Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

tensorflow — Vulnerabilities & Security Advisories 403

Browse all 403 CVE security advisories affecting tensorflow. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TensorFlow is an open-source machine learning framework primarily used for developing and deploying data flow graphs across various platforms. With 403 recorded Common Vulnerabilities and Exposures (CVEs), it has historically been susceptible to a wide array of security flaws. These incidents frequently involve remote code execution, buffer overflows, and denial-of-service conditions, often stemming from improper input validation or memory management errors within its C++ backend. While cross-site scripting is less common due to its backend nature, privilege escalation risks exist when the framework runs with elevated system permissions. Notable security characteristics include its complex dependency tree, which can introduce indirect vulnerabilities through third-party libraries. Major incidents have largely focused on exploitation of parsing routines and model serialization processes, highlighting the critical need for rigorous patch management and secure configuration practices in production environments to mitigate these persistent risks.

Top products by tensorflow: tensorflow keras
CVE IDTitleCVSSSeverityPublished
CVE-2021-29578 Heap buffer overflow in `FractionalAvgPoolGrad` — tensorflowCWE-119 2.5 Low2021-05-14
CVE-2021-29579 Heap buffer overflow in `MaxPoolGrad` — tensorflowCWE-119 2.5 Low2021-05-14
CVE-2021-29580 Undefined behavior and `CHECK`-fail in `FractionalMaxPoolGrad` — tensorflowCWE-908 2.5 Low2021-05-14
CVE-2021-29581 Segfault in `CTCBeamSearchDecoder` — tensorflowCWE-908 2.5 Low2021-05-14
CVE-2021-29582 Heap OOB read in `tf.raw_ops.Dequantize` — tensorflowCWE-125 2.5 Low2021-05-14
CVE-2021-29583 Heap buffer overflow and undefined behavior in `FusedBatchNorm` — tensorflowCWE-476 2.5 Low2021-05-14
CVE-2021-29584 CHECK-fail due to integer overflow — tensorflowCWE-190 2.5 Low2021-05-14
CVE-2021-29525 Division by 0 in `Conv2DBackpropInput` — tensorflowCWE-369 2.5 Low2021-05-14
CVE-2021-29526 Division by 0 in `Conv2D` — tensorflowCWE-369 2.5 Low2021-05-14
CVE-2021-29527 Division by 0 in `QuantizedConv2D` — tensorflowCWE-369 2.5 Low2021-05-14
CVE-2021-29528 Division by 0 in `QuantizedMul` — tensorflowCWE-369 2.5 Low2021-05-14
CVE-2021-29529 Heap buffer overflow caused by rounding — tensorflowCWE-131 2.5 Low2021-05-14
CVE-2021-29530 Invalid validation in `SparseMatrixSparseCholesky` — tensorflowCWE-476 2.5 Low2021-05-14
CVE-2021-29531 CHECK-fail in tf.raw_ops.EncodePng — tensorflowCWE-754 2.5 Low2021-05-14
CVE-2021-29532 Heap out of bounds read in `RaggedCross` — tensorflowCWE-125 2.5 Low2021-05-14
CVE-2021-29533 CHECK-fail in DrawBoundingBoxes — tensorflowCWE-754 2.5 Low2021-05-14
CVE-2021-29534 CHECK-fail in SparseConcat — tensorflowCWE-754 2.5 Low2021-05-14
CVE-2021-29535 Heap buffer overflow in `QuantizedMul` — tensorflowCWE-131 2.5 Low2021-05-14
CVE-2021-29536 Heap buffer overflow in `QuantizedReshape` — tensorflowCWE-131 2.5 Low2021-05-14
CVE-2021-29537 Heap buffer overflow in `QuantizedResizeBilinear` — tensorflowCWE-131 2.5 Low2021-05-14
CVE-2021-29538 Division by zero in `Conv2DBackpropFilter` — tensorflowCWE-369 2.5 Low2021-05-14
CVE-2021-29539 Segfault in tf.raw_ops.ImmutableConst — tensorflowCWE-681 2.5 Low2021-05-14
CVE-2021-29540 Heap buffer overflow in `Conv2DBackpropFilter` — tensorflowCWE-120 2.5 Low2021-05-14
CVE-2021-29541 Null pointer dereference in `StringNGrams` — tensorflowCWE-476 2.5 Low2021-05-14
CVE-2021-29542 Heap buffer overflow in `StringNGrams` — tensorflowCWE-131 2.5 Low2021-05-14
CVE-2021-29543 CHECK-fail in `CTCGreedyDecoder` — tensorflowCWE-617 2.5 Low2021-05-14
CVE-2021-29544 CHECK-fail in `QuantizeAndDequantizeV4Grad` — tensorflowCWE-754 2.5 Low2021-05-14
CVE-2021-29545 Heap buffer overflow in `SparseTensorToCSRSparseMatrix` — tensorflowCWE-131 2.5 Low2021-05-14
CVE-2021-29546 Division by 0 in `QuantizedBiasAdd` — tensorflowCWE-369 2.5 Low2021-05-14
CVE-2021-29547 Heap out of bounds in `QuantizedBatchNormWithGlobalNormalization` — tensorflowCWE-125 2.5 Low2021-05-14

This page lists every published CVE security advisory associated with tensorflow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.