Vulnerabilities > Google > Tensorflow > 0.1.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-09-25 | CVE-2020-15208 | In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. | 9.8 |
2020-09-25 | CVE-2020-15207 | Out-of-bounds Write vulnerability in multiple products In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices. | 9.0 |
2020-05-04 | CVE-2018-21233 | Out-of-bounds Read vulnerability in Google Tensorflow TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. | 6.5 |
2020-01-28 | CVE-2020-5215 | Improper Input Validation vulnerability in Google Tensorflow In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. | 7.5 |
2019-04-24 | CVE-2018-7575 | Integer Overflow or Wraparound vulnerability in Google Tensorflow Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. | 9.8 |
2019-04-24 | CVE-2019-9635 | NULL Pointer Dereference vulnerability in Google Tensorflow NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file. | 6.5 |
2019-04-24 | CVE-2018-7577 | Improper Input Validation vulnerability in Google Tensorflow Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory. | 8.1 |
2019-04-24 | CVE-2018-10055 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Tensorflow Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file. | 8.1 |
2019-04-23 | CVE-2018-8825 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Tensorflow Google TensorFlow 1.7 and below is affected by: Buffer Overflow. | 8.8 |
2019-04-23 | CVE-2018-7576 | NULL Pointer Dereference vulnerability in Google Tensorflow Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. | 6.5 |