Version 2.12.0

tensorflow-gpu

Removed: please install "tensorflow" instead.

Install Instructions

pip install tensorflow-gpu
Current Version Release Date January 24, 2023
Language Python

Find tensorflow-gpu vulnerabilities in your supply chain.

Scan for Free

tensorflow-gpu Vulnerabilities

Sort by
icon CVE (Latest)
  • icon CVE (Latest)
  • icon CVE (Oldest)
  • icon CVSS Score (Highest)
  • icon CVSS Score (Lowest)
CVE question mark icon CVSS Score question mark icon CWE(s) question mark icon EPSS Score question mark icon EPSS % question mark icon Impacted Versions
CVE-2018-10055 High 8.1 CWE-119 0.00127 0.48308
  • 1.1.0–1.7.0
CVE-2018-21233 Medium 6.5 CWE-125 0.00085 0.38443
  • 1.0.0–1.6.0
  • 0.12.0–0.12.1
CVE-2018-7575 High 9.8 CWE-190 0.00134 0.49681
  • 1.0.0–1.7.0
CVE-2018-7576 Medium 6.5 CWE-476 0.00073 0.34337
  • 1.0.0–1.6.0
  • 0.12.0–0.12.1
CVE-2018-7577 High 8.1 CWE-20 0.00113 0.45872
  • 1.1.0–1.7.0
CVE-2019-16778 Low 2.6 CWE-681, CWE-122 0.00278 0.68194
  • 1.0.0–1.14.0
CVE-2019-9635 Medium 6.5 CWE-476 0.00081 0.37007
  • 1.0.0–1.12.0
  • 0.12.0–0.12.1
CVE-2020-15190 Medium 5.3 CWE-476, CWE-20 0.00168 0.54561
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15191 Medium 5.3 CWE-252, CWE-476, CWE-20 0.00168 0.54561
  • 2.0.0–2.3.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15192 Medium 4.3 CWE-20 0.00152 0.52404
  • 2.0.0–2.3.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15193 High 7.1 CWE-908 0.00171 0.54844
  • 2.0.0–2.3.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15194 Medium 5.3 CWE-617, CWE-20 0.00141 0.50763
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15195 High 8.5 CWE-122, CWE-787, CWE-119 0.0011 0.45416
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15196 High 8.5 CWE-125, CWE-122, CWE-119 0.00518 0.76837
  • 2.0.0–2.3.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15197 Medium 6.3 CWE-617, CWE-20 0.00135 0.49789
  • 2.0.0–2.3.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15199 Medium 5.9 CWE-20 0.00258 0.65039
  • 2.0.0–2.3.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15200 Medium 5.9 CWE-122, CWE-787, CWE-20 0.00349 0.71793
  • 2.0.0–2.3.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15201 Medium 4.8 CWE-122, CWE-787, CWE-20 0.00177 0.55477
  • 2.0.0–2.3.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15202 High 9 CWE-754, CWE-197 0.00128 0.48598
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15203 High 7.5 CWE-134, CWE-20 0.00187 0.56676
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15204 Medium 5.3 CWE-476 0.0015 0.51961
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15205 High 9 CWE-122, CWE-787, CWE-119 0.00203 0.5833
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15206 High 9 CWE-20 0.00196 0.57688
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15207 High 8.7 CWE-787, CWE-119 0.00487 0.76016
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15208 High 7.4 CWE-125, CWE-787 0.00209 0.58985
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15209 Medium 5.9 CWE-476 0.00163 0.53794
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15210 Medium 6.5 CWE-787, CWE-20 0.00205 0.58522
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15211 Medium 4.8 CWE-125, CWE-787 0.00258 0.65027
  • 2.0.0–2.3.0
  • 1.0.0–1.15.3
  • 0.12.0–0.12.1
CVE-2020-15265 Medium 5.9 CWE-125 0.0023 0.61131
  • 2.0.0–2.3.4
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-15266 Low 3.7 CWE-119 0.00205 0.58588
  • 2.0.0–2.3.4
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2020-26266 Medium 4.4 CWE-908 0.0009 0.40171
  • 2.0.0–2.3.1
  • 1.0.0–1.15.4
  • 0.12.0–0.12.1
CVE-2020-26267 Medium 4.4 CWE-125 0.00042 0.05056
  • 2.0.0–2.3.1
  • 1.0.0–1.15.4
  • 0.12.0–0.12.1
CVE-2020-26268 Medium 4.4 CWE-471 0.00044 0.15045
  • 2.0.0–2.3.1
  • 1.0.0–1.15.4
  • 0.12.0–0.12.1
CVE-2020-26270 Medium 4.4 CWE-20 0.00044 0.14858
  • 2.0.0–2.3.1
  • 1.0.0–1.15.4
  • 0.12.0–0.12.1
CVE-2020-26271 Medium 4.4 CWE-125, CWE-908 0.00044 0.15045
  • 2.0.0–2.3.1
  • 1.0.0–1.15.4
  • 0.12.0–0.12.1
CVE-2020-5215 Medium 5 CWE-754, CWE-20 0.0069 0.80166
  • 2.0.0
  • 1.0.0–1.15.0
  • 0.12.0–0.12.1
CVE-2021-29513 Low 2.5 CWE-843, CWE-476 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29515 Low 2.5 CWE-476 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29516 Low 2.5 CWE-476 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29517 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29518 Low 2.5 CWE-476 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29519 Low 2.5 CWE-843 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29520 Low 2.5 CWE-120, CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29522 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29523 Low 2.5 CWE-190 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29524 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29525 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29526 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29527 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29528 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29529 Low 2.5 CWE-131, CWE-193 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29530 Low 2.5 CWE-476 0.00085 0.38519
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29531 Low 2.5 CWE-754 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29532 Low 2.5 CWE-125 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29533 Low 2.5 CWE-754 0.0009 0.40171
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29534 Low 2.5 CWE-754 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29535 Low 2.5 CWE-131, CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29536 Low 2.5 CWE-131, CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29537 Low 2.5 CWE-131, CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29538 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29539 Low 2.5 CWE-681 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29540 Low 2.5 CWE-120, CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29541 Low 2.5 CWE-476 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29542 Low 2.5 CWE-131, CWE-787 0.0006 0.27726
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29543 Low 2.5 CWE-617 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29545 Low 2.5 CWE-131 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29546 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29547 Low 2.5 CWE-125 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29548 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29549 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29550 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29551 Low 2.5 CWE-125 0.0009 0.40171
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29552 Low 2.5 CWE-617 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29553 Low 2.5 CWE-125 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29555 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29556 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29557 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29558 Low 2.5 CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29559 Low 2.5 CWE-125 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29560 Low 2.5 CWE-125, CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29561 Low 2.5 CWE-617 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29562 Low 2.5 CWE-617 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29563 Low 2.5 CWE-617 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29564 Low 2.5 CWE-476 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29565 Low 2.5 CWE-476 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29566 Low 2.5 CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29567 Low 2.5 CWE-617 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29568 Low 2.5 CWE-824, CWE-476 0.00051 0.22788
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29569 Low 2.5 CWE-125 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29570 Low 2.5 CWE-125 0.00044 0.14858
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29571 Medium 4.5 CWE-787 0.00085 0.38519
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29572 Low 2.5 CWE-476 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29573 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29574 Low 2.5 CWE-476 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29575 Low 2.5 CWE-787, CWE-119 0.0006 0.27726
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29576 Low 2.5 CWE-787, CWE-119 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29577 Low 2.5 CWE-787, CWE-119 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29578 Low 2.5 CWE-787, CWE-119 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29579 Low 2.5 CWE-787, CWE-119 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29580 Low 2.5 CWE-908 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29581 Low 2.5 CWE-908 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29582 Low 2.5 CWE-125 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29583 Low 2.5 CWE-125, CWE-476 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29584 Low 2.5 CWE-190 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29585 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29586 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29587 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29588 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29589 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29590 Low 2.5 CWE-125 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29591 High 7.3 CWE-835, CWE-674 0.00081 0.37003
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29592 Medium 4.4 CWE-476 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29593 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29594 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29595 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29596 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29597 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29598 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29599 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29600 Low 2.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29601 Medium 6.3 CWE-190 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29602 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29603 Low 2.5 CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29604 Low 2.5 CWE-369 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29605 High 7.1 CWE-190 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29606 High 7.1 CWE-125 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29607 Medium 5.3 CWE-754 0.00081 0.37003
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29608 Medium 5.3 CWE-131 0.00081 0.37003
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29609 Medium 5.3 CWE-665, CWE-787, CWE-476 0.00081 0.37003
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29610 Low 3.6 CWE-665, CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29612 Low 3.6 CWE-120, CWE-787 0.00099 0.42553
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29613 Medium 6.3 CWE-665, CWE-125 0.00081 0.37003
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29614 High 7.1 CWE-665, CWE-787 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29615 Low 2.5 CWE-674 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29616 Low 2.5 CWE-476 0.00042 0.05056
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29617 Low 2.5 CWE-755 0.00093 0.41317
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29618 Low 2.5 CWE-755 0.00093 0.41317
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-29619 Low 2.5 CWE-755 0.00044 0.15045
  • 2.0.0–2.4.1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37635 High 7.3 CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37636 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37637 High 7.7 CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37638 High 7.7 CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37639 High 8.4 CWE-125, CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37640 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37641 High 7.3 CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37642 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37643 High 7.7 CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37644 Medium 5.5 CWE-617 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37645 Medium 5.5 CWE-681 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37646 Medium 5.5 CWE-681 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37647 High 7.7 CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37648 High 7.8 CWE-476 0.00089 0.39932
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37649 High 7.7 CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37650 High 7.8 CWE-120, CWE-787 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37651 High 7.1 CWE-125, CWE-787 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37652 High 7.8 CWE-415, CWE-416 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37653 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37654 High 7.3 CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37655 High 7.3 CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37656 High 7.1 CWE-824 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37657 High 7.1 CWE-824 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37658 High 7.1 CWE-824 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37659 High 7.3 CWE-125, CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37660 Medium 5.5 CWE-369 0.00042 0.05056
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37661 Medium 5.5 CWE-681 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37662 High 7.1 CWE-824 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37663 High 7.8 CWE-20 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37664 High 7.3 CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37665 High 7.8 CWE-20 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37666 High 7.8 CWE-824 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37667 High 7.8 CWE-824 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37668 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37669 Medium 5.5 CWE-681 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37670 Medium 5.5 CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37671 High 7.8 CWE-824 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37672 Medium 5.5 CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37673 Medium 5.5 CWE-20 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37674 Medium 5.5 CWE-1284, CWE-20 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37675 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37676 High 7.8 CWE-824 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37677 Medium 5.5 CWE-1284, CWE-20 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37678 High 9.3 CWE-502 0.00089 0.39932
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37679 High 7.1 CWE-681, CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37682 Medium 4.4 CWE-908 0.00042 0.05056
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37684 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37685 Medium 5.5 CWE-125 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37686 Medium 5.5 CWE-835 0.00085 0.38519
  • 2.0.0–2.5.3
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37688 High 7.8 CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37689 High 7.8 CWE-476 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37690 Medium 6.6 CWE-416 0.00042 0.05056
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-37691 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.5.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41195 Medium 5.5 CWE-190 0.00093 0.41317
  • 2.0.0–2.6.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41196 Medium 5.5 CWE-191 0.00093 0.41241
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41197 Medium 5.5 CWE-190 0.00108 0.44917
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41198 Medium 5.5 CWE-190 0.00093 0.41241
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41199 Medium 5.5 CWE-190 0.00093 0.41241
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41200 Medium 5.5 CWE-617 0.00093 0.41241
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41201 High 7.8 CWE-824 0.00085 0.38519
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41202 Medium 5.5 CWE-681 0.00045 0.1627
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41203 High 7.8 CWE-190, CWE-345 0.00045 0.1627
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41204 Medium 5.5 CWE-824 0.00044 0.14858
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41205 High 7.1 CWE-125 0.00044 0.14858
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41206 High 7 CWE-354 0.00045 0.1627
  • 2.0.0–2.6.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41207 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41208 High 8.8 CWE-824, CWE-476 0.00044 0.14858
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41209 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41210 High 7.1 CWE-125 0.00044 0.14858
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41212 High 7.1 CWE-125 0.00042 0.05056
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41213 Medium 5.5 CWE-667, CWE-662 0.00056 0.26012
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41214 High 7.8 CWE-824 0.00042 0.05056
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41215 Medium 5.5 CWE-476 0.00044 0.15045
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41216 Medium 5.5 CWE-120, CWE-787 0.00044 0.14858
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41217 Medium 5.5 CWE-476 0.00044 0.15045
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41218 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41219 High 7.8 CWE-125, CWE-824 0.00042 0.05056
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41221 High 7.8 CWE-120, CWE-787 0.00042 0.05056
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41222 Medium 5.5 CWE-682 0.00044 0.15045
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41223 High 7.1 CWE-125 0.00042 0.05056
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41224 High 7.1 CWE-125 0.00042 0.05056
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41225 Medium 5.5 CWE-908 0.00042 0.05056
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41226 High 7.1 CWE-125 0.00042 0.05056
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41227 Medium 6.6 CWE-125 0.00058 0.26856
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2021-41228 High 7.5 CWE-78, CWE-94 0.00083 0.37567
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21725 Medium 6.5 CWE-369 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21726 High 8.1 CWE-125 0.00411 0.73888
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21727 High 7.6 CWE-190 0.00289 0.68905
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21728 High 8.1 CWE-125 0.00276 0.68124
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21729 Medium 6.5 CWE-190 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21730 High 8.1 CWE-125 0.00289 0.68905
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21731 Medium 6.5 CWE-843 0.00181 0.55994
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21732 Medium 4.3 CWE-770 0.0017 0.54737
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21733 Medium 4.3 CWE-190 0.0012 0.47254
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21734 Medium 6.5 CWE-843 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21735 Medium 6.5 CWE-369 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21736 High 7.6 CWE-476 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21737 Medium 6.5 CWE-754 0.0012 0.47254
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21738 Medium 6.5 CWE-190 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21739 Medium 6.5 CWE-476 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21740 High 7.6 CWE-787 0.00224 0.6068
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-21741 Medium 6.5 CWE-369 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23557 Medium 6.5 CWE-369 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23558 High 7.6 CWE-190 0.00381 0.72951
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23559 High 8.8 CWE-190 0.00507 0.76552
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23560 High 8.8 CWE-125, CWE-787 0.00289 0.68905
