CVE-2022-41907

HIGH Year: 2022
CVSS v3 Score
7.5
High
Weakness Type
CWE-131
View all →

Vulnerability Description

TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ResizeNearestNeighborGrad` is given a large `size` input, it overflows. We have patched the issue in GitHub commit 00c821af032ba9e5f5fa3fe14690c8d28a657624. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Related Vulnerabilities

CVE-2001-0334

HIGH
CVSS:7.5(High)

FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.

CWE-1312001

CVE-2018-1000224

HIGH
CVSS:7.5(High)

Godot Engine version All versions prior to 2.1.5, all 3.0 versions prior to 3.0.6. contains a Signed/unsigned comparison, wrong buffer size chackes, integer overflow, missing padding initialization vu...

CWE-1312018

CVE-2019-19282

HIGH
CVSS:7.5(High)

A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd3), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (A...

CWE-1312019

CVE-2020-36475

HIGH
CVSS:7.5(High)

An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large paramet...

CWE-1312020

CVE-2021-22391

HIGH
CVSS:7.5(High)

There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

CWE-1312021

CVE-2021-22392

HIGH
CVSS:7.5(High)

There is an Incorrect Calculation of Buffer Size in Huawei Smartphone.Successful exploitation of this vulnerability may cause verification bypass and directions to abnormal addresses.

CWE-1312021