pkg:Bitnami/tensorflow

All known vulnerabilities

• CRITICAL9.8CVE-2023-25668TensorFlow vulnerable to heap out-of-buffer read in the QuantizeAndDequantize operation
  from 0, < 2.12.0
• CRITICAL9.3CVE-2021-41208Incomplete validation in boosted trees code
  >= 2.4.0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• CRITICAL9.3CVE-2021-37678Arbitrary code execution due to YAML deserialization
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• CRITICAL9.1TensorFlow through 2.5.0 allows attackers to overwrite arbitrary files via a crafted archive when tf.keras.utils.get_file is used with extr…
  from 0, < 2.5.1
• CRITICAL9.1OOB read in `Gather_nd` op in TensorFlow Lite Micro
  >= 2.7.0, < 2.7.2, >= 2.8.0, < 2.8.1, >= 2.9.0, < 2.9.1
• CRITICAL9.1Heap out of bounds read in filesystem glob matching in TensorFlow
  >= 2.4.0-rc0, < 2.4.0, >= 2.4.0-rc1, < 2.4.0, >= 2.4.0-rc2, < 2.4.0, >= 2.4.0-rc3, < 2.4.0, >= 2.4.0-rc4, < 2.4.0
• CRITICAL9.0Denial of Service in Tensorflow
  from 0, < 1.15.4, >= 2.0.0, < 2.0.3, >= 2.1.0, < 2.1.2, >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• CRITICAL9.0Data leak in Tensorflow
  from 0, < 1.15.4, >= 2.0.0, < 2.0.3, >= 2.1.0, < 2.1.2, >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• CRITICAL9.0Integer truncation in Shard API usage
  from 0, < 1.15.4, >= 2.0.0, < 2.0.3, >= 2.1.0, < 2.1.2, >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• HIGH8.8Out of bounds write in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.8Out of bounds write in TFLite
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.8Read and Write outside of bounds in TFLite
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.8Integer overflow in TFLite
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.8Out of bounds read in Tensorflow
  >= 2.7.0, < 2.7.1
• HIGH8.8Integer overflow in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.8Out of bounds read and write in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.7Segfault and data corruption in tensorflow-lite
  from 0, < 1.15.4, >= 2.0.0, < 2.0.3, >= 2.1.0, < 2.1.2, >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• HIGH8.5Heap buffer overflow in Tensorflow
  from 0, < 1.15.4, >= 2.0.0, < 2.0.3, >= 2.1.0, < 2.1.2, >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• HIGH8.5Heap buffer overflow in Tensorflow
  >= 2.3.0, < 2.3.1
• HIGH8.4Null pointer dereference and heap OOB read in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH8.1Out of bounds read in Tensorflow
  >= 2.7.0, < 2.8.0
• HIGH8.1Out of bounds read in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.1Out of bounds read in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.1Out of bounds read in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH8.1Out of bounds access in tensorflow-lite
  >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• HIGH8.1Out of bounds write in tensorflow-lite
  >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• HIGH8.0TensorFlow has double free in Fractional(Max/Avg)Pool
  from 0, < 2.12.0
• HIGH7.8Code injection in `saved_model_cli` in TensorFlow
  from 0, < 2.6.4, >= 2.7.0, < 2.7.2, >= 2.8.0, < 2.8.1
• HIGH7.8Unitialized access in `EinsumHelper::ParseEquation`
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.8Missing validation during checkpoint loading
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.8Reference binding to `nullptr` in `tf.ragged.cross`
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.8Undefined behavior via `nullptr` reference binding in sparse matrix multiplication
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.8Use after free in `CollectiveReduceV2`
  >= 2.6.0, < 2.6.1
• HIGH7.8Access to invalid memory during shape inference in `Cudnn*` ops
  >= 2.4.0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.8Incorrect validation of `SaveV2` inputs in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Segfault and heap buffer overflow in `{Experimental,}DatasetToTFRecord` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Use after free in boosted trees creation in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Incomplete validation in `QuantizeV2` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Incomplete validation in MKL requantization in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Reference binding to nullptr in `RaggedTensorToVariant` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Reference binding to nullptr in unicode encoding in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Reference binding to nullptr in map operations in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Reference binding to nullptr in shape inference in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Null pointer exception in TensorFlow Lite
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Null pointer dereference in TensorFlow Lite
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.8Null pointer dereference in TensorFlow Lite MLIR optimizations
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.7Null pointer dereference in `CompressElement` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.7Null pointer dereference in `RaggedTensorToTensor` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.7Null pointer dereference in `MatrixDiagPartOp` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.7Null pointer dereference in `SparseTensorSliceDataset` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.7Null pointer dereference in `UncompressElement` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.6Use after free in `DecodePng` in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.6Integer overflow in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.6Integer overflow in TFLite array creation
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.6Heap overflow in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.6Undefined behavior in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.6Uninitialized variable access in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.6Integer overflow in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.5An issue was discovered TensorFlow v2.18.0.
