431 matches found
CVE-2021-41210
TensorFlow vulnerability CVE-2021-41210 (BIT-TENSORFLOW-2021-41210) is a heap-based out-of-bounds read in SparseCountSparseOutput shape inference. Affected TF versions permit reading outside heap memory during shape inference of SparseCountSparseOutput. A fix is planned for TensorFlow 2.7.0, with...
CVE-2022-36005
TensorFlow vulnerability CVE-2022-36005: a CHECK failure in tf.quantization.fake_quant_with_min_max_vars_gradient when min or max inputs are non-scalar can trigger a denial of service. A patch is committed (f3cf67ac5705f4f04721d15e485e192bb319feed) and will be included in TensorFlow 2.10.0; the f...
CVE-2018-10055
CVE-2018-10055 affects the TensorFlow XLA compiler in Google TensorFlow prior to 1.7.1. The issue is an invalid memory access and/or a heap buffer overflow triggered by a crafted configuration file, which could cause a crash or allow reading from other parts of process memory. Connected documents...
CVE-2019-9635
CVE-2019-9635 : A NULL pointer dereference in Google TensorFlow (pre-1.12.2) can cause a denial of service via an invalid GIF file. Affected: TensorFlow versions before 1.12.2. Root cause: NULL pointer dereference in GIF handling. Impact: DoS. Mitigation: upgrade to TensorFlow 1.12.2 or later (as...
CVE-2020-15196
CVE-2020-15196 affects TensorFlow 2.3.0: SparseCountSparseOutput and RaggedCountSparseOutput do not validate that the weights tensor has the same shape as the data, allowing reads beyond the weights buffer when fewer weights are provided. This heap-based overflow is mitigated in TensorFlow 2.3.1 ...
CVE-2021-37680
CVE-2021-37680 affects TensorFlow/TSLite, where the division-by-zero vulnerability resides in the implementation of fully connected layers in TFLite. The issue is triggered by a crafted input causing batch_size calculation (input_size / filter->dims->data[1]) to divide by zero. A patch is p...
CVE-2021-41217
CVE-2021-41217 concerns TensorFlow: a null pointer dereference in the control-flow graph construction when paired nodes like Enter/Exit are not properly ordered. The vulnerability causes a crash due to dereferencing a null parent in the pairing logic. A fix is included in TensorFlow 2.7.0, with c...
CVE-2022-35940
TensorFlow RaggedRangOp is affected by CVE-2022-35940: if limits contains a very large float, converting to int64 can overflow, causing an InvalidArgument and an abort that crashes the program. Patch available in commit 37cefa91bee4eace55715eeef43720b958a01192; expected in TensorFlow 2.10.0 with ...
CVE-2022-35969
TensorFlow CVE-2022-35969 stems from Conv2DBackpropInput requiring input_sizes to be 4-dimensional; non-conforming input can trigger a CHECK failure that allows denial of service. A fix was committed (50156d547b9a1da0144d7babe665cf690305b33c) and will be included in TensorFlow 2.10.0, with cherry...
CVE-2021-29512
TensorFlow RaggedBincount vulnerability (CVE-2021-29512) involves a heap-based buffer overflow when the splits argument does not specify a valid SparseTensor. Affected path shows reads beyond splits bounds inside RaggedBincount. The issue is triggered by user-controlled splits containing a single...
CVE-2021-41220
CVE-2021-41220 (TensorFlow) — Normal details The vulnerability affects TensorFlow's async CollectiveReduceV2, causing a memory leak and use-after-free when objects moved via std::move are still accessed during asynchronous processing. The issue path is described in the CVE entry and related advis...
CVE-2020-26271
CVE-2020-26271 : TensorFlow contains a heap out-of-bounds access in MakeEdge when wiring graph edges, caused by missing bounds checks on indices into arrays of tensor data. This can lead to uninitialized memory access and, in certain cases, leakage of library addresses. The description notes the ...
CVE-2022-35966
CVE-2022-35966 affects TensorFlow. When QuantizedAvgPool is given min_input or max_input tensors of a nonzero rank, it can cause a segfault that enables a denial of service. The issue has been patched in GitHub commit 7cdf9d4d2083b739ec81cfdace546b0c99f50622 and the fix will be included in Tensor...
CVE-2022-35968
TensorFlow: CVE-2022-35968 affects AvgPoolGrad where input orig_input_shape is not fully validated, triggering a CHECK failure that can cause a denial of service. A patch was applied in GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f and the fix is scheduled for TensorFlow 2.10.0, with che...
CVE-2022-35970
CVE-2022-35970 affects TensorFlow’s QuantizedInstanceNorm. When x_min or x_max are tensors of a nonzero rank, a segfault occurs, enabling a denial of service as described in the entry. The issue is fixed in the GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0 and the fix is to be included i...
