Lucene search
Veracode Vulnerability DatabaseVERACODE:38168HistoryNov 22, 2022 - 4:34 p.m.
Denial Of Service (DoS)
2022-11-2216:34:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
17
tensorflow
dos vulnerability
ndarray_tensor_bridge
input validation
0.001 Low
EPSS
Percentile
34.4%
Tensorflow is vulnerable to denial of service. The vulnerability exists due to a segment fault in ndarray_tensor_bridge because the inputs are not properly validated which allows an attacker to cause an application crash.
References
github.com/tensorflow/tensorflow/commit/2b56169c16e375c521a3bc8ea658811cc0793784
github.com/tensorflow/tensorflow/commit/75d3adff8f63a637ef117737e20bc794d2428d3e
github.com/tensorflow/tensorflow/commit/d4c52cca976413a61c489c98c00189f7fb549123
github.com/tensorflow/tensorflow/commit/d69bc7bab3dfe223204c8e741cc5dacafba90a8a
github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636
Related
cbl_mariner
cbl_mariner
CVE-2022-41884 affecting package tensorflow for versions less than 2.11.0-1
2022-12-09 20:03:11
osv
osv
CVE-2022-41884
2022-11-18 22:15:13
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs
2022-11-21 20:39:49
BIT-tensorflow-2022-41884
2024-03-06 11:11:31
github
github
Seg fault in `ndarray_tensor_bridge` due to zero and large inputs
2022-11-21 20:39:49
cnvd
cnvd
Google TensorFlow has an unspecified vulnerability (CNVD-2022-81226)
2022-11-23 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: tensorflow (CVE-2022-41884)
2023-03-20 00:00:00
TensorFlow < 2.9.3 Multiple Vulnerabilities
2024-05-24 00:00:00
TensorFlow < 2.10.1 Multiple Vulnerabilities
2024-05-20 00:00:00
nvd
nvd
CVE-2022-41884
2022-11-18 22:15:13
prion
prion
Stack overflow
2022-11-18 22:15:00
cvelist
cvelist
cve
cve
CVE-2022-41884
2022-11-18 22:15:13
