SB2021051335 - Multiple vulnerabilities in TensorFlow
Published: May 13, 2021 Updated: May 4, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 108 vulnerabilities.
1) Heap-based buffer overflow (CVE-ID: CVE-2021-29512)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in RaggedBinCount. A remote attacker can send specially crafted data to the application, trigger heap-based buffer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
2) Input validation error (CVE-ID: CVE-2021-29619)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.SparseCountSparseOutput when parsing input. A local user can pass invalid arguments to cause a denial of service.
3) Input validation error (CVE-ID: CVE-2021-29617)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.strings.substr when processing invalid arguments. A local user can supply crafted argument values to cause a denial of service.
4) Input validation error (CVE-ID: CVE-2021-29618)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.transpose when processing a complex input with conjugate set to true. A local user can pass a complex argument while setting conjugate=true to cause a denial of service.
5) NULL pointer dereference (CVE-ID: CVE-2021-29616)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a null pointer dereference in Grappler's TrySimplify function when optimizing a node with no inputs. A remote attacker can trigger optimization of a crafted graph to cause a denial of service.
6) Uncontrolled Recursion (CVE-ID: CVE-2021-29615)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to uncontrolled recursion in ParseAttrValue when parsing specially crafted input with nested tensors. A remote attacker can supply specially crafted input to cause a denial of service.
7) Out-of-bounds write (CVE-ID: CVE-2021-29614)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to out-of-bounds write in tf.io.decode_raw when processing input with fixed_length and wider datatypes. A local user can supply specially crafted input to cause a denial of service.
The issue stems from incorrect pointer arithmetic in the padded raw decoding implementation, which can also produce incorrect decoding results.
8) Out-of-bounds read (CVE-ID: CVE-2021-29613)
The vulnerability allows a local user to read memory out of bounds.
The vulnerability exists due to an out-of-bounds read in tf.raw_ops.CTCLoss when parsing crafted input tensors. A local user can supply malformed tensor values and shapes to read memory out of bounds.
9) Heap-based buffer overflow (CVE-ID: CVE-2021-29612)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in the Eigen implementation of tf.raw_ops.BandedTriangularSolve when processing empty input tensors. A remote attacker can supply crafted tensor inputs to cause a denial of service.
The issue is triggered because input validation does not ensure that the tensors are non-empty, and execution continues even after validation sets a non-OK status.
10) Out-of-bounds write (CVE-ID: CVE-2021-29610)
The vulnerability allows a local attacker to read and write heap memory.
The vulnerability exists due to out-of-bounds write in tf.raw_ops.QuantizeAndDequantizeV2 when processing a crafted axis argument. A local attacker can supply an invalid negative axis value to read and write heap memory.
11) Input validation error (CVE-ID: CVE-2021-29611)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the SparseReshape operation when processing crafted sparse tensor arguments. A remote attacker can supply invalid input tensors to trigger a CHECK-failure and cause a denial of service.
12) Input validation error (CVE-ID: CVE-2021-29607)
The vulnerability allows a remote attacker to cause a denial of service or corrupt memory.
The vulnerability exists due to improper input validation in the SparseSparseMinimum operation when processing invalid sparse tensor inputs. A remote attacker can send crafted tensor triples to cause a denial of service or corrupt memory.
The issue stems from missing checks for empty tensors and for mismatched index dimensions relative to the corresponding shape tensors.
13) Input validation error (CVE-ID: CVE-2021-29609)
The vulnerability allows a remote attacker to cause a denial of service or corrupt memory.
The vulnerability exists due to improper input validation in the SparseAdd operation when processing invalid sparse tensor inputs. A remote attacker can send crafted tensor triples to cause a denial of service or corrupt memory.
The issue can be triggered by empty tensors or by providing *_indices tensors whose second dimension does not match the size of the corresponding *_shape tensor.
14) Input validation error (CVE-ID: CVE-2021-29608)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.RaggedTensorToTensor when processing empty input arguments. A local user can supply crafted empty tensors to cause a denial of service.
