Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

tensorflow — Vulnerabilities & Security Advisories 403

Browse all 403 CVE security advisories affecting tensorflow. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TensorFlow is an open-source machine learning framework primarily used for developing and deploying data flow graphs across various platforms. With 403 recorded Common Vulnerabilities and Exposures (CVEs), it has historically been susceptible to a wide array of security flaws. These incidents frequently involve remote code execution, buffer overflows, and denial-of-service conditions, often stemming from improper input validation or memory management errors within its C++ backend. While cross-site scripting is less common due to its backend nature, privilege escalation risks exist when the framework runs with elevated system permissions. Notable security characteristics include its complex dependency tree, which can introduce indirect vulnerabilities through third-party libraries. Major incidents have largely focused on exploitation of parsing routines and model serialization processes, highlighting the critical need for rigorous patch management and secure configuration practices in production environments to mitigate these persistent risks.

Found 402 results / 403Clear Filters
Top products by tensorflow: tensorflow keras
CVE IDTitleCVSSSeverityPublished
CVE-2022-29207 Undefined behavior when users supply invalid resource handles in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29195 Missing validation causes denial of service in TensorFlow via `StagePeek` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29197 Missing validation causes denial of service in TensorFlow via `UnsortedSegmentJoin` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29196 Missing validation causes denial of service in TensorFlow via `Conv3DBackpropFilterV2` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29198 Missing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29199 Missing validation causes denial of service in TensorFlow via `LoadAndRemapMatrix` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29200 Missing validation causes denial of service in TensorFlow via `LSTMBlockCell` — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29193 Missing validation causes `TensorSummaryV2` in TensorFlow to crash — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29194 Missing validation causes denial of service via `DeleteSessionTensor` in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29191 Missing validation causes denial of service via `GetSessionTensor` in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-29192 Missing validation crashes `QuantizeAndDequantizeV4Grad` in TensorFlow — tensorflowCWE-20 5.5 Medium2022-05-20
CVE-2022-23561 Out of bounds write in TFLite — tensorflowCWE-787 8.8 High2022-02-04
CVE-2022-23557 Division by zero in TFLite — tensorflowCWE-369 6.5 Medium2022-02-04
CVE-2022-23558 Integer overflow in TFLite array creation — tensorflowCWE-190 7.6 High2022-02-04
CVE-2022-23570 Null-dereference in Tensorflow — tensorflowCWE-476 6.5 Medium2022-02-04
CVE-2022-23564 Reachable Assertion in Tensorflow — tensorflowCWE-617 6.5 Medium2022-02-04
CVE-2022-23565 `CHECK`-failures in Tensorflow — tensorflowCWE-617 6.5 Medium2022-02-04
CVE-2022-23562 Integer overflow in Tensorflow — tensorflowCWE-190 7.6 High2022-02-04
CVE-2022-23563 Insecure temporary file in Tensorflow — tensorflowCWE-367 7.1 High2022-02-04
CVE-2022-23559 Integer overflow in TFLite — tensorflowCWE-190 8.8 High2022-02-04
CVE-2022-23560 Read and Write outside of bounds in TFLite — tensorflowCWE-125 8.8 High2022-02-04
CVE-2022-23574 Out of bounds read and write in Tensorflow — tensorflowCWE-125 8.8 High2022-02-04
CVE-2022-23571 Reachable Assertion in Tensorflow — tensorflowCWE-617 6.5 Medium2022-02-04
CVE-2022-23566 Out of bounds write in Tensorflow — tensorflowCWE-787 8.8 High2022-02-04
CVE-2022-23577 Null-dereference in Tensorflow — tensorflowCWE-476 6.5 Medium2022-02-04
CVE-2022-23578 Memory leak in Tensorflow — tensorflowCWE-401 4.3 Medium2022-02-04
CVE-2022-23572 Crash when type cannot be specialized in Tensorflow — tensorflowCWE-754 6.5 Medium2022-02-04
CVE-2022-23573 Uninitialized variable access in Tensorflow — tensorflowCWE-908 7.6 High2022-02-04
CVE-2022-23585 Memory leak in decoding PNG images in Tensorflow — tensorflowCWE-401 4.3 Medium2022-02-04
CVE-2022-23579 `CHECK`-failures during Grappler's `SafeToRemoveIdentity` in Tensorflow — tensorflowCWE-617 6.5 Medium2022-02-04

This page lists every published CVE security advisory associated with tensorflow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.