Lucene search
Veracode Vulnerability DatabaseVERACODE:34061HistoryFeb 08, 2022 - 8:47 a.m.
Denial Of Service (DoS)
2022-02-0808:47:30
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
tensorflow
vulnerability
denial of service
savedmodel file
null pointer dereference
EPSS
0.003
Percentile
65.9%
Tensorflow is vulnerable to denial of service. An attacker may exploit the vulnerability by maliciously altering a SavedModel file causing a Null pointer dereference.
References
github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/mutable_graph_view.cc#L59-L74
github.com/tensorflow/tensorflow/blob/a1320ec1eac186da1d03f033109191f715b2b130/tensorflow/core/grappler/optimizers/constant_folding.cc#L3466-L3497
github.com/tensorflow/tensorflow/commit/045deec1cbdebb27d817008ad5df94d96a08b1bf
github.com/tensorflow/tensorflow/commit/0a365c029e437be0349c31f8d4c9926b69fa3fa1
github.com/tensorflow/tensorflow/security/advisories/GHSA-9px9-73fg-3fqp
Related
cvelist
cvelist
osv
osv
BIT-tensorflow-2022-23589
2024-03-06 11:14:50
CVE-2022-23589
2022-02-04 23:15:15
PYSEC-2022-98
2022-02-04 23:15:00
nvd
nvd
CVE-2022-23589
2022-02-04 23:15:15
cnvd
cnvd
Google Tensorflow code issue vulnerability (CNVD-2022-09862)
2022-02-09 00:00:00
prion
prion
Null pointer dereference
2022-02-04 23:15:00
cve
cve
CVE-2022-23589
2022-02-04 23:15:15
github
github
Null pointer dereference in Grappler's `IsConstant`
2022-02-09 23:29:14
