Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:38145
HistoryNov 22, 2022 - 2:16 a.m.

Denial Of Service (DoS)

2022-11-2202:16:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
tensorflow
denial of service
vulnerability
setopattrlist
application crash
null pointer dereference

EPSS

0.001

Percentile

47.9%

JSON

tensorflow is vulnerable to denial of service. The vulnerability exists because the SetOpAttrList function of pywrap_tfe_src.cc fails to parse the tensor and returns a nullptr without proper error handling, allowing an attacker to cause an application crash through the null pointer dereference

Related

osv 3
nvd 1
cnvd 1
cve 1
cvelist 1
nessus 3
prion 1
cbl_mariner 1
github 1
ibm 4
osv
osv
BIT-tensorflow-2022-41889
2024-03-06 11:11:14
CVE-2022-41889
2022-11-18 22:15:15
Segfault via invalid attributes in `pywrap_tfe_src.cc`
2022-11-21 20:42:00
nvd
nvd
CVE-2022-41889
2022-11-18 22:15:15
cnvd
cnvd
Google TensorFlow code issue vulnerability (CNVD-2022-80679)
2022-11-23 00:00:00
cve
cve
CVE-2022-41889
2022-11-18 22:15:15
cvelist
cvelist
CVE-2022-41889 Segfault via invalid attributes in `pywrap_tfe_src.cc` in Tensorflow
2022-11-18 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41889)
2023-03-20 00:00:00
TensorFlow < 2.9.3 Multiple Vulnerabilities
2024-05-24 00:00:00
TensorFlow < 2.10.1 Multiple Vulnerabilities
2024-05-20 00:00:00
prion
prion
Stack overflow
2022-11-18 22:15:00
cbl_mariner
cbl_mariner
CVE-2022-41889 affecting package tensorflow for versions less than 2.11.0-1
2022-12-09 20:03:11
github
github
Segfault via invalid attributes in `pywrap_tfe_src.cc`
2022-11-21 20:42:00
ibm
ibm
Security Bulletin: tensorflow-2.7.3-cp37 vulnerable to CVE-2022-41911 CVE-2022-41907 CVE-2022-41908 CVE-2022-41896 CVE-2022-41891 CVE-2022-41894 CVE-2022-41884 IBM Maximo Application Suite - Monitor Component
2023-06-06 21:17:00
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in TensorFlow
2023-01-30 17:17:48
Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to multiple vulerabilities in TensorFlow
2023-07-06 17:53:28

EPSS

0.001

Percentile

47.9%

JSON
Related for VERACODE:38145
osv3nvd1cnvd1cve1cvelist1nessus3prion1cbl_mariner1github1ibm4