| CVE-2021-29578 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.FractionalAvgPoolGrad` is vulnerable to a heap buffer overflow. The implementation(https://git… |
| CVE-2021-29577 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.com/… |
| CVE-2021-29576 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer overflow. The implementation(https://github.… |
| CVE-2021-29575 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.ReverseSequence` allows for stack overflow and/or `CHECK`-fail based denial of service. The im… |
| CVE-2021-29574 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPool3DGradGrad` exhibits undefined behavior by dereferencing null pointers backing attacker… |
| CVE-2021-29573 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` is vulnerable to a division by 0. The implementation(https://github.com… |
| CVE-2021-29572 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementa… |
| CVE-2021-29571 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… |
| CVE-2021-29570 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… |
| CVE-2021-29569 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of bounds of heap allocated data if attacker su… |
| CVE-2021-29568 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is beca… |
| CVE-2021-29567 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in `tf.raw_ops.SparseDenseCwiseMul`, an attacker can trigger denial of service via `CHECK`-fails or ac… |
| CVE-2021-29566 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to `tf.raw_ops.Dilation2DBackprop… |
| CVE-2021-29565 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.SparseFillEmptyRows`. This is because of… |
| CVE-2021-29564 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference in the implementation of `tf.raw_ops.EditDistance`. This is because the imple… |
| CVE-2021-29563 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. E… |
| CVE-2021-29562 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.IRFFT`. … |
| CVE-2021-29561 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from `tf.raw_ops.LoadAndRemapMatrix`. This is b… |
| CVE-2021-29560 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation(https://gi… |
| CVE-2021-29559 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can access data outside of bounds of heap allocated array in `tf.raw_ops.UnicodeEncode`. This is because the impleme… |
| CVE-2021-29558 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `tf.raw_ops.SparseSplit`. This is because the implementation(https://github.com/… |
| CVE-2021-29557 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.SparseMatMul`. The division by 0 occurs deep in… |
| CVE-2021-29556 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.Reverse`. This is because the implementation(ht… |
| CVE-2021-29555 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.FusedBatchNorm`. This is because the implementa… |
| CVE-2021-29554 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.DenseCountSparseOutput`. This is because the im… |
| CVE-2021-29553 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because th… |
| CVE-2021-29552 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by controlling the values of `num_segments` tensor argument for `UnsortedSegmentJoin`.… |
| CVE-2021-29551 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixTriangularSolve`(https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16… |
| CVE-2021-29550 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because … |
| CVE-2021-29549 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormaliz… |
| CVE-2021-29548 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormaliz… |
| CVE-2021-29547 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of service via accessing data outside of bounds in `tf.raw_ops.QuantizedBatchNormWit… |
| CVE-2021-29546 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the imp… |
| CVE-2021-29545 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse tensors to CSR Sparse matrices. This is beca… |
| CVE-2021-29544 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`. This is because the … |
| CVE-2021-29543 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementat… |
| CVE-2021-29542 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow by passing crafted inputs to `tf.raw_ops.StringNGrams`. This is because the impleme… |
| CVE-2021-29541 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null pointer in `tf.raw_ops.StringNGrams`. This is because the implementation(https:/… |
| CVE-2021-29540 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow to occur in `Conv2DBackpropFilter`. This is because the implementation(https://gith… |
| CVE-2021-29539 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.… |
| CVE-2021-29538 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a division by zero to occur in `Conv2DBackpropFilter`. This is because the implementation(https://github.c… |
| CVE-2021-29537 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedResizeBilinear` by passing in invalid thresholds for the quantization.… |
| CVE-2021-29536 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedReshape` by passing in invalid thresholds for the quantization. This i… |
| CVE-2021-29535 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow in `QuantizedMul` by passing in invalid thresholds for the quantization. This is be… |
| CVE-2021-29534 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.SparseConcat`. This is because the implementation(… |
| CVE-2021-29533 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK` failure by passing an empty image to `tf.raw_ops.DrawBoundingBoxes`. T… |
| CVE-2021-29532 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.Ra… |
| CVE-2021-29531 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a `CHECK` fail in PNG encoding by providing an empty input tensor as the pixel data. This is because the… |
| CVE-2021-29530 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereference by providing an invalid `permutation` to `tf.raw_ops.SparseMatrixSparseCholes… |
| CVE-2021-29529 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a heap buffer overflow in `tf.raw_ops.QuantizedResizeBilinear` by manipulating input values so that floa… |
| CVE-2021-29528 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedMul`. This is because the implementation(https://github.com/tens… |
