Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

tensorflow — Vulnerabilities & Security Advisories 403

Browse all 403 CVE security advisories affecting tensorflow. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TensorFlow is an open-source machine learning framework primarily used for developing and deploying data flow graphs across various platforms. With 403 recorded Common Vulnerabilities and Exposures (CVEs), it has historically been susceptible to a wide array of security flaws. These incidents frequently involve remote code execution, buffer overflows, and denial-of-service conditions, often stemming from improper input validation or memory management errors within its C++ backend. While cross-site scripting is less common due to its backend nature, privilege escalation risks exist when the framework runs with elevated system permissions. Notable security characteristics include its complex dependency tree, which can introduce indirect vulnerabilities through third-party libraries. Major incidents have largely focused on exploitation of parsing routines and model serialization processes, highlighting the critical need for rigorous patch management and secure configuration practices in production environments to mitigate these persistent risks.

Found 402 results / 403Clear Filters
Top products by tensorflow: tensorflow keras
CVE IDTitleCVSSSeverityPublished
CVE-2022-41886 Overflow in `ImageProjectiveTransformV2` in Tensorflow — tensorflowCWE-131 4.8 Medium2022-11-18
CVE-2022-41887 Overflow in `tf.keras.losses.poisson` in Tensorflow — tensorflowCWE-131 4.8 Medium2022-11-18
CVE-2022-41888 Unckecked rank size in `tf.image.generate_bounding_box_proposals` in Tensorflow — tensorflowCWE-20 4.8 Medium2022-11-18
CVE-2022-41889 Segfault via invalid attributes in `pywrap_tfe_src.cc` in Tensorflow — tensorflowCWE-476 5.5 Medium2022-11-18
CVE-2022-41890 `CHECK` fail in `BCast` overflow in Tensorflow — tensorflowCWE-704 4.8 Medium2022-11-18
CVE-2022-41891 Segfault in `tf.raw_ops.TensorListConcat` in Tensorflow — tensorflowCWE-20 4.8 Medium2022-11-18
CVE-2022-41893 `CHECK_EQ` fail in `tf.raw_ops.TensorListResize` in Tensorflow — tensorflowCWE-617 4.8 Medium2022-11-18
CVE-2022-41896 `tf.raw_ops.Mfcc` crashes in Tensorflow — tensorflowCWE-20 4.8 Medium2022-11-18
CVE-2022-41897 `FractionalMaxPoolGrad` Heap out of bounds read in Tensorflow — tensorflowCWE-125 4.8 Medium2022-11-18
CVE-2022-41898 `CHECK` fail via inputs in `SparseFillEmptyRowsGrad` in Tensorflow — tensorflowCWE-20 4.8 Medium2022-11-18
CVE-2022-41899 `CHECK` fail via inputs in `SdcaOptimizer` in Tensorflow — tensorflowCWE-20 4.8 Medium2022-11-18
CVE-2022-41900 FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess in Tensorflow — tensorflowCWE-787 7.1 High2022-11-18
CVE-2022-41901 `CHECK_EQ` fail via input in `SparseMatrixNNZ` in Tensorflow — tensorflowCWE-20 4.8 Medium2022-11-18
CVE-2022-41907 Overflow in `ResizeNearestNeighborGrad` in Tensorflow — tensorflowCWE-131 4.8 Medium2022-11-18
CVE-2022-41908 `CHECK` fail via inputs in `PyFunc` in Tensorflow — tensorflowCWE-20 4.8 Medium2022-11-18
CVE-2022-41909 Segfault in `CompositeTensorVariantToComponents` in Tensorflow — tensorflowCWE-20 4.8 Medium2022-11-18
CVE-2022-41911 Invalid char to bool conversion when printing a tensor in Tensorflow — tensorflowCWE-704 4.8 Medium2022-11-18
CVE-2022-41894 Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite — tensorflowCWE-120 7.1 High2022-11-18
CVE-2022-36015 Integer overflow in math ops in TensorFlow — tensorflowCWE-190 5.9 Medium2022-09-16
CVE-2022-36012 Assertion fail on MLIR empty edge names in TensorFlow — tensorflowCWE-617 5.9 Medium2022-09-16
CVE-2022-35996 Floating point exception in `Conv2D` in TensorFlow — tensorflowCWE-369 5.9 Medium2022-09-16
CVE-2022-36027 Segfault TFLite converter on per-channel quantized transposed convolutions in TensorFlow — tensorflowCWE-20 5.9 Medium2022-09-16
CVE-2022-36017 Segfault in `Requantize` in TensorFlow — tensorflowCWE-20 5.9 Medium2022-09-16
CVE-2022-36014 Null-dereference in `mlir::tfg::TFOp::nameAttr` in TensorFlow — tensorflowCWE-476 5.9 Medium2022-09-16
CVE-2022-36000 Null dereference on MLIR on empty function attributes in TensorFlow — tensorflowCWE-476 5.9 Medium2022-09-16
CVE-2022-36011 Null dereference on MLIR on empty function attributes in TensorFlow — tensorflowCWE-476 5.9 Medium2022-09-16
CVE-2022-36013 Null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef` in TensorFlow — tensorflowCWE-476 5.9 Medium2022-09-16
CVE-2022-35994 `CHECK` fail in `CollectiveGather` in TensorFlow — tensorflowCWE-617 5.9 Medium2022-09-16
CVE-2022-35993 `CHECK` fail in `SetSize` in TensorFlow — tensorflowCWE-617 5.9 Medium2022-09-16
CVE-2022-35992 `CHECK` fail in `TensorListFromTensor` in TensorFlow — tensorflowCWE-617 5.9 Medium2022-09-16

This page lists every published CVE security advisory associated with tensorflow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.