Количество 3
Количество 3
CVE-2022-23584
Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
CVE-2022-23584
Tensorflow is an Open Source Machine Learning Framework. A malicious u ...
GHSA-24x4-6qmh-88qg
Use after free in `DecodePng` kernel
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23584 Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | CVSS3: 7.6 | 0% Низкий | больше 3 лет назад |
| CVE-2022-23584 Tensorflow is an Open Source Machine Learning Framework. A malicious u ... | CVSS3: 7.6 | 0% Низкий | больше 3 лет назад |
| GHSA-24x4-6qmh-88qg Use after free in `DecodePng` kernel | CVSS3: 7.6 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу