Lucene search
Veracode Vulnerability DatabaseVERACODE:39995HistoryMar 30, 2023 - 9:24 a.m.
Denial Of Service (DoS)
2023-03-3009:24:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
denial of service
dos attacks
vulnerability
floating point exception
raw_ops
avgpoolgrad
application crash
software
EPSS
0.001
Percentile
37.9%
tensorflow is vulnerable to Denial of Service (DoS) attacks. The vulnerability is due to a floating point exception if the stride and window size are not positive for the raw_ops.AvgPoolGrad function, causing the application to crash.
References
github.com/advisories/GHSA-rcf8-g8jv-vg6p
github.com/tensorflow/tensorflow/commit/1295ae4dbb52fe06b19733b0257e2340d7b63b8d
github.com/tensorflow/tensorflow/commit/4a9e857b53ddf9509b7e3701116be33a7b9e9f85
github.com/tensorflow/tensorflow/pull/59476
github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p
Related
cvelist
cvelist
prion
prion
Stack overflow
2023-03-25 00:15:00
osv
osv
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
2023-03-24 21:56:53
BIT-tensorflow-2023-25669
2024-03-06 11:08:20
CVE-2023-25669
2023-03-25 00:15:07
nvd
nvd
CVE-2023-25669
2023-03-25 00:15:07
github
github
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
2023-03-24 21:56:53
cve
cve
CVE-2023-25669
2023-03-25 00:15:07
ibm
ibm
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in TensorFlow (CVE-2023-25669)
2023-06-28 19:52:42
cbl_mariner
cbl_mariner
CVE-2023-25669 affecting package tensorflow for versions less than 2.11.1-1
2024-09-30 14:02:10
nessus
nessus
TensorFlow < 2.11.1 Multiple Vulnerabilities
2024-05-20 00:00:00
TensorFlow < 2.12.0 Multiple Vulnerabilities
2024-05-31 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00