| CVE-2021-29527 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedConv2D`. This is because the implementation(https://github.com/t… |
| CVE-2021-29526 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2D`. This is because the implementation(https://github.com/tensorflow… |
| CVE-2021-29525 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropInput`. This is because the implementation(https://github.c… |
| CVE-2021-29524 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropFilter`. This is because the implementation(https://github.… |
| CVE-2021-29523 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.AddManySparseToTensorsMap`. This is because the im… |
| CVE-2021-29522 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The `tf.raw_ops.Conv3DBackprop*` operations fail to validate that the input tensors are not empty. In turn, this would result in… |
| CVE-2021-29521 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a segmentation fault being thrown out from … |
| CVE-2021-29520 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to `tf.raw_ops.Conv3DBackprop*` operations can result in heap buffer overflows. This is bec… |
| CVE-2021-29519 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The API of `tf.raw_ops.SparseCross` allows combinations which would result in a `CHECK`-failure and denial of service. This is b… |
| CVE-2021-29518 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. In eager mode (default in TF 2.0 and later), session operations are invalid. However, users could still call the raw ops associa… |
| CVE-2021-29517 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in `Conv3D` implementation. The implementation(https://github.com/tensorflow/tens… |
| CVE-2021-29516 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTensorToVariant` with arguments specifying an invalid ragged tensor results in a null pointer derefere… |
| CVE-2021-29515 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixDiag*` operations(https://github.com/tensorflow/tensorflow/blob/4c4f420e68f1cfaf8f4b6e8e3eb857e9e4c… |
| CVE-2021-29514 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/… |
| CVE-2021-29513 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer derefe… |
| CVE-2021-29512 |
critical |
— |
9.5 |
|
|
|
5y ago |
TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does not specify a valid `SparseTensor`(https://www.tensorflow.org/api_docs/python/… |
| CVE-2020-26271 |
critical |
— |
9.5 |
|
|
|
6y ago |
In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge … |
| CVE-2020-26270 |
critical |
— |
9.5 |
|
|
|
6y ago |
In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a q… |
| CVE-2020-26268 |
critical |
— |
9.5 |
|
|
|
6y ago |
In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor i… |
| CVE-2020-26267 |
critical |
— |
9.5 |
|
|
|
6y ago |
In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation o… |
| CVE-2020-26266 |
critical |
— |
9.5 |
|
|
|
6y ago |
In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default … |
| CVE-2021-41208 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of ser… |
| CVE-2021-41195 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the implementation of `tf.math.segment_*` operations results in a `CHECK`-fail related abort (and denial of service) i… |
| CVE-2021-41196 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is du… |
| CVE-2021-41197 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, … |
| CVE-2021-41198 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions if `tf.tile` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-failure cau… |
| CVE-2021-41199 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions if `tf.image.resize` is called with a large input argument then the TensorFlow process will crash due to a `CHECK`-fai… |
| CVE-2021-41200 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix wil… |
| CVE-2021-41201 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*out… |
| CVE-2021-41202 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the `tf.range` kernel, there is a conditional statement of type `int64… |
| CVE-2021-41203 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions an attacker can trigger undefined behavior, integer overflows, segfaults and `CHECK`-fail crashes if they can change s… |
| CVE-2021-41204 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This resu… |
| CVE-2021-41205 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of hea… |
| CVE-2021-41206 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depe… |
| CVE-2021-41207 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be i… |
| CVE-2021-41209 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix… |
| CVE-2021-41210 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for `SparseCountSparseOutput` can trigger a read outside of bounds of heap allocated arr… |
| CVE-2021-41211 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `QuantizeV2` can trigger a read outside of bounds of heap allocated array. This occurs wh… |
| CVE-2021-41212 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix w… |
| CVE-2021-41213 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutual… |
| CVE-2021-41214 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` has an undefined behavior due to binding a reference to `nullptr`. The … |
| CVE-2021-41215 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `DeserializeSparse` can trigger a null pointer dereference. This is because the shape inf… |
| CVE-2021-41216 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` cont… |
| CVE-2021-41217 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when n… |
| CVE-2021-41218 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `AllToAll` can be made to execute a division by 0. This occurs whenever the `split_count`… |
| CVE-2021-41219 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to `nullptr`. Th… |
| CVE-2021-41220 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the async implementation of `CollectiveReduceV2` suffers from a memory leak and a use after free. This occurs due to t… |
| CVE-2021-41221 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for the `Cudnn*` operations in TensorFlow can be tricked into accessing invalid memory, via a… |
| CVE-2021-41222 |
high |
— |
8.0 |
|
|
|
5y ago |
TensorFlow is an open source platform for machine learning. In affected versions the implementation of `SplitV` can trigger a segfault is an attacker supplies negative arguments. This occurs whenever… |
