CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-25665 – TensorFlow has Null Pointer Error in SparseSparseMaximum
https://notcve.org/view.php?id=CVE-2023-25665
24 Mar 2023 — TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/5e0ecfb42f5f65629fd7a4edd6c4afe7ff0feb04 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2023-25668 – TensorFlow vulnerable to heap out-of-buffer read in the QuantizeAndDequantize operation
https://notcve.org/view.php?id=CVE-2023-25668
24 Mar 2023 — TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/7b174a0f2e40ff3f3aa957aecddfd5aaae35eccb • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25669 – TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
https://notcve.org/view.php?id=CVE-2023-25669
24 Mar 2023 — TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/1295ae4dbb52fe06b19733b0257e2340d7b63b8d • CWE-697: Incorrect Comparison •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25670 – TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize
https://notcve.org/view.php?id=CVE-2023-25670
24 Mar 2023 — TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/8a47a39d9697969206d23a523c977238717e8727 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25671 – TensorFlow has segmentation fault in tfg-translate
https://notcve.org/view.php?id=CVE-2023-25671
24 Mar 2023 — TensorFlow is an open source platform for machine learning. There is out-of-bounds access due to mismatched integer type sizes. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/2eedc8f676d2c3b8be9492e547b2bc814c10b367 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25672 – TensorFlow has Null Pointer Error in LookupTableImportV2
https://notcve.org/view.php?id=CVE-2023-25672
24 Mar 2023 — TensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/980b22536abcbbe1b4a5642fc940af33d8c19b69 • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25673 – TensorFlow has Floating Point Exception in TensorListSplit with XLA
https://notcve.org/view.php?id=CVE-2023-25673
24 Mar 2023 — TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. • https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa • CWE-697: Incorrect Comparison •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25674 – TensorFlow has Null Pointer Error in RandomShuffle with XLA enable
https://notcve.org/view.php?id=CVE-2023-25674
24 Mar 2023 — TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1. • https://github.com/tensorflow/tensorflow/commit/728113a3be690facad6ce436660a0bc1858017fa • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25675 – TensorFlow has Segfault in Bincount with XLA
https://notcve.org/view.php?id=CVE-2023-25675
24 Mar 2023 — TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1. • https://github.com/tensorflow/tensorflow/commit/8ae76cf085f4be26295d2ecf2081e759e04b8acf • CWE-697: Incorrect Comparison •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-25676 – TensorFlow has null dereference on ParallelConcat with XLA
https://notcve.org/view.php?id=CVE-2023-25676
24 Mar 2023 — TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1. • https://github.com/tensorflow/tensorflow/commit/da66bc6d5ff466aee084f9e7397980a24890cd15 • CWE-476: NULL Pointer Dereference •