tensorflow is vulnerable to denial of service (DoS) attacks. A malicious user is able to pass an empty input
with valid filter
and padding
sizes which outputs all-zeros, causing a division-by-zero exception leading to an application crash.
github.com/tensorflow/tensorflow/commit/57a0eaab86d95d8bf23ff8e75359d1e35fce0324
github.com/tensorflow/tensorflow/commit/611d80db29dd7b0cfb755772c69d60ae5bca05f9
github.com/tensorflow/tensorflow/commit/64e569c80dd7e23b2ee0d02cfb74a7d6f60cbde5
github.com/tensorflow/tensorflow/commit/b818dc4d1187e9fd0991af618b7bcdfd68066108
github.com/tensorflow/tensorflow/pull/57305
github.com/tensorflow/tensorflow/pull/57306
github.com/tensorflow/tensorflow/pull/57307
github.com/tensorflow/tensorflow/security/advisories/GHSA-q5jv-m6qw-5g37