Denial Of Service (DoS)

2022-11-2113:40:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

denial of service

size mismatch

broadcast assignment

application crash

malicious input

software

0.001 Low

EPSS

Percentile

48.9%

JSON

tensorflow is vulnerable to denial of service. The vulnerability exists in the BinaryFunctor function of cwise_ops_common.h due to a size mismatch during broadcast assignment which allows an attacker to cause an application crash by providing malicious input.

CPENameOperatorVersion
tensorflowle2.10.0
tensorflowle2.9.2
tensorflow-cpule2.10.0
tensorflow-cpule2.9.2
tensorflow-gpule2.10.0
tensorflow-gpule2.9.2
tensorflowle2.10.0
tensorflowle2.9.2
tensorflow-cpule2.10.0
tensorflow-cpule2.9.2

Name	Operator	Version
tensorflow	le	2.10.0
tensorflow	le	2.9.2
tensorflow-cpu	le	2.10.0
tensorflow-cpu	le	2.9.2
tensorflow-gpu	le	2.10.0
tensorflow-gpu	le	2.9.2
tensorflow	le	2.10.0
tensorflow	le	2.9.2
tensorflow-cpu	le	2.10.0
tensorflow-cpu	le	2.9.2