Tensorflow Security Vulnerabilities and Issues — Tensorflow CVE List

Lucene search

GoogleTensorflow

7 matches found

CVE•added 2019/12/16 9:15 p.m.•83 views

CVE-2019-16778

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. Thi...

9.8CVSS6.7AI score0.00336EPSS

CVE•added 2019/04/24 5:29 p.m.•69 views

CVE-2018-7577

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory.

8.1CVSS7.7AI score0.00166EPSS

CVE•added 2019/04/24 5:29 p.m.•67 views

CVE-2018-10055

Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.

8.1CVSS7.9AI score0.00174EPSS

CVE•added 2019/04/24 5:29 p.m.•66 views

CVE-2019-9635

NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file.

6.5CVSS6.1AI score0.00119EPSS

CVE•added 2019/04/24 9:29 p.m.•64 views

CVE-2018-7575

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent.

9.8CVSS9.3AI score0.00176EPSS

CVE•added 2019/04/23 9:29 p.m.•64 views

CVE-2018-8825

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code (local).

8.8CVSS8.9AI score0.00245EPSS

CVE•added 2019/04/23 9:29 p.m.•59 views

CVE-2018-7576

Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent.

6.5CVSS6.3AI score0.00109EPSS