CVE-2022-21729

MEDIUM Year: 2022
CVSS v3 Score
6.5
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-190
View all →

Vulnerability Description

Tensorflow is an Open Source Machine Learning Framework. The implementation of `UnravelIndex` is vulnerable to a division by zero caused by an integer overflow bug. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.

Related Vulnerabilities

CVE-2010-4653

MEDIUM
CVSS:6.5(Medium)

An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts.

CWE-1902010

CVE-2016-10507

MEDIUM
CVSS:6.5(Medium)

Integer overflow vulnerability in the bmp24toimage function in convertbmp.c in OpenJPEG before 2.2.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application c...

CWE-1902016

CVE-2016-2120

MEDIUM
CVSS:6.5(Medium)

An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone un...

CWE-1902016

CVE-2016-5223

MEDIUM
CVSS:6.5(Medium)

Integer overflow in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption or DoS via a...

CWE-1902016

CVE-2016-5844

MEDIUM
CVSS:6.5(Medium)

Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service (application crash) via a crafted ISO file.

CWE-1902016

CVE-2016-6177

MEDIUM
CVSS:6.5(Medium)

The Huawei OceanStor 5800 V300R003C00 has an integer overflow vulnerability. An authenticated attacker may send massive abnormal Network File System (NFS) packets, causing an anomaly in specific disk ...

CWE-1902016