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23561 High 8.8 CWE-787 0.00104 0.44065
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23562 High 7.6 CWE-190 0.002 0.58107
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23563 High 7.1 CWE-668, CWE-367 0.00042 0.05056
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23564 Medium 6.5 CWE-617 0.00076 0.35622
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23565 Medium 6.5 CWE-617 0.00076 0.35622
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23566 High 8.8 CWE-787 0.00311 0.69971
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23567 Medium 6.5 CWE-190 0.00258 0.65062
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23568 Medium 6.5 CWE-190 0.00172 0.5498
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23569 Medium 6.5 CWE-617 0.00076 0.35622
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23570 Medium 6.5 CWE-617, CWE-476 0.00196 0.57727
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23571 Medium 6.5 CWE-617 0.00076 0.35622
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23572 Medium 6.5 CWE-754, CWE-617 0.00196 0.57727
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23573 High 7.6 CWE-908 0.00289 0.68905
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23574 High 8.8 CWE-125, CWE-787 0.00289 0.68905
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23575 Medium 6.5 CWE-190 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23576 Medium 6.5 CWE-190 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23577 Medium 6.5 CWE-476 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23578 Medium 4.3 CWE-401 0.00107 0.44878
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23579 Medium 6.5 CWE-617 0.0012 0.47254
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23580 Medium 6.5 CWE-400, CWE-1284 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23581 Medium 6.5 CWE-617 0.00191 0.5709
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23582 Medium 6.5 CWE-617 0.0012 0.47254
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23583 Medium 6.5 CWE-617, CWE-843 0.0012 0.47254
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23584 High 7.6 CWE-416 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23585 Medium 4.3 CWE-401 0.00305 0.69694
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23586 Medium 6.5 CWE-617 0.00172 0.5498
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23587 High 8.8 CWE-190 0.00367 0.72464
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23588 Medium 6.5 CWE-617 0.00181 0.55994
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23589 Medium 6.5 CWE-476 0.00398 0.73518
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23590 Medium 5.9 CWE-754 0.00167 0.54342
  • 2.0.0–2.7.0rc1
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23591 High 7.5 CWE-400, CWE-674 0.00088 0.39561
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-23595 Medium 5.3 CWE-476 0.00149 0.51831
  • 2.0.0–2.7.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29191 Medium 5.5 CWE-20 0.00108 0.44917
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29192 Medium 5.5 CWE-20 0.00108 0.44917
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29193 Medium 5.5 CWE-20 0.00098 0.42365
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29194 Medium 5.5 CWE-20 0.00108 0.44917
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29195 Medium 5.5 CWE-20 0.00093 0.41317
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29196 Medium 5.5 CWE-1284, CWE-20 0.00098 0.42365
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29197 Medium 5.5 CWE-20 0.00093 0.41317
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29198 Medium 5.5 CWE-20 0.00093 0.41317
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29199 Medium 5.5 CWE-20 0.00093 0.41317
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29200 Medium 5.5 CWE-1284, CWE-20 0.00098 0.42365
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29201 Medium 5.5 CWE-476, CWE-20 0.00098 0.42365
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29202 Medium 5.5 CWE-400, CWE-1284, CWE-20 0.00098 0.42365
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29203 Medium 5.5 CWE-190 0.00098 0.42365
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29204 Medium 5.5 CWE-191, CWE-20 0.00093 0.41317
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29205 Medium 5.5 CWE-908, CWE-476 0.00098 0.42365
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29206 Medium 5.5 CWE-476, CWE-20 0.00099 0.42497
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29207 Medium 5.5 CWE-475, CWE-20 0.00098 0.42365
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29208 High 7.1 CWE-787 0.00093 0.41317
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29209 Medium 5.5 CWE-843 0.00108 0.44917
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29211 Medium 5.5 CWE-20 0.00108 0.44917
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29212 Medium 5.5 CWE-20 0.00108 0.44917
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29213 Medium 5.5 CWE-617, CWE-20 0.00102 0.4337
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-29216 High 7.8 CWE-94 0.00095 0.41838
  • 2.0.0–2.8.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35934 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35935 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35937 High 7 CWE-125 0.0014 0.50593
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35939 High 7 CWE-787 0.00143 0.5101
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35940 Medium 5.9 CWE-190 0.00094 0.41633
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35941 Medium 5.9 CWE-617 0.00094 0.41633
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35952 Medium 5.9 CWE-617 0.00094 0.41633
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35959 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35960 Medium 5.9 CWE-617 0.00094 0.41633
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35963 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35964 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35965 Medium 5.9 CWE-476 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35966 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35967 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35968 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35969 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35970 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35971 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35972 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35973 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35974 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35979 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35981 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35982 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35983 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35984 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35985 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35987 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35988 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35989 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35990 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35991 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35992 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35993 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35994 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35995 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35996 Medium 5.9 CWE-369 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35997 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-35999 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36000 Medium 5.9 CWE-476 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36001 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36002 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36003 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36004 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36005 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36011 Medium 5.9 CWE-476 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36012 Medium 5.9 CWE-617 0.00094 0.41633
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36013 Medium 5.9 CWE-476 0.00094 0.41633
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36014 Medium 5.9 CWE-476 0.00107 0.44767
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36015 Medium 5.9 CWE-190 0.00094 0.41633
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36016 Medium 5.9 CWE-617 0.00094 0.41633
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36017 Medium 5.9 CWE-20 0.00075 0.35199
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36018 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36019 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36026 Medium 5.9 CWE-617 0.00082 0.37443
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-36027 Medium 5.9 CWE-20 0.00113 0.45959
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41880 Medium 6.8 CWE-125 0.00237 0.61709
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41884 Medium 4.8 CWE-670 0.00069 0.32778
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41885 Medium 4.8 CWE-131 0.00111 0.45525
  • 2.0.0–2.9.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41886 Medium 4.8 CWE-131 0.00111 0.45525
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41887 Medium 4.8 CWE-131 0.00166 0.54143
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41888 Medium 4.8 CWE-20 0.00088 0.39432
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41889 Medium 5.5 CWE-476 0.00111 0.45525
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41890 Medium 4.8 CWE-704 0.00111 0.45525
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41891 Medium 4.8 CWE-20 0.00085 0.38287
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41893 Medium 4.8 CWE-617 0.00107 0.44834
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41895 Medium 4.8 CWE-125 0.00111 0.45525
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41896 Medium 4.8 CWE-1284, CWE-20 0.00088 0.39432