  >= 2.18.0, < 2.18.1
• HIGH7.5TensorFlow segfault in array_ops.upper_bound
  from 0, < 2.12.1
• HIGH7.5TensorFlow vulnerable to Out-of-Bounds Read in DynamicStitch
  from 0, < 2.12.0
• HIGH7.5TensorFlow vulnerable to seg fault in `tf.raw_ops.Print`
  from 0, < 2.12.0
• HIGH7.5TensorFlow vulnerable to integer overflow in EditDistance
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Null Pointer Error in TensorArrayConcatV2
  from 0, < 2.12.0
• HIGH7.5TensorFlow vulnerable to Heap Buffer Overflow in AvgPoolGrad
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Null Pointer Error in SparseSparseMaximum
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Floating Point Exception in AudioSpectrogram
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Floating Point Exception in AvgPoolGrad with XLA
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Null Pointer Error in QuantizedMatMulWithBiasAndDequantize
  from 0, < 2.12.0
• HIGH7.5TensorFlow has segmentation fault in tfg-translate
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Null Pointer Error in LookupTableImportV2
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Floating Point Exception in TensorListSplit with XLA
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Null Pointer Error in RandomShuffle with XLA enable
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Segfault in Bincount with XLA
  from 0, < 2.12.0
• HIGH7.5TensorFlow has null dereference on ParallelConcat with XLA
  from 0, < 2.12.0
• HIGH7.5TensorFlow has Floating Point Exception in TFLite in conv kernel
  from 0, < 2.12.0
• HIGH7.5TensorFlow vulnerable to Out-of-Bounds Read in GRUBlockCellGrad
  from 0, < 2.12.0
• HIGH7.5`CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs` in TensorFlow
  from 0, < 2.7.2, >= 2.8.0, < 2.8.1, >= 2.9.0, < 2.9.1
• HIGH7.5Integer overflow in math ops in TensorFlow
  from 0, < 2.7.2, >= 2.8.0, < 2.8.1, >= 2.9.0, < 2.9.1
• HIGH7.5Stack overflow in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.5Code injection in `saved_model_cli`
  >= 2.4.0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.5Denial of Service in Tensorflow
  from 0, < 1.15.4, >= 2.0.0, < 2.0.3, >= 2.1.0, < 2.1.2, >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• HIGH7.4Data corruption in tensorflow-lite
  from 0, < 1.15.4, >= 2.0.0, < 2.0.3, >= 2.1.0, < 2.1.2, >= 2.2.0, < 2.2.1, >= 2.3.0, < 2.3.1
• HIGH7.3Heap out of bounds access in sparse reduction operations in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.3Heap OOB and CHECK fail in `ResourceGather` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.3Heap OOB in `ResourceScatterUpdate` in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.3Out of bounds read via null pointer dereference in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.3Heap OOB in boosted trees in TensorFlow
  >= 2.3.0, < 2.3.4, >= 2.4.0, < 2.4.3, >= 2.5.0, < 2.5.1
• HIGH7.3Stack overflow due to looping TFLite subgraph
  from 0, < 2.1.4, >= 2.2.0, < 2.2.3, >= 2.3.0, < 2.3.3, >= 2.4.0, < 2.4.2
• HIGH7.1Out of bounds write in grappler in Tensorflow
  from 0, < 2.8.4, >= 2.9.0, < 2.9.3, >= 2.10.0, < 2.10.1
• HIGH7.1FractionalMaxPool and FractionalAVGPool heap out-of-bounds acess in Tensorflow
  from 0, < 2.8.4, >= 2.9.0, < 2.9.3, >= 2.10.0, < 2.10.1
• HIGH7.1Buffer overflow in `CONV_3D_TRANSPOSE` on TFLite
  from 0, < 2.8.4, >= 2.9.0, < 2.9.3, >= 2.10.0, < 2.10.1
• HIGH7.1Segfault and Out-of-bounds Write write due to incomplete validation in TensorFlow
  from 0, < 2.6.4, >= 2.7.0, < 2.7.2, >= 2.8.0, < 2.8.1
• HIGH7.1Insecure temporary file in Tensorflow
  from 0, < 2.5.3, >= 2.6.0, < 2.6.3, >= 2.7.0, < 2.7.1
• HIGH7.1Heap OOB read in all `tf.raw_ops.QuantizeAndDequantizeV*` ops
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.1Heap OOB read in `tf.raw_ops.SparseCountSparseOutput`
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.1Heap OOB read in shape inference for `QuantizeV2`
  >= 2.6.0, < 2.6.1
• HIGH7.1Heap OOB read in `tf.ragged.cross`
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.1Heap OOB read in `FusedBatchNorm` kernels
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1
• HIGH7.1`SparseFillEmptyRows` heap OOB read
  from 0, < 2.4.4, >= 2.5.0, < 2.5.2, >= 2.6.0, < 2.6.1