Количество 3
Количество 3
CVE-2022-23587
Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
CVE-2022-23587
Tensorflow is an Open Source Machine Learning Framework. Under certain ...
GHSA-8jj7-5vxc-pg2q
Integer overflow in TensorFlow
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23587 Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| CVE-2022-23587 Tensorflow is an Open Source Machine Learning Framework. Under certain ... | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| GHSA-8jj7-5vxc-pg2q Integer overflow in TensorFlow | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу