CVE-2022-36000 TensorFlow is a machine learning platform. When `mlir::tfg::ConvertGenericFunctionToFunctionDef` gives empty function attributes, it gives a null dereference.
In case of any issues, we strongly recommend updating to latest version of TensorFlow. If you do not want to update your codebase, you may
CVE-2022-36012 TensorFlow is an open source platform for machine learning, which has an issue when given empty function attributes. We have patched the issue in GitHub commit ad069af92392efee1418c48ff561fd3070a03d7b
Machine learning involves lots of numerical data handling and processing. TensorFlow provides a Python API for data handling and processing. For data handling, we can
CVE-2022-36003 TensorFlow is an open source platform for machine learning. When RandomPoissonV2 receives large input and rates, it gives a CHECK fail that can trigger a DDoS attack.
When the `RandomPoissonV2` estimator receives a large input shape and rates, it gives a `CHECK` fail and stops training. The fix is cherry-picking this commit
CVE-2022-36005 TensorFlow is a machine learning platform that gives a fail with "CHECK" when input is non-scalar. This can be used to deny service.
The best way to keep your TensorFlow installation secure is to create a unique, hard-to-guess password for your TensorFlow account. You can read more about
CVE-2022-36001 TensorFlow is an open source platform for machine learning. When `DrawBoundingBoxes` receives an input without dtype='float' it gives a `CHECK` fail that can trigger a denial of service attack.
We are aware of this issue, and are working on a fix. It is possible that with large numbers of boxes, the inference engine may
Episode
00:00:00
00:00:00