Количество 3
Количество 3
CVE-2022-23584
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
CVE-2022-23584
Tensorflow is an Open Source Machine Learning Framework. A malicious u ...
GHSA-24x4-6qmh-88qg
Use after free in `DecodePng` kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23584 Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | CVSS3: 7.6 | 0% Низкий | почти 4 года назад |
| CVE-2022-23584 Tensorflow is an Open Source Machine Learning Framework. A malicious u ... | CVSS3: 7.6 | 0% Низкий | почти 4 года назад |
| GHSA-24x4-6qmh-88qg Use after free in `DecodePng` kernel | CVSS3: 7.6 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу