You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Upgrade tensorflow to version 1.12.1 or later for security fixes
Details CVE-2019-9635 More information
moderate severity
Vulnerable versions: >= 1.0.0, < 1.12.1
Patched version: 1.12.1
NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file.
CVE-2018-7575 More information
critical severity
Vulnerable versions: >= 1.0.0, < 1.7.1
Patched version: 1.7.1
Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent.
CVE-2018-7577 More information
high severity
Vulnerable versions: >= 1.1.0, < 1.7.1
Patched version: 1.7.1
Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory.
CVE-2018-10055 More information
high severity
Vulnerable versions: >= 1.1.0, < 1.7.1
Patched version: 1.7.1
Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.
CVE-2018-7576 More information
moderate severity
Vulnerable versions: >= 1.0.0, < 1.6.0
Patched version: 1.6.0
Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent.
The text was updated successfully, but these errors were encountered:
Upgrade tensorflow to version 1.12.1 or later for security fixes
Details
CVE-2019-9635 More information
moderate severity
Vulnerable versions: >= 1.0.0, < 1.12.1
Patched version: 1.12.1
NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file.
CVE-2018-7575 More information
critical severity
Vulnerable versions: >= 1.0.0, < 1.7.1
Patched version: 1.7.1
Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent.
CVE-2018-7577 More information
high severity
Vulnerable versions: >= 1.1.0, < 1.7.1
Patched version: 1.7.1
Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory.
CVE-2018-10055 More information
high severity
Vulnerable versions: >= 1.1.0, < 1.7.1
Patched version: 1.7.1
Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.
CVE-2018-7576 More information
moderate severity
Vulnerable versions: >= 1.0.0, < 1.6.0
Patched version: 1.6.0
Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent.
The text was updated successfully, but these errors were encountered: