Lucene search
Veracode Vulnerability DatabaseVERACODE:39976HistoryMar 29, 2023 - 5:35 a.m.
Denial Of Service (DoS)
2023-03-2905:35:08
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
18
denial of service attacks
software vulnerability
segmentation fault
EPSS
0.001
Percentile
37.9%
tensorflow is vulnerable to Denial of Service (DoS) attacks. A malicious user is able to trigger a null pointer exception in the SummarizeArray function when the parameter summarize of tf.raw_ops.Print is zero, leading to a segmentation fault, causing the application to crash.
References
github.com/advisories/GHSA-qjqc-vqcf-5qvj
github.com/tensorflow/tensorflow/commit/1e97069ff18542e4f3ac70005442902c1abec154
github.com/tensorflow/tensorflow/commit/6d423b8bcc9aa9f5554dc988c1c16d038b508df1
github.com/tensorflow/tensorflow/pull/59544
github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj
Related
cve
cve
CVE-2023-25660
2023-03-25 00:15:07
osv
osv
BIT-tensorflow-2023-25660
2024-03-06 11:09:34
CVE-2023-25660
2023-03-25 00:15:07
TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`
2023-03-24 21:58:44
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow (CVE-2023-25660)
2023-06-28 20:09:25
prion
prion
Stack overflow
2023-03-25 00:15:00
nvd
nvd
CVE-2023-25660
2023-03-25 00:15:07
cbl_mariner
cbl_mariner
CVE-2023-25660 affecting package tensorflow for versions less than 2.11.1-1
2024-10-01 09:12:11
cvelist
cvelist
CVE-2023-25660 TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`
2023-03-24 23:44:30
github
github
TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`
2023-03-24 21:58:44
nessus
nessus
TensorFlow < 2.11.1 Multiple Vulnerabilities
2024-05-20 00:00:00
TensorFlow < 2.12.0 Multiple Vulnerabilities
2024-05-31 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00