Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

tensorflow — Vulnerabilities & Security Advisories 403

Browse all 403 CVE security advisories affecting tensorflow. AI-powered Chinese analysis, POCs, and references for each vulnerability.

TensorFlow is an open-source machine learning framework primarily used for developing and deploying data flow graphs across various platforms. With 403 recorded Common Vulnerabilities and Exposures (CVEs), it has historically been susceptible to a wide array of security flaws. These incidents frequently involve remote code execution, buffer overflows, and denial-of-service conditions, often stemming from improper input validation or memory management errors within its C++ backend. While cross-site scripting is less common due to its backend nature, privilege escalation risks exist when the framework runs with elevated system permissions. Notable security characteristics include its complex dependency tree, which can introduce indirect vulnerabilities through third-party libraries. Major incidents have largely focused on exploitation of parsing routines and model serialization processes, highlighting the critical need for rigorous patch management and secure configuration practices in production environments to mitigate these persistent risks.

Found 402 results / 403Clear Filters
Top products by tensorflow: tensorflow keras
CVE IDTitleCVSSSeverityPublished
CVE-2021-37677 Missing validation in shape inference for `Dequantize` in TensorFlow — tensorflowCWE-20 5.5 Medium2021-08-12
CVE-2021-37683 Division by zero in TensorFlow Lite division operations — tensorflowCWE-369 5.5 Medium2021-08-12
CVE-2021-37684 Division by zero in TensorFlow Lite pooling operations — tensorflowCWE-369 5.5 Medium2021-08-12
CVE-2021-37668 Division by zero in TensorFlow Lite `tf.raw_ops.UnravelIndex` — tensorflowCWE-369 5.5 Medium2021-08-12
CVE-2021-37670 Heap OOB in `UpperBound` and `LowerBound` in TensorFlow — tensorflowCWE-125 5.5 Medium2021-08-12
CVE-2021-37691 Division by zero in LSH in TensorFlow Lite — tensorflowCWE-369 5.5 Medium2021-08-12
CVE-2021-37679 Heap OOB in nested `tf.map_fn` with `RaggedTensor`s in TensorFlow — tensorflowCWE-125 7.1 High2021-08-12
CVE-2021-37672 Heap OOB in `SdcaOptimizerV2` in TensorFlow — tensorflowCWE-125 5.5 Medium2021-08-12
CVE-2021-37687 Heap OOB in TensorFlow Lite's `Gather*` implementations — tensorflowCWE-125 5.5 Medium2021-08-12
CVE-2021-37685 Heap OOB in TensorFlow Lite — tensorflowCWE-125 5.5 Medium2021-08-12
CVE-2021-37681 Null pointer exception in TensorFlow Lite — tensorflowCWE-476 7.8 High2021-08-12
CVE-2021-37689 Null pointer dereference in TensorFlow Lite MLIR optimizations — tensorflowCWE-476 7.8 High2021-08-12
CVE-2021-37688 Null pointer dereference in TensorFlow Lite — tensorflowCWE-476 7.8 High2021-08-12
CVE-2021-37686 Infinite loop in TensorFlow Lite — tensorflowCWE-835 5.5 Medium2021-08-12
CVE-2021-37680 Division by zero in TFLite in TensorFlow — tensorflowCWE-369 5.5 Medium2021-08-12
CVE-2021-37675 Division by 0 in most convolution operators in TensorFlow — tensorflowCWE-369 5.5 Medium2021-08-12
CVE-2021-37676 Reference binding to nullptr in shape inference in TensorFlow — tensorflowCWE-824 7.8 High2021-08-12
CVE-2021-37671 Reference binding to nullptr in map operations in TensorFlow — tensorflowCWE-824 7.8 High2021-08-12
CVE-2021-37666 Reference binding to nullptr in `RaggedTensorToVariant` in TensorFlow — tensorflowCWE-824 7.8 High2021-08-12
CVE-2021-37667 Reference binding to nullptr in unicode encoding in TensorFlow — tensorflowCWE-824 7.8 High2021-08-12
CVE-2021-37648 Incorrect validation of `SaveV2` inputs in TensorFlow — tensorflowCWE-476 7.8 High2021-08-12
CVE-2021-37652 Use after free in boosted trees creation in TensorFlow — tensorflowCWE-416 7.8 High2021-08-12
CVE-2021-37646 Bad alloc in `StringNGrams` caused by integer conversion in TensorFlow — tensorflowCWE-681 5.5 Medium2021-08-12
CVE-2021-37661 Crash caused by integer conversion to unsigned in TensorFlow — tensorflowCWE-681 5.5 Medium2021-08-12
CVE-2021-37645 Integer overflow due to conversion to unsigned in TensorFlow — tensorflowCWE-681 5.5 Medium2021-08-12
CVE-2021-37651 Heap buffer overflow in `FractionalAvgPoolGrad` in TensorFlow — tensorflowCWE-125 7.1 High2021-08-12
CVE-2021-37650 Segfault and heap buffer overflow in `{Experimental,}DatasetToTFRecord` in TensorFlow — tensorflowCWE-120 7.8 High2021-08-12
CVE-2021-37662 Reference binding to nullptr in boosted trees in TensorFlow — tensorflowCWE-824 7.1 High2021-08-12
CVE-2021-37656 Reference binding to nullptr in `RaggedTensorToSparse` in TensorFlow — tensorflowCWE-824 7.1 High2021-08-12
CVE-2021-37657 Reference binding to nullptr in `MatrixDiagV*` ops in TensorFlow — tensorflowCWE-824 7.1 High2021-08-12

This page lists every published CVE security advisory associated with tensorflow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.