VYPR

PyPI package

tensorflow-cpu

pkg:pypi/tensorflow-cpu

Vulnerabilities (417)

  • CVE-2022-35997Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. If `tf.sparse.cross` receives an input `separator` that is not a scalar, it gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 83dcb4dbfa094e33db084e97

  • CVE-2022-35995Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `AudioSummaryV2` receives an input `sample_rate` with more than one element, it gives a `CHECK` fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bf6b45244992e2

  • CVE-2022-36016Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `tensorflow::full_type::SubstituteFromAttrs` receives a `FullTypeDef& t` that is not exactly three args, it triggers a `CHECK`-fail instead of returning a status. We have patched the issue in GitHub commit 6104f0d40

  • CVE-2022-36005Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `tf.quantization.fake_quant_with_min_max_vars_gradient` receives input `min` or `max` that is nonscalar, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commi

  • CVE-2022-36004Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `tf.random.gamma` receives large input shape and rates, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The f

  • CVE-2022-36003Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `RandomPoissonV2` receives large input shape and rates, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The f

  • CVE-2022-36002Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `Unbatch` receives a nonscalar input `id`, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 4419d10d576adefa36b0e0a9425d2569f7c0189f. The fix will be in

  • CVE-2022-36001Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `DrawBoundingBoxes` receives an input `boxes` that is not of dtype `float`, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit da0d65cdc1270038e72157ba35b

  • CVE-2022-36026Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. If `QuantizeAndDequantizeV3` is given a nonscalar `num_bits` input tensor, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit f3f9cb38ecfe5a8a7

  • CVE-2022-36018Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. If `RaggedTensorToVariant` is given a `rt_nested_splits` list that contains tensors of ranks other than one, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue

  • CVE-2022-36019Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. If `FakeQuantWithMinMaxVarsPerChannel` is given `min` or `max` tensors of a rank other than one, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub co

  • CVE-2022-35990Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient` receives input `min` or `max` of rank other than 1, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue

  • CVE-2022-35987Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. `DenseBincount` assumes its input tensor `weights` to either have the same shape as its input tensor `input` or to be length-0. A different `weights` shape will trigger a `CHECK` fail that can be used to trigger a denial

  • CVE-2022-35985Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. If `LRNGrad` is given an `output_image` input tensor that is not 4-D, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd

  • CVE-2022-35984Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. `ParameterizedTruncatedNormal` assumes `shape` is of type `int32`. A valid `shape` of type `int64` results in a mismatched type `CHECK` fail that can be used to trigger a denial of service attack. We have patched the iss

  • CVE-2022-35983Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. If `Save` or `SaveSlices` is run over tensors of an unsupported `dtype`, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 5dd7b86b84a864b834c

  • CVE-2022-35989Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `MaxPool` receives a window size input array `ksize` with dimensions greater than its input tensor `input`, the GPU kernel gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched

  • CVE-2022-35988Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. When `tf.linalg.matrix_rank` receives an empty input `a`, the GPU kernel gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c55b476aa0e0bd4ee99d0f3ad18

  • CVE-2022-35982Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. If `SparseBincount` is given inputs for `indices`, `values`, and `dense_shape` that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack. We have patched the

  • CVE-2022-35981Sep 16, 2022
    affected < 2.7.2fixed 2.7.2

    TensorFlow is an open source platform for machine learning. `FractionalMaxPoolGrad` validates its inputs with `CHECK` failures instead of with returning errors. If it gets incorrectly sized inputs, the `CHECK` failure can be used to trigger a denial of service attack. We have pat

Page 4 of 21