Vulnerabilities > Google > Tensorflow > 0.1.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-05-14 | CVE-2021-29619 | Unspecified vulnerability in Google Tensorflow TensorFlow is an end-to-end open source platform for machine learning. | 5.5 |
| 2021-05-14 | CVE-2021-29554 | Unspecified vulnerability in Google Tensorflow TensorFlow is an end-to-end open source platform for machine learning. | 5.5 |
| 2020-12-10 | CVE-2020-26270 | Improper Input Validation vulnerability in Google Tensorflow In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. | 3.3 |
| 2020-12-10 | CVE-2020-26268 | Unspecified vulnerability in Google Tensorflow In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. | 4.4 |
| 2020-12-10 | CVE-2020-26267 | Out-of-bounds Read vulnerability in Google Tensorflow In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. | 7.8 |
| 2020-12-10 | CVE-2020-26266 | Use of Uninitialized Resource vulnerability in Google Tensorflow In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. | 5.3 |
| 2020-12-10 | CVE-2020-26271 | Use of Uninitialized Resource vulnerability in Google Tensorflow In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. | 3.3 |
| 2020-09-25 | CVE-2020-15211 | In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. | 4.8 |
| 2020-09-25 | CVE-2020-15210 | Out-of-bounds Write vulnerability in multiple products In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. | 6.5 |
| 2020-09-25 | CVE-2020-15209 | In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. | 5.9 |