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41897 Medium 4.8 CWE-125 0.00111 0.45525
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41898 Medium 4.8 CWE-20 0.00088 0.39432
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41899 Medium 4.8 CWE-617, CWE-20 0.00088 0.39432
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41900 High 7.1 CWE-125, CWE-787 0.0012 0.47231
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41901 Medium 4.8 CWE-617, CWE-20 0.00088 0.39432
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41902 High 7.1 CWE-125, CWE-787 0.0014 0.50593
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41907 Medium 4.8 CWE-131 0.00111 0.45525
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41908 Medium 4.8 CWE-20 0.00088 0.39432
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41909 Medium 4.8 CWE-476, CWE-20 0.00128 0.48465
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41910 Medium 4.8 CWE-125 0.0014 0.50593
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2022-41911 Medium 4.8 CWE-704 0.00094 0.41633
  • 2.0.0–2.10.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25658 High 7.5 CWE-125 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25659 High 7.5 CWE-125 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25660 High 7.5 CWE-476 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25662 High 7.5 CWE-190 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25663 High 7.5 CWE-476 0.00089 0.40088
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25664 High 7.5 CWE-120, CWE-122 0.00086 0.38654
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25665 High 7.5 CWE-476 0.00087 0.3892
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25666 High 7.5 CWE-697 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25667 High 7.5 CWE-190 0.0013 0.48792
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25668 High 9.8 CWE-125, CWE-122 0.00145 0.51396
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25669 High 7.5 CWE-697 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25670 High 7.5 CWE-476 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25672 High 7.5 CWE-476 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25673 High 7.5 CWE-697 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25674 High 7.5 CWE-476 0.00089 0.40088
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25675 High 7.5 CWE-697 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25676 High 7.5 CWE-476 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-25801 High 7.8 CWE-415 0.00044 0.14858
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-27579 High 7.5 CWE-697 0.00091 0.40746
  • 2.0.0–2.11.0rc2
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2023-33976 High 7.5 CWE-190 0.00049 0.21114
  • 2.0.0–2.12.0
  • 1.0.0–1.15.5
  • 0.12.0–0.12.1
CVE-2018-8825 High 8.8 CWE-119 0.00199 0.57944
  • 1.5.0–1.7.0
CVE-2020-15198 Medium 5.4 CWE-122, CWE-119 0.00134 0.49648
  • 2.3.0
CVE-2020-15212 High 8.1 CWE-787 0.00311 0.69975
  • 2.2.0–2.3.0
CVE-2020-15213 Medium 4 CWE-119, CWE-770 0.00104 0.44173
  • 2.2.0–2.3.0
CVE-2020-15214 High 8.1 CWE-787 0.00311 0.69975
  • 2.2.0–2.3.0
CVE-2021-29512 Low 2.5 CWE-120, CWE-787 0.00042 0.05056
  • 2.3.0–2.4.1
CVE-2021-29514 Low 2.5 CWE-787 0.00042 0.05056
  • 2.3.0–2.4.1
CVE-2021-29521 Low 2.5 CWE-131 0.00044 0.15045
  • 2.3.0–2.4.1
CVE-2021-29554 Low 2.5 CWE-369 0.00044 0.15045
  • 2.3.0–2.4.1
CVE-2021-29611 Low 3.6 CWE-665, CWE-20 0.00044 0.15045
  • 2.3.0–2.4.1
CVE-2021-37680 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.3.0–2.5.0
CVE-2021-37681 High 7.8 CWE-476 0.00044 0.14858
  • 2.3.0–2.5.0
CVE-2021-37683 Medium 5.5 CWE-369 0.00044 0.14858
  • 2.3.0–2.5.0
CVE-2021-37687 Medium 5.5 CWE-125 0.00047 0.19646
  • 2.3.0–2.5.0
CVE-2021-29544 Low 2.5 CWE-754 0.00093 0.41317
  • 2.4.0–2.4.1
CVE-2021-37692 Medium 5.5 CWE-20 0.00044 0.14858
  • 2.5.0
CVE-2021-41211 High 7.1 CWE-125 0.00042 0.05056
  • 2.6.0–2.7.0rc1
CVE-2021-41220 High 7.8 CWE-416 0.00042 0.05056
  • 2.6.0–2.7.0rc1
CVE-2022-23593 Medium 5.9 CWE-754 0.00162 0.53671
  • 2.7.0–2.8.0rc1
CVE-2022-23594 High 8.8 CWE-125, CWE-787 0.00044 0.14858
  • 2.7.0
CVE-2022-23592 High 8.1 CWE-125 0.00289 0.68905
  • 2.8.0rc0
CVE-2022-29210 Medium 5.5 CWE-120, CWE-787, CWE-122 0.00045 0.1627
  • 2.8.0
CVE-2022-41883 Medium 6.8 CWE-125 0.00166 0.54143
  • 2.10.0

tensorflow-gpu Vulnerability Remediation Guidance

CVE Description Full list of Impacted Versions Fix
CVE-2023-33976 TensorFlow is an end-to-end open source platform for machine learning. `array_ops.upper_bound` causes a segfault when not given a rank 2 tensor. The fix will be included in TensorFlow 2.13 and will also cherrypick this commit on TensorFlow 2.12. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-27579 TensorFlow is an end-to-end open source platform for machine learning. Constructing a tflite model with a paramater `filter_input_channel` of less than 1 gives a FPE. This issue has been patched in version 2.12. TensorFlow will also cherrypick the fix commit on TensorFlow 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25801 TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2` require the first and fourth elements of their parameter `pooling_ratio` to be equal to 1.0, as pooling on batch and channel dimensions is not supported. A fix is included in TensorFlow 2.12.0 and 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25676 TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.ParallelConcat` segfaults with a nullptr dereference when given a parameter `shape` with rank that is not greater than zero. A fix is available in TensorFlow 2.12.0 and 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25675 TensorFlow is an open source machine learning platform. When running versions prior to 2.12.0 and 2.11.1 with XLA, `tf.raw_ops.Bincount` segfaults when given a parameter `weights` that is neither the same shape as parameter `arr` nor a length-0 tensor. A fix is included in TensorFlow 2.12.0 and 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25674 TensorFlow is an open source machine learning platform. Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled. A fix is included in TensorFlow 2.12.0 and 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25673 TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25672 TensorFlow is an open source platform for machine learning. The function `tf.raw_ops.LookupTableImportV2` cannot handle scalars in the `values` parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25670 TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25669 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for `tf.raw_ops.AvgPoolGrad`, it can give a floating point exception. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25668 TensorFlow is an open source platform for machine learning. Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution. The fix will be included in TensorFlow version 2.12.0 and will also cherrypick this commit on TensorFlow version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25667 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when `2^31 <= num_frames * height * width * channels < 2^32`, for example Full HD screencast of at least 346 frames. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25666 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25665 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `SparseSparseMaximum` is given invalid sparse tensors as inputs, it can give a null pointer error. A fix is included in TensorFlow version 2.12 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25664 None 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25663 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when `ctx->step_containter()` is a null ptr, the Lookup function will be executed with a null pointer. A fix is included in TensorFlow 2.12.0 and 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25662 TensorFlow is an open source platform for machine learning. Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25660 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, when the parameter `summarize` of `tf.raw_ops.Print` is zero, the new method `SummarizeArray<bool>` will reference to a nullptr, leading to a seg fault. A fix is included in TensorFlow version 2.12 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25659 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, if the parameter `indices` for `DynamicStitch` does not match the shape of the parameter `data`, it can trigger an stack OOB read. A fix is included in TensorFlow version 2.12.0 and version 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2023-25658 TensorFlow is an open source platform for machine learning. Prior to versions 2.12.0 and 2.11.1, an out of bounds read is in GRUBlockCellGrad. A fix is included in TensorFlow 2.12.0 and 2.11.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41911 TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a `const char*` array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from `char` to `bool` are undefined if the `char` is not `0` or `1`, so sanitizers/fuzzers will crash. The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41910 TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41909 TensorFlow is an open source platform for machine learning. An input `encoded` that is not a valid `CompositeTensorVariant` tensor will trigger a segfault in `tf.raw_ops.CompositeTensorVariantToComponents`. We have patched the issue in GitHub commits bf594d08d377dc6a3354d9fdb494b32d45f91971 and 660ce5a89eb6766834bdc303d2ab3902aef99d3d. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41908 TensorFlow is an open source platform for machine learning. An input `token` that is not a UTF-8 bytestring will trigger a `CHECK` fail in `tf.raw_ops.PyFunc`. We have patched the issue in GitHub commit 9f03a9d3bafe902c1e6beb105b2f24172f238645. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41907 TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ResizeNearestNeighborGrad` is given a large `size` input, it overflows. We have patched the issue in GitHub commit 00c821af032ba9e5f5fa3fe14690c8d28a657624. