Page 10 of 128 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1

TensorFlow is an open source platform for machine learning. When running on GPU, `tf.image.generate_bounding_box_proposals` receives a `scores` input that must be of rank 4 but is not checked. We have patched the issue in GitHub commit cf35502463a88ca7185a99daa7031df60b3c1c98. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/generate_box_proposals_op.cu.cc https://github.com/tensorflow/tensorflow/commit/cf35502463a88ca7185a99daa7031df60b3c1c98 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

TensorFlow is an open source platform for machine learning. When `RangeSize` receives values that do not fit into an `int64_t`, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ops/math_ops.cc https://github.com/tensorflow/tensorflow/commit/37e64539cd29fcfb814c4451152a60f5d107b0f0 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rh87-q4vg-m45j • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

TensorFlow is an open source platform for machine learning. When `mlir::tfg::ConvertGenericFunctionToFunctionDef` is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/ir/importexport/functiondef_import.cc https://github.com/tensorflow/tensorflow/commit/ad069af92392efee1418c48ff561fd3070a03d7b https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jvhc-5hhr-w3v5 • CWE-617: Reachable Assertion •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0

TensorFlow is an open source platform for machine learning. If `Conv2D` is given empty `input` and the `filter` and `padding` sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 611d80db29dd7b0cfb755772c69d60ae5bca05f9. The fix will be included in TensorFlow 2.10.0. • https://github.com/tensorflow/tensorflow/commit/611d80db29dd7b0cfb755772c69d60ae5bca05f9 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q5jv-m6qw-5g37 • CWE-369: Divide By Zero •

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1

TensorFlow is an open source platform for machine learning. When converting transposed convolutions using per-channel weight quantization the converter segfaults and crashes the Python process. We have patched the issue in GitHub commit aa0b852a4588cea4d36b74feb05d93055540b450. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/commit/aa0b852a4588cea4d36b74feb05d93055540b450 https://github.com/tensorflow/tensorflow/issues/53767 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-79h2-q768-fpxr • CWE-20: Improper Input Validation •