Количество 3
Количество 3
CVE-2021-29602
TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthwiseConv` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/1a8e885b864c818198a5b2c0cbbeca5a1e833bc8/tensorflow/lite/kernels/depthwise_conv.cc#L287-L288). An attacker can craft a model such that `input`'s fourth dimension would be 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
CVE-2021-29602
TensorFlow is an end-to-end open source platform for machine learning. ...
GHSA-rf3h-xgv5-2q39
Division by zero in TFLite's implementation of `DepthwiseConv`
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-29602 TensorFlow is an end-to-end open source platform for machine learning. The implementation of the `DepthwiseConv` TFLite operator is vulnerable to a division by zero error(https://github.com/tensorflow/tensorflow/blob/1a8e885b864c818198a5b2c0cbbeca5a1e833bc8/tensorflow/lite/kernels/depthwise_conv.cc#L287-L288). An attacker can craft a model such that `input`'s fourth dimension would be 0. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range. | CVSS3: 2.5 | 0% Низкий | больше 4 лет назад |
| CVE-2021-29602 TensorFlow is an end-to-end open source platform for machine learning. ... | CVSS3: 2.5 | 0% Низкий | больше 4 лет назад |
| GHSA-rf3h-xgv5-2q39 Division by zero in TFLite's implementation of `DepthwiseConv` | CVSS3: 2.5 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу