multiple related advisories (GH...

5.5CVSS4.7AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:11 p.m.96 views

CVE-2021-29538

TensorFlow CVE-2021-29538 concerns a division-by-zero in Conv2DBackpropFilter. The issue arises when shapes are empty, causing work_unit_size to be 0 and a divide operation to throw a runtime error, enabling potential denial-of-service conditions. Concrete details in connected docs specify the af...

5.5CVSS4.6AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:10 p.m.96 views

CVE-2021-29549

CVE-2021-29549 (TensorFlow) is a division-by-zero vulnerability in tf.raw_ops.QuantizedAdd/QuantizedBatchNormWithGlobalNormalization that can trigger a runtime error and denial of service. The root cause is a modulo operation applied with vector_num_elements that can be zero because it is derived...

5.5CVSS4.7AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:16 p.m.96 views

CVE-2021-29576

CVE-2021-29576 is a confirmed heap buffer overflow in TensorFlow related to the tf.raw_ops.MaxPool3DGradGrad implementation. The root cause is that Pool3dParameters may be initialized with invalid data because the constructor’s validation (OP_REQUIRES) can fail before completion, and the code pat...

7.8CVSS5.5AI score0.00211EPSS
CVE
CVE
added 2021/05/14 7:15 p.m.96 views

CVE-2021-29580

The CVE covers TensorFlow tf.raw_ops.FractionalMaxPoolGrad with undefined behavior when an input tensor is empty and a_CHECK failure that can abort the process, per multiple sources in the Initial document. The issue arises from input/output validation (empty tensors and rank checks) in fractiona...

5.5CVSS4.9AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:21 p.m.96 views

CVE-2021-29602

The CVE-2021-29602 issue affects TensorFlow’s TFLite DepthwiseConv operator. The vulnerability is a division-by-zero in the DepthwiseConv implementation, triggered when input’s fourth dimension is 0. The root cause and affected code are documented in depthwise_conv.cc, and multiple advisories acr...

5.5CVSS4.7AI score0.00189EPSS
CVE
CVE
added 2021/08/12 9:40 p.m.96 views

CVE-2021-37666

CVE-2021-37666 is a TensorFlow vulnerability in RaggedTensorToVariant where binding a reference to a null pointer occurs due to incomplete validation of splits values. The issue is addressed by the GitHub patch be7a4de6adfbd303ce08be4332554dff70362612, with the fix scheduled for TensorFlow 2.6.0 ...

7.8CVSS7.7AI score0.00173EPSS
CVE
CVE
added 2022/11/18 12:0 a.m.96 views

CVE-2022-41889

TensorFlow CVE-2022-41889 affects the pywrap path when a list of quantized tensors is assigned to an attribute; the code may parse a tensor and return a nullptr that is not caught, risking a crash. A fix is committed (e9e95553e541) and will be included in TensorFlow 2.11, with cherry-picks to 2.1...

7.5CVSS6.2AI score0.00404EPSS
CVE
CVE
added 2022/11/18 12:0 a.m.96 views

CVE-2022-41897

CVE-2022-41897 affects TensorFlow when FractionMaxPoolGrad receives outsize inputs in row_pooling_sequence or col_pooling_sequence, causing a crash due to a heap/out-of-bounds read. The issue is addressed in a GitHub commit (d71090c3e5ca325bdf4b02eb236cfb3ee823e927) and the fix will be included i...

7.5CVSS6.2AI score0.0044EPSS
CVE
CVE
added 2020/12/10 10:10 p.m.95 views

CVE-2020-26270

CVE-2020-26270 affects TensorFlow: when an LSTM/GRU layer receives a zero-length input, the CUDA backend triggers a CHECK failure leading to a denial-of-service (query-of-death). Public sources consistently describe this as a vulnerability in affected TensorFlow builds, with fixes implemented in ...

4.4CVSS3.9AI score0.00166EPSS
CVE
CVE
added 2021/05/14 7:36 p.m.95 views

CVE-2021-29515

The CVE-2021-29515 issue affects TensorFlow MatrixDiag* ops: input tensors are not validated to be non-empty, which can lead to a null pointer dereference. The root cause is in MatrixDiagV2/V3 path handling inputs, and patches fix the issue (commit a7116dd39…) with the fix slated for TensorFlow 2...

7.8CVSS5.5AI score0.00201EPSS
CVE
CVE
added 2021/05/14 7:12 p.m.95 views

CVE-2021-29529

CVE-2021-29529 affects TensorFlow’s QuantizedResizeBilinear in tf.raw_ops.QuantizedResizeBilinear, where rounding of floating input can cause interpolation bounds to produce an out-of-bounds access, leading to a heap buffer overflow. The vulnerability arises because lower/upper interpolation boun...

7.8CVSS5.9AI score0.00251EPSS
CVE
CVE
added 2021/05/14 7:17 p.m.95 views

CVE-2021-29563

CVE-2021-29563 affects TensorFlow via a CHECK-fail in tf.raw_ops.RFFT that can trigger a denial of service when Eigen code operates on an empty matrix. The issue arises from a CHECK/ASSERT path and causes program termination rather than a traditional memory corruption exploit. The affected behavi...

5.5CVSS4.9AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:16 p.m.95 views

CVE-2021-29567

TensorFlow vulnerability CVE-2021-29567: SparseDenseCwiseMul lacks validation between input dimensions, only validating input ranks. This enables local attackers to trigger CHECK failures or heap-out-of-bounds writes, causing denial of service. Affected TF versions include 2.5.0 and older release...

5.5CVSS4.9AI score0.00189EPSS
CVE
CVE
added 2021/05/14 7:16 p.m.95 views

CVE-2021-29569

CVE-2021-29569: TensorFlow MaxPoolGradWithArgmax reads past heap bounds when input_min/input_max are empty. The issue stems from accessing first elements of flat() on empty tensors. Patches fix in TensorFlow 2.5.0 and will be cherry-picked to 2.4.2, 2.3.3, 2.2.3, and 2.1.4. Affected ranges are th...

7.1CVSS5.2AI score0.00198EPSS
CVE
CVE
added 2021/05/14 7:20 p.m.95 views

CVE-2021-29612

TensorFlow CVE-2021-29612 describes a heap-based buffer overflow in the Eigen-based tf.raw_ops.BandedTriangularSolve path. Root cause: ValidateInputTensors fails to check for empty inputs, and OP_REQUIRES validation may not propagate status, making the validation ineffective. Impact: potential co...

7.8CVSS5.9AI score0.00287EPSS
CVE
CVE
added 2021/05/14 7:25 p.m.95 views

CVE-2021-29618

TensorFlow vulnerability CVE-2021-29618: a crash can occur when calling tf.transpose with conjugate=True and a complex input. Affected TF releases include 2.1.x–2.4.x in the supported range; the fix is planned for TensorFlow 2.5.0 with cherry-picks to 2.4.2, 2.3.3, 2.2.3, and 2.1.4. Concrete tech...

5.5CVSS4.7AI score0.0023EPSS
CVE
CVE
added 2021/08/12 9:5 p.m.95 views

CVE-2021-37661

Summary: CVE-2021-37661 affects TensorFlow and causes a denial of service via the boosted_trees_create_quantile_stream_resource path when a negative number of streams is supplied. The code does not validate that num_streams is non-negative before using it to reserve memory, leading to an implicit...

5.5CVSS5.5AI score0.00154EPSS
CVE
CVE
added 2021/08/12 9:40 p.m.95 views

CVE-2021-37671

TensorFlow CVE-2021-37671 describes a local-issue in tf.raw_ops.Map* and tf.raw_ops.OrderedMap* where binding a reference to a null pointer can occur if indices is empty, due to a missing check despite a ascending-order validation. The publicly documented fix was committed (532f5c5a…) and will be...

7.8CVSS7.6AI score0.00173EPSS
CVE
CVE
added 2022/02/03 12:28 p.m.95 views

CVE-2022-21729

The vulnerability CVE-2022-21729 affects TensorFlow: the UnravelIndex implementation is vulnerable to a division-by-zero caused by an integer overflow in the unravel_index_op. The issue is addressed with a fix in TensorFlow 2.8.0, with cherry-picks to older supported releases TensorFlow 2.7.1, 2....

6.5CVSS6.7AI score0.00783EPSS
CVE
CVE
added 2022/09/16 7:40 p.m.95 views

CVE-2022-35939

CVE-2022-35939 concerns TensorFlow’s ScatterNd in TensorFlow Lite and core TF, where an input index outside the output bounds can write at an invalid location or crash. The issue is fixed via commit b4d4b4cb019bd7240a52daa4ba61e3cc814f0384 and the patch is scheduled for inclusion in TensorFlow 2....

9.8CVSS8.3AI score0.00441EPSS
CVE
CVE
added 2022/09/16 10:0 p.m.95 views

CVE-2022-35990

TensorFlow vulnerability CVE-2022-35990 affects the tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient function. When input min or max tensors have rank other than 1, a CHECK failure can trigger a denial of service. The issue has been patched in commit f3cf67ac5705f4f04721d15e485e1...

7.5CVSS6.5AI score0.00383EPSS
CVE
CVE
added 2022/09/16 10:20 p.m.95 views

CVE-2022-35994

CVE-2022-35994 is a denial-of-service issue in TensorFlow’s CollectiveGather when given a scalar input. Root cause: a CHECK failure in CollectiveGather. A patch was committed (c1f491817dec39a26be3c574e86a88c30f3c4770) and will be included in TensorFlow 2.10.0; the fix will also be cherry-picked t...

7.5CVSS6.4AI score0.00396EPSS
Total number of security vulnerabilities431