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41902 TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41901 TensorFlow is an open source platform for machine learning. An input `sparse_matrix` that is not a matrix with a shape with rank 0 will trigger a `CHECK` fail in `tf.raw_ops.SparseMatrixNNZ`. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41900 TensorFlow is an open source platform for machine learning. The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution. We have patched the issue in GitHub commit 216525144ee7c910296f5b05d214ca1327c9ce48. The fix will be included in TensorFlow 2.11.0. We will also cherry pick this commit on TensorFlow 2.10.1. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41899 TensorFlow is an open source platform for machine learning. Inputs `dense_features` or `example_state_data` not of rank 2 will trigger a `CHECK` fail in `SdcaOptimizer`. We have patched the issue in GitHub commit 80ff197d03db2a70c6a111f97dcdacad1b0babfa. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41898 TensorFlow is an open source platform for machine learning. If `SparseFillEmptyRowsGrad` is given empty inputs, TensorFlow will crash. We have patched the issue in GitHub commit af4a6a3c8b95022c351edae94560acc61253a1b8. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41897 TensorFlow is an open source platform for machine learning. If `FractionMaxPoolGrad` is given outsize inputs `row_pooling_sequence` and `col_pooling_sequence`, TensorFlow will crash. We have patched the issue in GitHub commit d71090c3e5ca325bdf4b02eb236cfb3ee823e927. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41896 TensorFlow is an open source platform for machine learning. If `ThreadUnsafeUnigramCandidateSampler` is given input `filterbank_channel_count` greater than the allowed max size, TensorFlow will crash. We have patched the issue in GitHub commit 39ec7eaf1428e90c37787e5b3fbd68ebd3c48860. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41895 TensorFlow is an open source platform for machine learning. If `MirrorPadGrad` is given outsize input `paddings`, TensorFlow will give a heap OOB error. We have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41893 TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListResize` is given a nonscalar value for input `size`, it results `CHECK` fail which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 888e34b49009a4e734c27ab0c43b0b5102682c56. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41891 TensorFlow is an open source platform for machine learning. If `tf.raw_ops.TensorListConcat` is given `element_shape=[]`, it results segmentation fault which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit fc33f3dc4c14051a83eec6535b608abe1d355fde. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41890 TensorFlow is an open source platform for machine learning. If `BCast::ToShape` is given input larger than an `int32`, it will crash, despite being supposed to handle up to an `int64`. An example can be seen in `tf.experimental.numpy.outer` by passing in large input to the input `b`. We have patched the issue in GitHub commit 8310bf8dd188ff780e7fc53245058215a05bdbe5. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41889 TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a `nullptr`, which is not caught. An example can be seen in `tf.compat.v1.extract_volume_patches` by passing in quantized tensors as input `ksizes`. We have patched the issue in GitHub commit e9e95553e5411834d215e6770c81a83a3d0866ce. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41888 TensorFlow is an open source platform for machine learning. When running on GPU, `tf.image.generate_bounding_box_proposals` receives a `scores` input that must be of rank 4 but is not checked. We have patched the issue in GitHub commit cf35502463a88ca7185a99daa7031df60b3c1c98. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41887 TensorFlow is an open source platform for machine learning. `tf.keras.losses.poisson` receives a `y_pred` and `y_true` that are passed through `functor::mul` in `BinaryOp`. If the resulting dimensions overflow an `int32`, TensorFlow will crash due to a size mismatch during broadcast assignment. We have patched the issue in GitHub commit c5b30379ba87cbe774b08ac50c1f6d36df4ebb7c. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1 and 2.9.3, as these are also affected and still in supported range. However, we will not cherrypick this commit into TensorFlow 2.8.x, as it depends on Eigen behavior that changed between 2.8 and 2.9. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41886 TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ImageProjectiveTransformV2` is given a large output shape, it overflows. We have patched the issue in GitHub commit 8faa6ea692985dbe6ce10e1a3168e0bd60a723ba. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41885 TensorFlow is an open source platform for machine learning. When `tf.raw_ops.FusedResizeAndPadConv2D` is given a large tensor shape, it overflows. We have patched the issue in GitHub commit d66e1d568275e6a2947de97dca7a102a211e01ce. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41884 TensorFlow is an open source platform for machine learning. If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. We have patched the issue in GitHub commit 2b56169c16e375c521a3bc8ea658811cc0793784. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-41883 TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 2.10.0 Patch → NO_SAFE_VERSION
CVE-2022-41880 TensorFlow is an open source platform for machine learning. When the `BaseCandidateSamplerOp` function receives a value in `true_classes` larger than `range_max`, a heap oob read occurs. We have patched the issue in GitHub commit b389f5c944cadfdfe599b3f1e4026e036f30d2d4. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36027 TensorFlow is an open source platform for machine learning. When converting transposed convolutions using per-channel weight quantization the converter segfaults and crashes the Python process. We have patched the issue in GitHub commit aa0b852a4588cea4d36b74feb05d93055540b450. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36026 TensorFlow is an open source platform for machine learning. If `QuantizeAndDequantizeV3` is given a nonscalar `num_bits` input tensor, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit f3f9cb38ecfe5a8a703f2c4a8fead434ef291713. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36019 TensorFlow is an open source platform for machine learning. If `FakeQuantWithMinMaxVarsPerChannel` is given `min` or `max` tensors of a rank other than one, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36018 TensorFlow is an open source platform for machine learning. If `RaggedTensorToVariant` is given a `rt_nested_splits` list that contains tensors of ranks other than one, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 88f93dfe691563baa4ae1e80ccde2d5c7a143821. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36017 TensorFlow is an open source platform for machine learning. If `Requantize` is given `input_min`, `input_max`, `requested_output_min`, `requested_output_max` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36016 TensorFlow is an open source platform for machine learning. When `tensorflow::full_type::SubstituteFromAttrs` receives a `FullTypeDef& t` that is not exactly three args, it triggers a `CHECK`-fail instead of returning a status. We have patched the issue in GitHub commit 6104f0d4091c260ce9352f9155f7e9b725eab012. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36015 TensorFlow is an open source platform for machine learning. When `RangeSize` receives values that do not fit into an `int64_t`, it crashes. We have patched the issue in GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36014 TensorFlow is an open source platform for machine learning. When `mlir::tfg::TFOp::nameAttr` receives null type list attributes, it crashes. We have patched the issue in GitHub commits 3a754740d5414e362512ee981eefba41561a63a6 and a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36013 TensorFlow is an open source platform for machine learning. When `mlir::tfg::GraphDefImporter::ConvertNodeDef` tries to convert NodeDefs without an op name, it crashes. We have patched the issue in GitHub commit a0f0b9a21c9270930457095092f558fbad4c03e5. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36012 TensorFlow is an open source platform for machine learning. When `mlir::tfg::ConvertGenericFunctionToFunctionDef` is given empty function attributes, it crashes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36011 TensorFlow is an open source platform for machine learning. When `mlir::tfg::ConvertGenericFunctionToFunctionDef` is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit 1cf45b831eeb0cab8655c9c7c5d06ec6f45fc41b. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36005 TensorFlow is an open source platform for machine learning. When `tf.quantization.fake_quant_with_min_max_vars_gradient` receives input `min` or `max` that is nonscalar, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit f3cf67ac5705f4f04721d15e485e192bb319feed. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36004 TensorFlow is an open source platform for machine learning. When `tf.random.gamma` receives large input shape and rates, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36003 TensorFlow is an open source platform for machine learning. When `RandomPoissonV2` receives large input shape and rates, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 552bfced6ce4809db5f3ca305f60ff80dd40c5a3. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36002 TensorFlow is an open source platform for machine learning. When `Unbatch` receives a nonscalar input `id`, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 4419d10d576adefa36b0e0a9425d2569f7c0189f. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36001 TensorFlow is an open source platform for machine learning. When `DrawBoundingBoxes` receives an input `boxes` that is not of dtype `float`, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit da0d65cdc1270038e72157ba35bf74b85d9bda11. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-36000 TensorFlow is an open source platform for machine learning. When `mlir::tfg::ConvertGenericFunctionToFunctionDef` is given empty function attributes, it gives a null dereference. We have patched the issue in GitHub commit aed36912609fc07229b4d0a7b44f3f48efc00fd0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35999 TensorFlow is an open source platform for machine learning. When `Conv2DBackpropInput` receives empty `out_backprop` inputs (e.g. `[3, 1, 0, 1]`), the current CPU/GPU kernels `CHECK` fail (one with dnnl, the other with cudnn). This can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 27a65a43cf763897fecfa5cdb5cc653fc5dd0346. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35997 TensorFlow is an open source platform for machine learning. If `tf.sparse.cross` receives an input `separator` that is not a scalar, it gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 83dcb4dbfa094e33db084e97c4d0531a559e0ebf. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35996 TensorFlow is an open source platform for machine learning. If `Conv2D` is given empty `input` and the `filter` and `padding` sizes are valid, the output is all-zeros. This causes division-by-zero floating point exceptions that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 611d80db29dd7b0cfb755772c69d60ae5bca05f9. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35995 TensorFlow is an open source platform for machine learning. When `AudioSummaryV2` receives an input `sample_rate` with more than one element, it gives a `CHECK` fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bf6b45244992e2ee543c258e519489659c99fb7f. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35994 TensorFlow is an open source platform for machine learning. When `CollectiveGather` receives an scalar input `input`, it gives a `CHECK` fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c1f491817dec39a26be3c574e86a88c30f3c4770. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35993 TensorFlow is an open source platform for machine learning. When `SetSize` receives an input `set_shape` that is not a 1D tensor, it gives a `CHECK` fails that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit cf70b79d2662c0d3c6af74583641e345fc939467. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35992 TensorFlow is an open source platform for machine learning. When `TensorListFromTensor` receives an `element_shape` of a rank greater than one, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit 3db59a042a38f4338aa207922fa2f476e000a6ee. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35991 TensorFlow is an open source platform for machine learning. When `TensorListScatter` and `TensorListScatterV2` receive an `element_shape` of a rank greater than one, they give a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit bb03fdf4aae944ab2e4b35c7daa051068a8b7f61. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35990 TensorFlow is an open source platform for machine learning. When `tf.quantization.fake_quant_with_min_max_vars_per_channel_gradient` receives input `min` or `max` of rank other than 1, it gives a `CHECK` fail that can trigger a denial of service attack. We have patched the issue in GitHub commit f3cf67ac5705f4f04721d15e485e192bb319feed. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range.There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35989 TensorFlow is an open source platform for machine learning. When `MaxPool` receives a window size input array `ksize` with dimensions greater than its input tensor `input`, the GPU kernel gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 32d7bd3defd134f21a4e344c8dfd40099aaf6b18. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35988 TensorFlow is an open source platform for machine learning. When `tf.linalg.matrix_rank` receives an empty input `a`, the GPU kernel gives a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit c55b476aa0e0bd4ee99d0f3ad18d9d706cd1260a. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35987 TensorFlow is an open source platform for machine learning. `DenseBincount` assumes its input tensor `weights` to either have the same shape as its input tensor `input` or to be length-0. A different `weights` shape will trigger a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bf4c14353c2328636a18bfad1e151052c81d5f43. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35985 TensorFlow is an open source platform for machine learning. If `LRNGrad` is given an `output_image` input tensor that is not 4-D, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bd90b3efab4ec958b228cd7cfe9125be1c0cf255. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35984 TensorFlow is an open source platform for machine learning. `ParameterizedTruncatedNormal` assumes `shape` is of type `int32`. A valid `shape` of type `int64` results in a mismatched type `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 72180be03447a10810edca700cbc9af690dfeb51. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35983 TensorFlow is an open source platform for machine learning. If `Save` or `SaveSlices` is run over tensors of an unsupported `dtype`, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 5dd7b86b84a864b834c6fa3d7f9f51c87efa99d4. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35982 TensorFlow is an open source platform for machine learning. If `SparseBincount` is given inputs for `indices`, `values`, and `dense_shape` that do not make a valid sparse tensor, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 40adbe4dd15b582b0210dfbf40c243a62f5119fa. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35981 TensorFlow is an open source platform for machine learning. `FractionalMaxPoolGrad` validates its inputs with `CHECK` failures instead of with returning errors. If it gets incorrectly sized inputs, the `CHECK` failure can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 8741e57d163a079db05a7107a7609af70931def4. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35979 TensorFlow is an open source platform for machine learning. If `QuantizedRelu` or `QuantizedRelu6` are given nonscalar inputs for `min_features` or `max_features`, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35974 TensorFlow is an open source platform for machine learning. If `QuantizeDownAndShrinkRange` is given nonscalar inputs for `input_min` or `input_max`, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 73ad1815ebcfeb7c051f9c2f7ab5024380ca8613. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35973 TensorFlow is an open source platform for machine learning. If `QuantizedMatMul` is given nonscalar input for: `min_a`, `max_a`, `min_b`, or `max_b` It gives a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit aca766ac7693bf29ed0df55ad6bfcc78f35e7f48. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35972 TensorFlow is an open source platform for machine learning. If `QuantizedBiasAdd` is given `min_input`, `max_input`, `min_bias`, `max_bias` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35971 TensorFlow is an open source platform for machine learning. If `FakeQuantWithMinMaxVars` is given `min` or `max` tensors of a nonzero rank, it results in a `CHECK` fail that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35970 TensorFlow is an open source platform for machine learning. If `QuantizedInstanceNorm` is given `x_min` or `x_max` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 785d67a78a1d533759fcd2f5e8d6ef778de849e0. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35969 TensorFlow is an open source platform for machine learning. The implementation of `Conv2DBackpropInput` requires `input_sizes` to be 4-dimensional. Otherwise, it gives a `CHECK` failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 50156d547b9a1da0144d7babe665cf690305b33c. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35968 TensorFlow is an open source platform for machine learning. The implementation of `AvgPoolGrad` does not fully validate the input `orig_input_shape`. This results in a `CHECK` failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35967 TensorFlow is an open source platform for machine learning. If `QuantizedAdd` is given `min_input` or `max_input` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35966 TensorFlow is an open source platform for machine learning. If `QuantizedAvgPool` is given `min_input` or `max_input` tensors of a nonzero rank, it results in a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 7cdf9d4d2083b739ec81cfdace546b0c99f50622. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35965 TensorFlow is an open source platform for machine learning. If `LowerBound` or `UpperBound` is given an empty`sorted_inputs` input, it results in a `nullptr` dereference, leading to a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit bce3717eaef4f769019fd18e990464ca4a2efeea. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35964 TensorFlow is an open source platform for machine learning. The implementation of `BlockLSTMGradV2` does not fully validate its inputs. This results in a a segfault that can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 2a458fc4866505be27c62f81474ecb2b870498fa. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35963 TensorFlow is an open source platform for machine learning. The implementation of `FractionalAvgPoolGrad` does not fully validate the input `orig_input_tensor_shape`. This results in an overflow that results in a `CHECK` failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 03a659d7be9a1154fdf5eeac221e5950fec07dad. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35960 TensorFlow is an open source platform for machine learning. In `core/kernels/list_kernels.cc's TensorListReserve`, `num_elements` is assumed to be a tensor of size 1. When a `num_elements` of more than 1 element is provided, then `tf.raw_ops.TensorListReserve` fails the `CHECK_EQ` in `CheckIsAlignedAndSingleElement`. We have patched the issue in GitHub commit b5f6fbfba76576202b72119897561e3bd4f179c7. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35959 TensorFlow is an open source platform for machine learning. The implementation of `AvgPool3DGradOp` does not fully validate the input `orig_input_shape`. This results in an overflow that results in a `CHECK` failure which can be used to trigger a denial of service attack. We have patched the issue in GitHub commit 9178ac9d6389bdc54638ab913ea0e419234d14eb. