CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41908 – `CHECK` fail via inputs in `PyFunc` in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41908
TensorFlow is an open source platform for machine learning. An input `token` that is not a UTF-8 bytestring will trigger a `CHECK` fail in `tf.raw_ops.PyFunc`. We have patched the issue in GitHub commit 9f03a9d3bafe902c1e6beb105b2f24172f238645. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/python/lib/core/py_func.cc https://github.com/tensorflow/tensorflow/commit/9f03a9d3bafe902c1e6beb105b2f24172f238645 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41907 – Overflow in `ResizeNearestNeighborGrad` in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41907
TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ResizeNearestNeighborGrad` is given a large `size` input, it overflows. We have patched the issue in GitHub commit 00c821af032ba9e5f5fa3fe14690c8d28a657624. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/resize_nearest_neighbor_op.cc https://github.com/tensorflow/tensorflow/commit/00c821af032ba9e5f5fa3fe14690c8d28a657624 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41886 – Overflow in `ImageProjectiveTransformV2` in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41886
TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ImageProjectiveTransformV2` is given a large output shape, it overflows. We have patched the issue in GitHub commit 8faa6ea692985dbe6ce10e1a3168e0bd60a723ba. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/image/image_ops.cc https://github.com/tensorflow/tensorflow/commit/8faa6ea692985dbe6ce10e1a3168e0bd60a723ba https://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx • CWE-131: Incorrect Calculation of Buffer Size •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41890 – `CHECK` fail in `BCast` overflow in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41890
TensorFlow is an open source platform for machine learning. If `BCast::ToShape` is given input larger than an `int32`, it will crash, despite being supposed to handle up to an `int64`. An example can be seen in `tf.experimental.numpy.outer` by passing in large input to the input `b`. We have patched the issue in GitHub commit 8310bf8dd188ff780e7fc53245058215a05bdbe5. The fix will be included in TensorFlow 2.11. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/util/bcast.h https://github.com/tensorflow/tensorflow/commit/8310bf8dd188ff780e7fc53245058215a05bdbe5 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475 • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2022-41897 – `FractionalMaxPoolGrad` Heap out of bounds read in Tensorflow
https://notcve.org/view.php?id=CVE-2022-41897
TensorFlow is an open source platform for machine learning. If `FractionMaxPoolGrad` is given outsize inputs `row_pooling_sequence` and `col_pooling_sequence`, TensorFlow will crash. We have patched the issue in GitHub commit d71090c3e5ca325bdf4b02eb236cfb3ee823e927. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. • https://github.com/tensorflow/tensorflow/blob/master/tensorflow/core/kernels/fractional_max_pool_op.cc https://github.com/tensorflow/tensorflow/commit/d71090c3e5ca325bdf4b02eb236cfb3ee823e927 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j • CWE-125: Out-of-bounds Read •