Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-29212

Опубликовано: 21 мая 2022
Источник: nvd
CVSS3: 5.5
CVSS2: 2.1
EPSS Низкий

Описание

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, certain TFLite models that were created using TFLite model converter would crash when loaded in the TFLite interpreter. The culprit is that during quantization the scale of values could be greater than 1 but code was always assuming sub-unit scaling. Thus, since code was calling QuantizeMultiplierSmallerThanOneExp, the TFLITE_CHECK_LT assertion would trigger and abort the process. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Версия до 2.6.4 (исключая)
cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*
Версия от 2.7.0 (включая) до 2.7.2 (исключая)
cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*
cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*
cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*
cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*
cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*
cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*
cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*

EPSS

Процентиль: 25%
0.00084
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-20

Связанные уязвимости

debian логотип

CVE-2022-29212

CVSS3: 5.5
debian
больше 3 лет назад

TensorFlow is an open source platform for machine learning. Prior to v ...

github логотип

GHSA-8wwm-6264-x792

CVSS3: 5.5
github
больше 3 лет назад

Core dump when loading TFLite models with quantization in TensorFlow

EPSS

Процентиль: 25%
0.00084
Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-20