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35952 TensorFlow is an open source platform for machine learning. The `UnbatchGradOp` function takes an argument `id` that is assumed to be a scalar. A nonscalar `id` can trigger a `CHECK` failure and crash the program. It also requires its argument `batch_index` to contain three times the number of elements as indicated in its `batch_index.dim_size(0)`. An incorrect `batch_index` can trigger a `CHECK` failure and crash the program. We have patched the issue in GitHub commit 5f945fc6409a3c1e90d6970c9292f805f6e6ddf2. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35941 TensorFlow is an open source platform for machine learning. The `AvgPoolOp` function takes an argument `ksize` that must be positive but is not checked. A negative `ksize` can trigger a `CHECK` failure and crash the program. We have patched the issue in GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds to this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35940 TensorFlow is an open source platform for machine learning. The `RaggedRangOp` function takes an argument `limits` that is eventually used to construct a `TensorShape` as an `int64`. If `limits` is a very large float, it can overflow when converted to an `int64`. This triggers an `InvalidArgument` but also throws an abort signal that crashes the program. We have patched the issue in GitHub commit 37cefa91bee4eace55715eeef43720b958a01192. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35939 TensorFlow is an open source platform for machine learning. The `ScatterNd` function takes an input argument that determines the indices of of the output tensor. An input index greater than the output tensor or less than zero will either write content at the wrong index or trigger a crash. We have patched the issue in GitHub commit b4d4b4cb019bd7240a52daa4ba61e3cc814f0384. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35937 TensorFlow is an open source platform for machine learning. The `GatherNd` function takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read is triggered. This issue has been patched in GitHub commit 595a65a3e224a0362d7e68c2213acfc2b499a196. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35935 TensorFlow is an open source platform for machine learning. The implementation of SobolSampleOp is vulnerable to a denial of service via CHECK-failure (assertion failure) caused by assuming `input(0)`, `input(1)`, and `input(2)` to be scalar. This issue has been patched in GitHub commit c65c67f88ad770662e8f191269a907bf2b94b1bf. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-35934 TensorFlow is an open source platform for machine learning. The implementation of tf.reshape op in TensorFlow is vulnerable to a denial of service via CHECK-failure (assertion failure) caused by overflowing the number of elements in a tensor. This issue has been patched in GitHub commit 61f0f9b94df8c0411f0ad0ecc2fec2d3f3c33555. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29216 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, TensorFlow's `saved_model_cli` tool is vulnerable to a code injection. This can be used to open a reverse shell. This code path was maintained for compatibility reasons as the maintainers had several test cases where numpy expressions were used as arguments. However, given that the tool is always run manually, the impact of this is still not severe. The maintainers have now removed the `safe=False` argument, so all parsing is done without calling `eval`. The patch is available in versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29213 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the `tf.compat.v1.signal.rfft2d` and `tf.compat.v1.signal.rfft3d` lack input validation and under certain condition can result in crashes (due to `CHECK`-failures). Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29212 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling. Thus, since code was calling `QuantizeMultiplierSmallerThanOneExp`, the `TFLITE_CHECK_LT` assertion would trigger and abort the process. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29211 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.histogram_fixed_width` is vulnerable to a crash when the values array contain `Not a Number` (`NaN`) elements. The implementation assumes that all floating point operations are defined and then converts a floating point result to an integer index. If `values` contains `NaN` then the result of the division is still `NaN` and the cast to `int32` would result in a crash. This only occurs on the CPU implementation. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29210 TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to ASAN failures because the `AllocatedBytes()` is an estimate of total bytes allocated by a tensor, including any pointed-to constructs (e.g. strings), and does not refer to contiguous bytes in the `.data()` buffer. The discoverers could not use this byte vector anyway because types such as `tstring` include pointers, whereas they needed to hash the string values themselves. This issue is patched in Tensorflow versions 2.9.0 and 2.8.1. 2.8.0 Patch → NO_SAFE_VERSION
CVE-2022-29209 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the macros that TensorFlow uses for writing assertions (e.g., `CHECK_LT`, `CHECK_GT`, etc.) have an incorrect logic when comparing `size_t` and `int` values. Due to type conversion rules, several of the macros would trigger incorrectly. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29208 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.EditDistance` has incomplete validation. Users can pass negative values to cause a segmentation fault based denial of service. In multiple places throughout the code, one may compute an index for a write operation. However, the existing validation only checks against the upper bound of the array. Hence, it is possible to write before the array by massaging the input to generate negative values for `loc`. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29207 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple TensorFlow operations misbehave in eager mode when the resource handle provided to them is invalid. In graph mode, it would have been impossible to perform these API calls, but migration to TF 2.x eager mode opened up this vulnerability. If the resource handle is empty, then a reference is bound to a null pointer inside TensorFlow codebase (various codepaths). This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29206 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorDenseAdd` does not fully validate the input arguments. In this case, a reference gets bound to a `nullptr` during kernel execution. This is undefined behavior. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29205 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling `tf.compat.v1.*` ops which don't yet have support for quantized types, which was added after migration to TensorFlow 2.x. In these scenarios, since the kernel is missing, a `nullptr` value is passed to `ParseDimensionValue` for the `py_value` argument. Then, this is dereferenced, resulting in segfault. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29204 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a positive scalar but there is no validation. Since this value is used to allocate the output tensor, a negative value would result in a `CHECK`-failure (assertion failure), as per TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29203 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a `CHECK`-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29202 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.ragged.constant` does not fully validate the input arguments. This results in a denial of service by consuming all available memory. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29201 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizedConv2D` does not fully validate the input arguments. In this case, references get bound to `nullptr` for each argument that is empty. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29200 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LSTMBlockCell` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate the ranks of any of the arguments to this API call. This results in `CHECK`-failures when the elements of the tensor are accessed. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29199 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.LoadAndRemapMatrix does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `initializing_values` is a vector but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29198 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `dense_shape` is a vector and `indices` is a matrix (as part of requirements for sparse tensors) but there is no validation for this. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29197 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.UnsortedSegmentJoin` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `num_segments` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29196 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.Conv3DBackpropFilterV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code does not validate that the `filter_sizes` argument is a vector. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29195 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.StagePeek` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `index` is a scalar but there is no validation for this before accessing its value. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29194 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.DeleteSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29193 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.TensorSummaryV2` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29192 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-29191 TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23595 Tensorflow is an Open Source Machine Learning Framework. When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so `flr->config_proto` is `nullptr`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23594 Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow (MLIR) makes several assumptions about the incoming `GraphDef` before converting it to the MLIR-based dialect. If an attacker changes the `SavedModel` format on disk to invalidate these assumptions and the `GraphDef` is then converted to MLIR-based IR then they can cause a crash in the Python interpreter. Under certain scenarios, heap OOB read/writes are possible. These issues have been discovered via fuzzing and it is possible that more weaknesses exist. We will patch them as they are discovered. 2.7.0 Patch → NO_SAFE_VERSION
CVE-2022-23593 Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version. 2.7.0, 2.8.0rc0, 2.7.2, 2.8.0rc1, 2.7.4, 2.7.3, 2.7.1 Patch → NO_SAFE_VERSION
CVE-2022-23592 Tensorflow is an Open Source Machine Learning Framework. TensorFlow's type inference can cause a heap out of bounds read as the bounds checking is done in a `DCHECK` (which is a no-op during production). An attacker can control the `input_idx` variable such that `ix` would be larger than the number of values in `node_t.args`. The fix will be included in TensorFlow 2.8.0. This is the only affected version. 2.8.0rc0 Patch → NO_SAFE_VERSION
CVE-2022-23591 Tensorflow is an Open Source Machine Learning Framework. The `GraphDef` format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a `GraphDef` containing a fragment such as the following can be consumed when loading a `SavedModel`. This would result in a stack overflow during execution as resolving each `NodeDef` means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23590 Tensorflow is an Open Source Machine Learning Framework. A `GraphDef` from a TensorFlow `SavedModel` can be maliciously altered to cause a TensorFlow process to crash due to encountering a `StatusOr` value that is an error and forcibly extracting the value from it. We have patched the issue in multiple GitHub commits and these will be included in TensorFlow 2.8.0 and TensorFlow 2.7.1, as both are affected. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23589 Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23588 Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a reference `dtype`. This would result in a crash due to a `CHECK`-fail in the `Tensor` constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23587 Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23586 Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23585 Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., &decode)`, the `decode` value contains allocated buffers which can only be freed by calling `png::CommonFreeDecode(&decode)`. However, several error case in the function implementation invoke the `OP_REQUIRES` macro which immediately terminates the execution of the function, without allowing for the memory free to occur. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23584 Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23583 Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that any binary op would trigger `CHECK` failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the `dtype` no longer matches the `dtype` expected by the op. In that case, calling the templated binary operator for the binary op would receive corrupted data, due to the type confusion involved. If `Tin` and `Tout` don't match the type of data in `out` and `input_*` tensors then `flat<*>` would interpret it wrongly. In most cases, this would be a silent failure, but we have noticed scenarios where this results in a `CHECK` crash, hence a denial of service. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23582 Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that `TensorByteSize` would trigger `CHECK` failures. `TensorShape` constructor throws a `CHECK`-fail if shape is partial or has a number of elements that would overflow the size of an `int`. The `PartialTensorShape` constructor instead does not cause a `CHECK`-abort if the shape is partial, which is exactly what this function needs to be able to return `-1`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23581 Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `IsSimplifiableReshape` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23580 Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23579 Tensorflow is an Open Source Machine Learning Framework. The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a `SavedModel` such that `SafeToRemoveIdentity` would trigger `CHECK` failures. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23578 Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item->kernel` to `nullptr` but it is a simple `OpKernel*` pointer so the memory that was previously allocated to it would leak. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23577 Tensorflow is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23576 Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateOutputSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number of dimensions in `output_shape.dim()` or just a small number of dimensions being large enough to cause an overflow in the multiplication. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23575 Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23574 Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23573 Tensorflow is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23572 Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the `DCHECK` function however, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the `ValueOrDie` line. This results in an assertion failure as `ret` contains an error `Status`, not a value. In the second case we also get a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23571 Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments, if the tensors have an invalid `dtype` and 0 elements or an invalid shape. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23570 Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23569 Tensorflow is an Open Source Machine Learning Framework. Multiple operations in TensorFlow can be used to trigger a denial of service via `CHECK`-fails (i.e., assertion failures). This is similar to TFSA-2021-198 and has similar fixes. We have patched the reported issues in multiple GitHub commits. It is possible that other similar instances exist in TensorFlow, we will issue fixes as these are discovered. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23568 Tensorflow is an Open Source Machine Learning Framework. The implementation of `AddManySparseToTensorsMap` is vulnerable to an integer overflow which results in a `CHECK`-fail when building new `TensorShape` objects (so, an assert failure based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23567 Tensorflow is an Open Source Machine Learning Framework. The implementations of `Sparse*Cwise*` ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based denial of service) or `CHECK`-fails when building new `TensorShape` objects (so, assert failures based denial of service). We are missing some validation on the shapes of the input tensors as well as directly constructing a large `TensorShape` with user-provided dimensions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23566 Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23565 Tensorflow is an Open Source Machine Learning Framework. An attacker can trigger denial of service via assertion failure by altering a `SavedModel` on disk such that `AttrDef`s of some operation are duplicated. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23564 Tensorflow is an Open Source Machine Learning Framework. When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23563 Tensorflow is an Open Source Machine Learning Framework. In multiple places, TensorFlow uses `tempfile.mktemp` to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in `mktemp` and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness). In several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the `mktemp` function usage. We have patched the issue in several commits, replacing `mktemp` with the safer `mkstemp`/`mkdtemp` functions, according to the usage pattern. Users are advised to upgrade as soon as possible. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23562 Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23561 Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23560 Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors. The fix is included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. Users are advised to upgrade as soon as possible. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23559 Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both `embedding_size` and `lookup_size` are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write. Users are advised to upgrade to a patched version. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23558 Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would cause an integer overflow in `TfLiteIntArrayCreate`. The `TfLiteIntArrayGetSizeInBytes` returns an `int` instead of a `size_t. An attacker can control model inputs such that `computed_size` overflows the size of `int` datatype. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-23557 Tensorflow is an Open Source Machine Learning Framework. An attacker can craft a TFLite model that would trigger a division by zero in `BiasAndClamp` implementation. There is no check that the `bias_size` is non zero. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-21741 Tensorflow is an Open Source Machine Learning Framework. ### Impact An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-21740 Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-21739 Tensorflow is an Open Source Machine Learning Framework. The implementation of `QuantizedMaxPool` has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-21738 Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. 1.2.1, 1.14.0, 1.12.3, 1.12.0, 1.9.0, 1.4.1, 0.12.0, 1.13.2 (Show all) Patch → NO_SAFE_VERSION
CVE-2022-21737 Tensorflow is an Open Source Machine Learning Framework. The implementation of `*Bincount` operations allows malicious users to cause denial of service by passin