Lucene search
China National Vulnerability DatabaseCNVD-2022-80680HistoryNov 23, 2022 - 12:00 a.m.
Google TensorFlow buffer overflow vulnerability (CNVD-2022-80680)
2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
google
tensorflow
buffer overflow
vulnerability
machine learning
google inc
cnvd-2022-80680
resizenearestneighborgrad
input data validation
overflow problem
0.001 Low
EPSS
Percentile
43.6%
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A buffer overflow vulnerability exists in Google TensorFlow, which stems from tf.raw_ops.ResizeNearestNeighborGrad’s lack of length size validation of the input data. validation, an attacker could exploit the vulnerability by assigning a large siz that would cause an overflow problem.
| CPE | Name | Operator | Version |
|---|---|---|---|
| google tensorflow | lt | 2.8.4 | |
| google tensorflow >=2.9.0, | lt | 2.9.3 | |
| google tensorflow >=2.10.0, | lt | 2.10.1 |
Related
cve
cve
CVE-2022-41907
2022-11-18 22:15:21
veracode
veracode
Denial Of Service (DoS)
2022-11-22 12:31:58
prion
prion
Design/Logic Flaw
2022-11-18 22:15:00
osv
osv
CVE-2022-41907
2022-11-18 22:15:21
Overflow in `ResizeNearestNeighborGrad`
2022-11-21 22:04:27
BIT-tensorflow-2022-41907
2024-03-06 11:10:16
nvd
nvd
CVE-2022-41907
2022-11-18 22:15:21
github
github
Overflow in `ResizeNearestNeighborGrad`
2022-11-21 22:04:27
cbl_mariner
cbl_mariner
CVE-2022-41907 affecting package tensorflow for versions less than 2.11.0-1
2022-12-09 20:03:11
cvelist
cvelist
CVE-2022-41907 Overflow in `ResizeNearestNeighborGrad` in Tensorflow
2022-11-18 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41907)
2023-03-20 00:00:00
TensorFlow < 2.9.3 Multiple Vulnerabilities
2024-05-24 00:00:00
TensorFlow < 2.10.1 Multiple Vulnerabilities
2024-05-20 00:00:00
