| CVE-2021-29619 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Passing invalid arguments (e.g., discovered via fuzzing) to... |
| CVE-2021-29618 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Passing a complex argument to `tf.transpose` at the same time as passing... |
| CVE-2021-29617 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service via `CHECK`-fail in `tf.strings.substr` with... |
| CVE-2021-29616 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of TrySimplify(https://github.com/tensorflow/tensor... |
| CVE-2021-29615 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `ParseAttrValue`(https://github.com/tensorflow/t... |
| CVE-2021-29614 |
Critical |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.io.decode_raw` produces incorrect results and crashes the... |
| CVE-2021-29613 |
High |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. Incomplete validation in `tf.raw_ops.CTCLoss` allows an attacker to trigger an OOB read... |
| CVE-2021-29612 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a heap buffer overflow in Eigen implementation of... |
| CVE-2021-29611 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Incomplete validation in `SparseReshape` results in a denial of service based on a... |
| CVE-2021-29610 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. The validation in `tf.raw_ops.QuantizeAndDequantizeV2` allows invalid values for `axis`... |
| CVE-2021-29609 |
Critical |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined... |
| CVE-2021-29608 |
Medium |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. Due to lack of validation in `tf.raw_ops.RaggedTensorToTensor`, an attacker can exploit... |
| CVE-2021-29607 |
Medium |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. Incomplete validation in `SparseAdd` results in allowing attackers to exploit undefined... |
| CVE-2021-29606 |
High |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite... |
| CVE-2021-29605 |
Critical |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. The TFLite code for allocating `TFLiteIntArray`s is vulnerable to an integer overflow... |
| CVE-2021-29604 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The TFLite implementation of hashtable lookup is vulnerable to a division by zero... |
| CVE-2021-29603 |
Medium |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. A specially crafted TFLite model could trigger an OOB write on heap in the TFLite... |
| CVE-2021-29602 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of the `DepthwiseConv` TFLite operator is vulnerable to a division by... |
| CVE-2021-29601 |
High |
No |
Insufficient validation |
A security issue has been found in TensorFlow before version 2.4.2. The TFLite implementation of concatenation is vulnerable to an integer overflow... |
| CVE-2021-29600 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of the `OneHot` TFLite operator is vulnerable to a division by zero... |
| CVE-2021-29599 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of the `Split` TFLite operator is vulnerable to a division by zero... |
| CVE-2021-29598 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of the `SVDF` TFLite operator is vulnerable to a division by zero... |
| CVE-2021-29597 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of the `SpaceToBatchNd` TFLite operator is [vulnerable to a division... |
| CVE-2021-29596 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of the `EmbeddingLookup` TFLite operator is vulnerable to a division... |
| CVE-2021-29595 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of the `DepthToSpace` TFLite operator is vulnerable to a division by... |
| CVE-2021-29594 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. TFLite's convolution code(https://github.com/tensorflow/tensorflow/blo... |
| CVE-2021-29593 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of the `BatchToSpaceNd` TFLite operator is vulnerable to a division... |
| CVE-2021-29592 |
Medium |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The fix for CVE-2020-15209(https://cve.mitre.org/cgi-... |
| CVE-2021-29591 |
High |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. TFlite graphs must not have loops between nodes. However, this condition was not checked... |
| CVE-2021-29590 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. The implementations of the `Minimum` and `Maximum` TFLite operators can be used to read... |
| CVE-2021-29589 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The reference implementation of the `GatherNd` TFLite operator is vulnerable to a... |
| CVE-2021-29588 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The optimized implementation of the `TransposeConv` TFLite operator is [vulnerable to a... |
| CVE-2021-29587 |
Low |
No |
Insufficient validation |
A security issue has been found in TensorFlow before version 2.4.2. The `Prepare` step of the `SpaceToDepth` TFLite operator does not check for 0 before... |
| CVE-2021-29586 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Optimized pooling implementations in TFLite fail to check that the stride arguments are... |
| CVE-2021-29585 |
Low |
No |
Insufficient validation |
A security issue has been found in TensorFlow before version 2.4.2. The TFLite computation for size of output after padding, `ComputeOutSi... |
| CVE-2021-29584 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK`-fail in caused by an integer... |
| CVE-2021-29583 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.FusedBatchNorm` is vulnerable to a heap buffer... |
| CVE-2021-29582 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. Due to lack of validation in `tf.raw_ops.Dequantize`, an attacker can trigger a read... |
| CVE-2021-29581 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Due to lack of validation in `tf.raw_ops.CTCBeamSearchDecoder`, an attacker can trigger... |
| CVE-2021-29580 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.FractionalMaxPoolGrad` triggers an undefined behavior... |
| CVE-2021-29579 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.MaxPoolGrad` is vulnerable to a heap buffer overflow.... |
| CVE-2021-29578 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.FractionalAvgPoolGrad` is vulnerable to a heap buffer... |
| CVE-2021-29577 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.AvgPool3DGrad` is vulnerable to a heap buffer... |
| CVE-2021-29576 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.MaxPool3DGradGrad` is vulnerable to a heap buffer... |
| CVE-2021-29575 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.ReverseSequence` allows for stack overflow and/or... |
| CVE-2021-29574 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.MaxPool3DGradGrad` exhibits undefined behavior by... |
| CVE-2021-29573 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` is vulnerable to a division by... |
| CVE-2021-29572 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to... |
| CVE-2021-29571 |
Medium |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of... |
| CVE-2021-29570 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of... |
| CVE-2021-29569 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `tf.raw_ops.MaxPoolGradWithArgmax` can cause reads outside of... |
| CVE-2021-29568 |
Low |
No |
Insufficient validation |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger undefined behavior by binding to null pointer in... |
