Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
google tensorflow 2.7.0 vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2021-41207
TensorFlow is an open source platform for machine learning. In affected versions the implementation of `ParallelConcat` misses some input validation and can produce a division by 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2....
Google Tensorflow
Google Tensorflow 2.7.0
187
VMScore
CVE-2021-41209
TensorFlow is an open source platform for machine learning. In affected versions the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on Ten...
Google Tensorflow
Google Tensorflow 2.7.0
409
VMScore
CVE-2021-41220
TensorFlow is an open source platform for machine learning. In affected versions the async implementation of `CollectiveReduceV2` suffers from a memory leak and a use after free. This occurs due to the asynchronous computation and the fact that objects that have been `std::move()...
Google Tensorflow
Google Tensorflow 2.7.0
187
VMScore
CVE-2021-41227
TensorFlow is an open source platform for machine learning. In affected versions the `ImmutableConst` operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the `tstring` TensorFlow string class has a special case for memory mapped strings ...
Google Tensorflow
Google Tensorflow 2.7.0
409
VMScore
CVE-2021-41228
TensorFlow is an open source platform for machine learning. In affected versions TensorFlow's `saved_model_cli` tool is vulnerable to a code injection as it calls `eval` on user supplied strings. This can be used by malicious users to run arbitrary code on the plaform where ...
Google Tensorflow
Google Tensorflow 2.7.0
187
VMScore
CVE-2021-41202
TensorFlow is an open source platform for machine learning. In affected versions while calculating the size of the output within the `tf.range` kernel, there is a conditional statement of type `int64 = condition ? int64 : double`. Due to C++ implicit conversion rules, both branch...
Google Tensorflow
Google Tensorflow 2.7.0
409
VMScore
CVE-2021-41206
TensorFlow is an open source platform for machine learning. In affected versions several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or `CHECK`-f...
Google Tensorflow
Google Tensorflow 2.7.0
490
VMScore
CVE-2022-21730
Tensorflow is an Open Source Machine Learning Framework. The implementation of `FractionalAvgPoolGrad` does not consider cases where the input tensors are invalid allowing an malicious user to read from outside of bounds of heap. The fix will be included in TensorFlow 2.8.0. We w...
Google Tensorflow
Google Tensorflow 2.7.0
446
VMScore
CVE-2022-21741
Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a divi...
Google Tensorflow
Google Tensorflow 2.7.0
357
VMScore
CVE-2022-23557
Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_size` is non zero. The fix will be included in TensorFlow 2.8.0. We will also che...
Google Tensorflow
Google Tensorflow 2.7.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »