VYPR

Bitnami package

tensorflow

pkg:bitnami/tensorflow

Vulnerabilities (423)

  • CVE-2021-37657Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type `tf.raw_ops.MatrixDiagV*`. The [implementation](https://github.com/tensorflow/ten

  • CVE-2021-37658Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type `tf.raw_ops.MatrixSetDiagV*`. The [implementation](https://github.com/tensorflow/

  • CVE-2021-37644Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions providing a negative element to `num_elements` list argument of `tf.raw_ops.TensorListReserve` causes the runtime to abort the process due to reallocating a `std::vector` to have a negativ

  • CVE-2021-37654Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a `CHECK`-fail in debug builds of TensorFlow using `tf.raw_ops.ResourceGather` or a read from outside the bounds of heap allocated data in the same API

  • CVE-2021-37641Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions if the arguments to `tf.raw_ops.RaggedGather` don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The [implementation](https://g

  • CVE-2021-37635Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow

  • CVE-2021-37664Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](htt

  • CVE-2021-37659Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting (e.g., gradients of binary cwise operations)

  • CVE-2021-37655Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to `tf.raw_ops.ResourceScatterUpdate`. The [implementation](https://github.com/ten

  • CVE-2021-37637Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to `tf.raw_ops.CompressElement`. The [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69

  • CVE-2021-37649Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. The code for `tf.raw_ops.UncompressElement` can be made to trigger a null pointer dereference. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensor

  • CVE-2021-37647Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply arguments that determine a valid sparse tensor, `tf.raw_ops.SparseTensorSliceDataset` implementation can be made to dereference a null pointer. The [implementation](https://github.c

  • CVE-2021-37643Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to `tf.raw_ops.MatrixDiagPartOp`, then the code triggers a null pointer dereference (if input is empty) or produces invalid behavior, ignoring all values after

  • CVE-2021-37639Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. When restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer. Alternatively, attackers can read memory outside the bounds of heap allocat

  • CVE-2021-37638Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for `row_partition_types` of `tf.raw_ops.RaggedTensorToTensor` API results in a null pointer dereference and undefined behavior. The [implementation](https://github.com/tensorflow/tens

  • CVE-2021-37660Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The [implementation](https://github.com/tensorfl

  • CVE-2021-37653Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a floating point exception in `tf.raw_ops.ResourceGather`. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181

  • CVE-2021-37642Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.ResourceScatterDiv` is vulnerable to a division by 0 error. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e

  • CVE-2021-37640Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.SparseReshape` can be made to trigger an integral division by 0 exception. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf

  • CVE-2021-37636Aug 12, 2021
    affected >= 2.3.0, < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.SparseDenseCwiseDiv` is vulnerable to a division by 0 error. The [implementation](https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825f

Page 14 of 22