Lucene search
Veracode Vulnerability DatabaseVERACODE:34044HistoryFeb 08, 2022 - 4:24 a.m.
Denial Of Service (DoS)
2022-02-0804:24:23
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
tensorflow
vulnerability
denial of service
attack
graphdef
savedmodel
invalid argument
ctor_type
software
EPSS
0.002
Percentile
57.4%
tensorflow is vulnerable to denial of service. An attacker can crash the application through the GraphDef in tensorflow SavedModel by providing an invalid argument to ctor_type.
References
github.com/tensorflow/tensorflow/blob/274df9b02330b790aa8de1cee164b70f72b9b244/tensorflow/core/graph/graph.cc#L560-L567
github.com/tensorflow/tensorflow/commit/94c748eebe366adef4c0d47bbb7348dcc0d5433d
github.com/tensorflow/tensorflow/commit/955059813cc325dc1db5e2daa6221271406d4439
github.com/tensorflow/tensorflow/commit/ae7976631d87dfad52f8971369d14067447d1c02
github.com/tensorflow/tensorflow/commit/b49a624c0692a5688c29062abab600bb6e8568e1
github.com/tensorflow/tensorflow/security/advisories/GHSA-pqrv-8r2f-7278
Related
cnvd
cnvd
Google Tensorflow code issue vulnerability (NVD-C-2022-117042)
2022-02-09 00:00:00
osv
osv
Crash due to erroneous `StatusOr` in TensorFlow
2022-02-09 23:29:38
PYSEC-2022-99
2022-02-04 23:15:00
CVE-2022-23590
2022-02-04 23:15:15
cvelist
cvelist
CVE-2022-23590 Crash due to erroneous `StatusOr` in Tensorflow
2022-02-04 22:32:10
nvd
nvd
CVE-2022-23590
2022-02-04 23:15:15
prion
prion
Stack overflow
2022-02-04 23:15:00
github
github
Crash due to erroneous `StatusOr` in TensorFlow
2022-02-09 23:29:38
cve
cve
CVE-2022-23590
2022-02-04 23:15:15
