Lucene search
Veracode Vulnerability DatabaseVERACODE:39986HistoryMar 30, 2023 - 6:30 a.m.
Denial Of Service (DoS)
2023-03-3006:30:40
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
tensorlistsplit
dos
vulnerability
floating point exception
negative lengths
application crash
software
EPSS
0.001
Percentile
37.9%
tensorflow is vulnerable to Denial of Service (DoS) attacks. The vulnerability is due to a floating point exception in TensorListSplit because it does not check for negative lengths, causing the application to crash.
References
github.com/advisories/GHSA-647v-r7qq-24fh
github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa
github.com/tensorflow/tensorflow/commit/7f2df4a34bc9d5abeb57fb03051c7e08b98c73c9
github.com/tensorflow/tensorflow/pull/59584
github.com/tensorflow/tensorflow/security/advisories/GHSA-647v-r7qq-24fh
Related
prion
prion
Stack overflow
2023-03-25 00:15:00
nvd
nvd
CVE-2023-25673
2023-03-25 00:15:07
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow (CVE-2023-25673)
2023-06-28 20:18:04
cve
cve
CVE-2023-25673
2023-03-25 00:15:07
github
github
TensorFlow has Floating Point Exception in TensorListSplit with XLA
2023-03-24 21:54:42
osv
osv
TensorFlow has Floating Point Exception in TensorListSplit with XLA
2023-03-24 21:54:42
BIT-tensorflow-2023-25673
2024-03-06 11:07:45
CVE-2023-25673
2023-03-25 00:15:07
cvelist
cvelist
cbl_mariner
cbl_mariner
CVE-2023-25673 affecting package tensorflow for versions less than 2.11.1-1
2024-09-20 21:11:59
nessus
nessus
TensorFlow < 2.12.0 Multiple Vulnerabilities
2024-05-31 00:00:00
TensorFlow < 2.11.1 Multiple Vulnerabilities
2024-05-20 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00