Denial Of Service (DoS)

2021-08-1305:50:16

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

2.1 Low

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

JSON

tensorflow is vulnerable to denial of service. Lack of checking that shape of the input or the target shape have both a non-zero number of elements causes an integral division by 0 exception.

CPENameOperatorVersion
tensorflowle2.5.0
tensorflowle2.6.0rc2
tensorflowle2.4.2
tensorflowle2.3.3
tensorflow-gpule2.6.0rc2
tensorflow-gpule2.5.0rc3
tensorflow-gpule2.4.2
tensorflow-gpule2.3.3
tensorflow-cpule2.5.0rc3
tensorflow-cpule2.6.0rc2

Name	Operator	Version
tensorflow	le	2.5.0
tensorflow	le	2.6.0rc2
tensorflow	le	2.4.2
tensorflow	le	2.3.3
tensorflow-gpu	le	2.6.0rc2
tensorflow-gpu	le	2.5.0rc3
tensorflow-gpu	le	2.4.2
tensorflow-gpu	le	2.3.3
tensorflow-cpu	le	2.5.0rc3
tensorflow-cpu	le	2.6.0rc2