Vulnerabilities > Google > Tensorflow > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-21 | CVE-2020-15266 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Tensorflow In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the CPU kernel implementation receives it as a C++ `nan` floating point value. | 7.5 |
| 2020-10-21 | CVE-2020-15265 | Out-of-bounds Read vulnerability in Google Tensorflow In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. | 7.5 |
| 2020-09-25 | CVE-2020-15214 | Out-of-bounds Write vulnerability in Google Tensorflow 2.2.0/2.3.0 In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. | 8.1 |
| 2020-09-25 | CVE-2020-15212 | Out-of-bounds Write vulnerability in Google Tensorflow 2.2.0/2.3.0 In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. | 8.6 |
| 2020-09-25 | CVE-2020-15206 | Improper Input Validation vulnerability in multiple products In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. | 7.5 |
| 2020-09-25 | CVE-2020-15203 | Use of Externally-Controlled Format String vulnerability in multiple products In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed. | 7.5 |
| 2020-09-25 | CVE-2020-15195 | Out-of-bounds Write vulnerability in multiple products In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern. | 8.8 |
| 2020-09-25 | CVE-2020-15193 | Use of Uninitialized Resource vulnerability in multiple products In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. | 7.1 |
| 2020-01-28 | CVE-2020-5215 | Improper Input Validation vulnerability in Google Tensorflow In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. | 7.5 |
| 2019-04-24 | CVE-2018-7577 | Improper Input Validation vulnerability in Google Tensorflow Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory. | 8.1 |