Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:37210
HistorySep 21, 2022 - 3:33 a.m.

Denial Of Service (DoS)

2022-09-2103:33:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
tensorflow
vulnerability
compute function
conv_grad_input_ops.h
cpu
gpu
kernels
empty out_backprop inputs
application crash
malicious inputs
denial of service

EPSS

0.001

Percentile

35.2%

tensorflow is vulnerable to denial of service. The vulnerability exists Compute function of conv_grad_input_ops.h because the CPU/GPU kernels are not properly handled for empty out_backprop inputs which allows an attacker to cause an application crash by sending malicious inputs.

Affected configurations

Vulners
Node
tensorflow-cpuRange2.9.1
OR
tensorflow-gpuRange2.9.1
OR
tensorflowtensorflowRange2.9.1
VendorProductVersionCPE
*tensorflow-cpu*cpe:2.3:a:*:tensorflow-cpu:*:*:*:*:*:*:*:*
*tensorflow-gpu*cpe:2.3:a:*:tensorflow-gpu:*:*:*:*:*:*:*:*
tensorflowtensorflow*cpe:2.3:a:tensorflow:tensorflow:*:*:*:*:*:*:*:*

EPSS

0.001

Percentile

35.2%

Related for VERACODE:37210