Количество 3
Количество 3
CVE-2022-23594
Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow (MLIR) makes several assumptions about the incoming `GraphDef` before converting it to the MLIR-based dialect. If an attacker changes the `SavedModel` format on disk to invalidate these assumptions and the `GraphDef` is then converted to MLIR-based IR then they can cause a crash in the Python interpreter. Under certain scenarios, heap OOB read/writes are possible. These issues have been discovered via fuzzing and it is possible that more weaknesses exist. We will patch them as they are discovered.
CVE-2022-23594
Tensorflow is an Open Source Machine Learning Framework. The TFG diale ...
GHSA-9x52-887g-fhc2
Out of bounds read in Tensorflow
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-23594 Tensorflow is an Open Source Machine Learning Framework. The TFG dialect of TensorFlow (MLIR) makes several assumptions about the incoming `GraphDef` before converting it to the MLIR-based dialect. If an attacker changes the `SavedModel` format on disk to invalidate these assumptions and the `GraphDef` is then converted to MLIR-based IR then they can cause a crash in the Python interpreter. Under certain scenarios, heap OOB read/writes are possible. These issues have been discovered via fuzzing and it is possible that more weaknesses exist. We will patch them as they are discovered. | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| CVE-2022-23594 Tensorflow is an Open Source Machine Learning Framework. The TFG diale ... | CVSS3: 8.8 | 0% Низкий | около 4 лет назад |
| GHSA-9x52-887g-fhc2 Out of bounds read in Tensorflow | CVSS3: 8.8 | 0% Низкий | почти 4 года назад |
Уязвимостей на страницу