Количество 3
Количество 3
CVE-2022-23574
Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.
CVE-2022-23574
Tensorflow is an Open Source Machine Learning Framework. There is a ty ...
GHSA-77gp-3h4r-6428
Out of bounds read and write in Tensorflow
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23574 Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range. | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| CVE-2022-23574 Tensorflow is an Open Source Machine Learning Framework. There is a ty ... | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| GHSA-77gp-3h4r-6428 Out of bounds read and write in Tensorflow | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу