Lucene search
China National Vulnerability DatabaseCNVD-2022-87256HistoryNov 23, 2022 - 12:00 a.m.
Google TensorFlow tf.keras.losses.poisson buffer overflow vulnerability
2022-11-2300:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
google
tensorflow
buffer overflow
vulnerability
denial of service
machine learning
validation
user-supplied data
0.001 Low
EPSS
Percentile
48.9%
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. Google TensorFlow 2.9.0 and later, and prior to 2.9.3, is vulnerable to a buffer overflow vulnerability caused by "tf.keras.losses.poisson " lacks proper validation of user-supplied data. An attacker could exploit the vulnerability to cause a denial of service.
| CPE | Name | Operator | Version |
|---|---|---|---|
| google tensorflow >=2.9.0, | lt | 2.9.3 |
Related
cve
cve
CVE-2022-41887
2022-11-18 22:15:14
prion
prion
Stack overflow
2022-11-18 22:15:00
osv
osv
CVE-2022-41887
2022-11-18 22:15:14
Overflow in `tf.keras.losses.poisson`
2022-11-21 20:41:35
BIT-tensorflow-2022-41887
2024-03-06 11:11:21
veracode
veracode
Denial Of Service (DoS)
2022-11-21 13:40:04
nvd
nvd
CVE-2022-41887
2022-11-18 22:15:14
github
github
Overflow in `tf.keras.losses.poisson`
2022-11-21 20:41:35
cvelist
cvelist
CVE-2022-41887 Overflow in `tf.keras.losses.poisson` in Tensorflow
2022-11-18 00:00:00
ibm
ibm
nessus
nessus
TensorFlow < 2.9.3 Multiple Vulnerabilities
2024-05-24 00:00:00
TensorFlow < 2.10.1 Multiple Vulnerabilities
2024-05-20 00:00:00