| CVE-2021-29567 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Due to lack of validation in `tf.raw_ops.SparseDenseCwiseMul`, an attacker can trigger... |
| CVE-2021-29566 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can write outside the bounds of heap allocated arrays by passing invalid... |
| CVE-2021-29565 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a null pointer dereference in the implementation of... |
| CVE-2021-29564 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a null pointer dereference in the implementation of... |
| CVE-2021-29563 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from... |
| CVE-2021-29562 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from... |
| CVE-2021-29561 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from... |
| CVE-2021-29560 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This... |
| CVE-2021-29559 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can access data outside of bounds of heap allocated array in... |
| CVE-2021-29558 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a heap buffer overflow in `tf.raw_ops.SparseSplit`. This is... |
| CVE-2021-29557 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service via a FPE runtime error in... |
| CVE-2021-29556 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service via a FPE runtime error in... |
| CVE-2021-29555 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service via a FPE runtime error in... |
| CVE-2021-29554 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service via a FPE runtime error in... |
| CVE-2021-29553 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can read data outside of bounds of heap allocated buffer in... |
| CVE-2021-29552 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a denial of service by controlling the values of `num_segments`... |
| CVE-2021-29551 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `MatrixTriangularSolve`(https://github.com/tenso... |
| CVE-2021-29550 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a runtime division by zero error and denial of service in... |
| CVE-2021-29549 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a runtime division by zero error and denial of service in... |
| CVE-2021-29548 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a runtime division by zero error and denial of service in... |
| CVE-2021-29547 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a segfault and denial of service via accessing data outside of... |
| CVE-2021-29546 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger an integer division by zero undefined behavior in... |
| CVE-2021-29545 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK`-fail in converting sparse... |
| CVE-2021-29544 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK`-fail in... |
| CVE-2021-29543 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK`-fail in... |
| CVE-2021-29542 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a heap buffer overflow by passing crafted inputs to... |
| CVE-2021-29541 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a dereference of a null pointer in `tf.raw_ops.StringNGrams`.... |
| CVE-2021-29540 |
Low |
No |
Insufficient validation |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a heap buffer overflow to occur in `Conv2DBackpropFilter`. This is... |
| CVE-2021-29539 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_doc... |
| CVE-2021-29538 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a division by zero to occur in `Conv2DBackpropFilter`. This is... |
| CVE-2021-29537 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a heap buffer overflow in `QuantizedResizeBilinear` by passing in... |
| CVE-2021-29536 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a heap buffer overflow in `QuantizedReshape` by passing in invalid... |
| CVE-2021-29535 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can cause a heap buffer overflow in `QuantizedMul` by passing in invalid... |
| CVE-2021-29534 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK`-fail in... |
| CVE-2021-29533 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK` failure by passing an empty... |
| CVE-2021-29532 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can force accesses outside the bounds of heap allocated arrays by passing in... |
| CVE-2021-29531 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a `CHECK` fail in PNG encoding by providing an empty input... |
| CVE-2021-29530 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a null pointer dereference by providing an invalid `permutation`... |
| CVE-2021-29529 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a heap buffer overflow in `tf.raw_ops.QuantizedResizeBilinear`... |
| CVE-2021-29528 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedMul`. This is because... |
| CVE-2021-29527 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a division by 0 in `tf.raw_ops.QuantizedConv2D`. This is because... |
| CVE-2021-29526 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2D`. This is because the... |
| CVE-2021-29525 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropInput`. This is... |
| CVE-2021-29524 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a division by 0 in `tf.raw_ops.Conv2DBackpropFilter`. This is... |
| CVE-2021-29523 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. An attacker can trigger a denial of service via a `CHECK`-fail in... |
| CVE-2021-29522 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The `tf.raw_ops.Conv3DBackprop*` operations fail to validate that the input tensors are... |
| CVE-2021-29521 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Specifying a negative dense shape in `tf.raw_ops.SparseCountSparseOutput` results in a... |
| CVE-2021-29520 |
Low |
No |
Arbitrary code execution |
A security issue has been found in TensorFlow before version 2.4.2. Missing validation between arguments to `tf.raw_ops.Conv3DBackprop*` operations can... |
| CVE-2021-29519 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. The API of `tf.raw_ops.SparseCross` allows combinations which would result in a... |
| CVE-2021-29518 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. In eager mode (default in TF 2.0 and later), session operations are invalid. However,... |
| CVE-2021-29517 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. A malicious user could trigger a division by 0 in `Conv3D` implementation. The... |
| CVE-2021-29516 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Calling `tf.raw_ops.RaggedTensorToVariant` with arguments specifying an invalid ragged... |
| CVE-2021-29515 |
Low |
No |
Insufficient validation |
A security issue has been found in TensorFlow before version 2.4.2. The implementation of `MatrixDiag*` operations(https://github.com/tens... |
| CVE-2021-29514 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. If the `splits` argument of `RaggedBincount` does not specify a valid `Sp... |
| CVE-2021-29513 |
Low |
No |
Denial of service |
A security issue has been found in TensorFlow before version 2.4.2. Calling TF operations with tensors of non-numeric types when the operations expect... |
| CVE-2021-29512 |
Low |
No |
Information disclosure |
A security issue has been found in TensorFlow before version 2.4.2. If the "splits" argument of RaggedBincount does not specify a valid SparseTensor, then... |