目標達成 すべての支援者に感謝 — 100%達成しました!

目標: 1000 CNY · 調達済み: 1336 CNY

100%

tensorflow 厂商漏洞列表 / CVE 中文分析 403

tensorflow 厂商相关 403 条 CVE 漏洞,含 AI 中文分析、POC、CVSS 评分与受影响产品。

TensorFlow 是 Google 开发的开源机器学习框架,广泛用于构建和训练深度学习模型。其历史漏洞多涉及内存安全缺陷、拒绝服务及越权访问,部分源于底层 C++ 组件的缓冲区溢出或逻辑错误。近期关注点在于模型权重泄露及对抗样本攻击风险。尽管核心库安全性较高,但集成环境中的配置失误常导致数据暴露。建议及时更新版本并遵循最小权限原则,以缓解潜在的安全威胁。

上位製品 tensorflow: tensorflow keras
CVE IDタイトルCVSS深刻度公開日
CVE-2022-29206 Missing validation results in undefined behavior in `SparseTensorDenseAdd` in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29207 Undefined behavior when users supply invalid resource handles in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29195 Missing validation causes denial of service in TensorFlow via `StagePeek` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29197 Missing validation causes denial of service in TensorFlow via `UnsortedSegmentJoin` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29196 Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29198 Missing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29199 Missing validation causes denial of service in TensorFlow via `LoadAndRemapMatrix` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29200 Missing validation causes denial of service in TensorFlow via `LSTMBlockCell` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29193 Missing validation causes `TensorSummaryV2` in TensorFlow to crash — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29194 Missing validation causes denial of service via `DeleteSessionTensor` in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29191 Missing validation causes denial of service via `GetSessionTensor` in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29192 Missing validation crashes `QuantizeAndDequantizeV4Grad` in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-23561 Out of bounds write in TFLite — tensorflowCWE-787 8.8 High2022-02-04
CVE-2022-23557 Division by zero in TFLite — tensorflowCWE-369 6.5 Medium2022-02-04
CVE-2022-23558 Integer overflow in TFLite array creation — tensorflowCWE-190 7.6 High2022-02-04
CVE-2022-23570 Null-dereference in Tensorflow — tensorflowCWE-476 6.5 Medium2022-02-04
CVE-2022-23564 Reachable Assertion in Tensorflow — tensorflowCWE-617 6.5 Medium2022-02-04
CVE-2022-23565 `CHECK`-failures in Tensorflow — tensorflowCWE-617 6.5 Medium2022-02-04
CVE-2022-23562 Integer overflow in Tensorflow — tensorflowCWE-190 7.6 High2022-02-04
CVE-2022-23563 Insecure temporary file in Tensorflow — tensorflowCWE-367 7.1 High2022-02-04
CVE-2022-23559 Integer overflow in TFLite — tensorflowCWE-190 8.8 High2022-02-04
CVE-2022-23560 Read and Write outside of bounds in TFLite — tensorflowCWE-125 8.8 High2022-02-04
CVE-2022-23574 Out of bounds read and write in Tensorflow — tensorflowCWE-125 8.8 High2022-02-04
CVE-2022-23571 Reachable Assertion in Tensorflow — tensorflowCWE-617 6.5 Medium2022-02-04
CVE-2022-23566 Out of bounds write in Tensorflow — tensorflowCWE-787 8.8 High2022-02-04
CVE-2022-23577 Null-dereference in Tensorflow — tensorflowCWE-476 6.5 Medium2022-02-04
CVE-2022-23578 Memory leak in Tensorflow — tensorflowCWE-401 4.3 Medium2022-02-04
CVE-2022-23572 Crash when type cannot be specialized in Tensorflow — tensorflowCWE-754 6.5 Medium2022-02-04
CVE-2022-23573 Uninitialized variable access in Tensorflow — tensorflowCWE-908 7.6 High2022-02-04
CVE-2022-23585 Memory leak in decoding PNG images in Tensorflow — tensorflowCWE-401 4.3 Medium2022-02-04

本页汇总了 tensorflow 厂商截至目前公开的全部 403 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接,并附带 AI 生成的中文分析以便快速判断风险。