VYPR

PyPI package

tensorflow-gpu

pkg:pypi/tensorflow-gpu

Vulnerabilities (421)

  • CVE-2021-37666Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToVariant`. The [implementation](https://github.com/tensorflow/tensorflow/blob/4

  • CVE-2021-37667Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.UnicodeEncode`. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de

  • CVE-2021-37648Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the code for `tf.raw_ops.SaveV2` does not properly validate the inputs and an attacker can trigger a null pointer dereference. The [implementation](https://github.com/tensorflow/tensorflow

  • CVE-2021-37652Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.BoostedTreesCreateEnsemble` can result in a use after free error if an attacker supplies specially crafted arguments. The [implementation](https://github

  • CVE-2021-37646Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.StringNGrams` is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based o

  • CVE-2021-37661Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in `boosted_trees_create_quantile_stream_resource` by using negative arguments. The [implementation](https://github.com/tensorflow/tensorflow/blob

  • CVE-2021-37645Aug 12, 2021
    affected < 2.4.3fixed 2.4.3

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating

  • CVE-2021-37651Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.FractionalAvgPoolGrad` can be tricked into accessing data outside of bounds of heap allocated buffers. The [implementation](https://github.com/tensorflow

  • CVE-2021-37650Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.ExperimentalDatasetToTFRecord` and `tf.raw_ops.DatasetToTFRecord` can trigger heap buffer overflow and segmentation fault. The [implementation](https://g

  • CVE-2021-37662Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via a reference binding to nullptr in `BoostedTreesCalculateBestGainsPerFeature` and similar attack can occur in `BoostedTreesCalculateBestFeatu

  • CVE-2021-37656Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in `tf.raw_ops.RaggedTensorToSparse`. The [implementation](https://github.com/tensorflow/tensorflow/blob/f2

  • CVE-2021-37657Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type `tf.raw_ops.MatrixDiagV*`. The [implementation](https://github.com/tensorflow/ten

  • CVE-2021-37658Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type `tf.raw_ops.MatrixSetDiagV*`. The [implementation](https://github.com/tensorflow/

  • CVE-2021-37644Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions providing a negative element to `num_elements` list argument of `tf.raw_ops.TensorListReserve` causes the runtime to abort the process due to reallocating a `std::vector` to have a negativ

  • CVE-2021-37654Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a `CHECK`-fail in debug builds of TensorFlow using `tf.raw_ops.ResourceGather` or a read from outside the bounds of heap allocated data in the same API

  • CVE-2021-37641Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions if the arguments to `tf.raw_ops.RaggedGather` don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The [implementation](https://g

  • CVE-2021-37635Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow

  • CVE-2021-37664Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](htt

  • CVE-2021-37659Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting (e.g., gradients of binary cwise operations)

  • CVE-2021-37655Aug 12, 2021
    affected < 2.3.4fixed 2.3.4

    TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to `tf.raw_ops.ResourceScatterUpdate`. The [implementation](https://github.com/ten

Page 13 of 22