CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25663 – TensorFlow has Null Pointer Error in TensorArrayConcatV2
https://notcve.org/view.php?id=CVE-2023-25663
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `ctx->step_containter()` is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1. • https://github.com/tensorflow/tensorflow/commit/239139d2ae6a81ae9ba499ad78b56d9b2931538a https://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25664 – TensorFlow vulnerable to Heap Buffer Overflow in AvgPoolGrad
https://notcve.org/view.php?id=CVE-2023-25664
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1. • https://github.com/tensorflow/tensorflow/commit/ddaac2bdd099bec5d7923dea45276a7558217e5b https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-122: Heap-based Buffer Overflow •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25667 – TensorFlow vulnerable to segfault when opening multiframe gif
https://notcve.org/view.php?id=CVE-2023-25667
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 <= num_frames * height * width * channels < 2^32`, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/8dc723fcdd1a6127d6c970bd2ecb18b019a1a58d https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25666 – TensorFlow has Floating Point Exception in AudioSpectrogram
https://notcve.org/view.php?id=CVE-2023-25666
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/d0d4e779da0d0f56499c6fa5ba09f0a576cc6b14 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2 • CWE-697: Incorrect Comparison •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-25665 – TensorFlow has Null Pointer Error in SparseSparseMaximum
https://notcve.org/view.php?id=CVE-2023-25665
TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g • CWE-476: NULL Pointer Dereference •