CVE-2022-35972
TensorFlow CVE-2022-35972 concerns a segfault in QuantizedBiasAdd when given min_input, max_input, min_bias, max_bias with a nonzero rank, leading to a denial of service. A patch was applied in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0, with the fix slated for TensorFlow 2.10.0. The ...
CVE-2022-35982
TensorFlow CVE-2022-35982 describes a segfault in SparseBincount when inputs do not form a valid sparse tensor, potentially enabling a denial of service. A patch was applied in commit 40adbe4dd15b582b0210dfbf40c243a62f5119fa, with the fix scheduled for TensorFlow 2.10.0 and cherry-picked for Tens...
CVE-2018-7576
CVE-2018-7576 relates to Google TensorFlow, affecting 1.6.x and earlier due to a null pointer dereference. The available descriptions indicate the exploitation is context‑dependent. The connected documents corroborate the TensorFlow association but do not provide concrete remediation details (pat...
CVE-2022-35989
CVE-2022-35989 affects TensorFlow, where MaxPool on GPU can trigger a denial of service when a ksize window is larger than the input tensor. Root cause: a GPU kernel CHECK failure in MaxPool. Mitigation/fix: patch committed (32d7bd3defd134f21a4e344c8dfd40099aaf6b18); fix to be included in TensorF...
CVE-2021-41201
TensorFlow CVE-2021-41201: The issue is an uninitialized flag in EinsumHelper::ParseEquation that only ever sets input_has_ellipsis/output_has_ellipsis to true, leaving potential uninitialized access when callers expect both true/false values. This affects multiple TF releases (2.4.x–2.7.x) and i...
CVE-2021-41203
TensorFlow vulnerability CVE-2021-41203 (checkpoint loading) is due to missing validation for invalid checkpoint file formats. This allows a local attacker to trigger undefined behavior, integer overflows, segfaults, and CHECK-fail crashes by altering saved checkpoints from outside TensorFlow. Af...
CVE-2021-41224
TensorFlow SparseFillEmptyRows vulnerability (CVE-2021-41224): heap-based out-of-bounds access triggered when indices length does not match values length. Affected in TF versions before 2.7.0; fix included in TF 2.7.0 and cherry-picked to 2.6.1, 2.5.2, and 2.4.4. Remediation: upgrade to TF 2.7.0+...
CVE-2023-33976
CVE-2023-33976: TensorFlow is vulnerable to a denial-of-service crash due to a segfault in array_ops.upper_bound when not given a rank-2 tensor. The documented root cause is a segfault in array_ops.upper_bound; impact is a crash that can be triggered remotely as described in the advisory. The pub...
CVE-2021-41211
CVE-2021-41211 / BIT-tensorflow-2021-41211 : TensorFlow’s QuantizeV2 shape inference can read outside the heap when axis
CVE-2022-35967
CVE-2022-35967 affects TensorFlow: a segfault in QuantizedAdd when min_input or max_input tensors have nonzero rank can trigger a denial of service. The issue has been patched in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89, with the fix planned for TensorFlow 2.10.0 and cherry-picked t...
CVE-2022-35964
TensorFlow BlockLSTMGradV2 has an input validation flaw that can trigger a segfault/DoS. A patch was committed (2a458fc4866505be27c62f81474ecb2b870498fa) and will be included in TensorFlow 2.10.0; the fix will be cherry-picked to TF 2.9.1, 2.8.1, and 2.7.2. No public workarounds are provided in t...
CVE-2022-35981
TensorFlow’s FractionalMaxPoolGrad vulnerability (CVE-2022-35981) stems from input validation using CHECK failures instead of proper error handling, enabling a potential denial of service when inputs are incorrectly sized. A fix is available via commit 8741e57d163a079db05a7107a7609af70931def4, an...
CVE-2020-26269
CVE-2020-26269 affects TensorFlow (release candidate 2.4.0rc* and related master branch changes) and describes an access out-of-bounds read in the general filesystem-globbing path matching implementation. The root cause is that invariants and preconditions assumed by the parallel GetMatchingPaths...
CVE-2022-35938
CVE-2022-35938 affects TensorFlow and TensorFlow Lite Micro GatherNd where inputs can trigger an out-of-bounds read or crash when sizes mismatch. The issue is patched in commit 4142e47e9e31db481781b955ed3ff807a781b494 and the fix will be included in TensorFlow 2.10.0, with cherry-picks to 2.9.1, ...
CVE-2025-55556
CVE-2025-55556 affects TensorFlow version 2.18.0, where the Embedding operator may output random results during compilation, causing unexpected application behavior. The issue is described across multiple sources (NVD, OSV entries, and related advisories) as a reproducible defect in Embedding com...
CVE-2025-55559
TensorFlow v2.18.0 has a DoS in tf.keras.layers.Conv2D when padding is set to 'valid'. The issue is tied to the padding handling in Conv2D, with no explicit exploit details provided in the connected documents. Practical impact is Denial of Service (availability) as per the CVE metrics; the precis...