Page 43 of 428 results (0.009 seconds)

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for the `QuantizeAndDequantizeV*` operations can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f • CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0

TensorFlow is an open source platform for machine learning. In affected versions the shape inference functions for `SparseCountSparseOutput` can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc • CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1

TensorFlow is an open source platform for machine learning. In affeced versions during execution, `EinsumHelper::ParseEquation()` is supposed to set the flags in `input_has_ellipsis` vector and `*output_has_ellipsis` boolean to indicate whether there is ellipsis in the corresponding inputs and output. However, the code only changes these flags to `true` and never assigns `false`. This results in unitialized variable access if callers assume that `EinsumHelper::ParseEquation()` always sets these flags. The fix will be included in TensorFlow 2.7.0. • https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm • CWE-824: Access of Uninitialized Pointer •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2

TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is called with non-scalar arguments code crashes due to a `CHECK`-fail. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range. TensorFlow es una plataforma de código abierto para el aprendizaje automático. • https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e https://github.com/tensorflow/tensorflow/issues/46909 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f • CWE-617: Reachable Assertion •

CVSS: 5.5EPSS: 0%CPEs: 3EXPL: 2

TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a large number of dimensions and each dimension can be as large as desired. However, the total number of elements in a tensor must fit within an `int64_t`. If an overflow occurs, `MultiplyWithoutOverflow` would return a negative result. In the majority of TensorFlow codebase this then results in a `CHECK`-failure. • https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85 https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15 https://github.com/tensorflow/tensorflow/issues/46890 https://github.com/tensorflow/tensorflow/issues/51908 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p • CWE-190: Integer Overflow or Wraparound •