The issue can manifest as a heap out-of-bounds access or a null pointer dereference in release builds because the relevant DCHECK validations are not enforced there.
15) Out-of-bounds read (CVE-ID: CVE-2021-29606)
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in the TFLite Split_V implementation when parsing a specially crafted TFLite model with an invalid axis_value. A remote attacker can supply a specially crafted TFLite model to disclose sensitive information.
16) Heap-based buffer overflow (CVE-ID: CVE-2021-29603)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in the TFLite ArgMin/ArgMax implementation when parsing a specially crafted TFLite model with an invalid axis value. A remote attacker can supply a specially crafted TFLite model to cause a denial of service.
17) Integer overflow (CVE-ID: CVE-2021-29605)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to integer overflow in TFLiteIntArray allocation code when parsing a crafted model. A remote attacker can supply a specially crafted model with an oversized array size value to cause a denial of service.
18) Integer overflow (CVE-ID: CVE-2021-29601)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to integer overflow in the TFLite concatenation implementation when converting a crafted TensorFlow model to TFLite format. A remote attacker can craft a model with oversized concatenation input dimensions to cause a denial of service.
19) Division by zero (CVE-ID: CVE-2021-29604)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in hashtable lookup implementation when parsing a crafted TFLite model. A remote attacker can supply a model with a zero-sized first dimension in values to cause a denial of service.
20) Division by zero (CVE-ID: CVE-2021-29602)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the DepthwiseConv TFLite operator when parsing a crafted model. A remote attacker can supply a model with a zero-sized fourth input dimension to cause a denial of service.
21) Division by zero (CVE-ID: CVE-2021-29600)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the OneHot TFLite operator when parsing a crafted model. A remote attacker can supply a model with a zero-sized indices dimension to cause a denial of service.
22) Division by zero (CVE-ID: CVE-2021-29599)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the Split TFLite operator implementation when parsing a crafted model. A remote attacker can supply a model with num_splits set to 0 to cause a denial of service.
23) Division by zero (CVE-ID: CVE-2021-29598)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the SVDF TFLite operator when parsing a crafted model. A remote attacker can supply a specially crafted model to cause a denial of service.
24) Division by zero (CVE-ID: CVE-2021-29597)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the SpaceToBatchNd TFLite operator when parsing a crafted model. A remote attacker can supply a model with a zero-valued block dimension to cause a denial of service.
25) Division by zero (CVE-ID: CVE-2021-29593)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the BatchToSpaceNd TFLite operator when parsing a crafted model. A remote attacker can supply a model with a zero-valued block dimension to cause a denial of service.
26) Division by zero (CVE-ID: CVE-2021-29596)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the EmbeddingLookup TFLite operator when parsing a crafted model. A remote attacker can supply a model with a zero-sized first dimension in the value input to cause a denial of service.
27) Division by zero (CVE-ID: CVE-2021-29594)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in convolution code when parsing user-controlled tensor data. A remote attacker can supply crafted input that triggers a zero divisor to cause a denial of service.
28) Division by zero (CVE-ID: CVE-2021-29595)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the DepthToSpace TFLite operator when parsing a crafted model. A remote attacker can supply a model with a zero block_size value to cause a denial of service.
29) Input validation error (CVE-ID: CVE-2021-29591)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in the TFLite subgraph evaluation logic when parsing a crafted model with looping subgraphs. A remote attacker can supply a specially crafted model to cause a denial of service.
In certain cases, the infinite loop is replaced by a stack overflow caused by excessive recursive calls. The issue can be triggered when the body and loop subgraphs reference the same subgraph in the While operator.
30) NULL pointer dereference (CVE-ID: CVE-2021-29592)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a null pointer dereference in the TFLite Reshape operator when processing a model with a null-buffer-backed 1-dimensional shape tensor. A remote attacker can supply a specially crafted model to cause a denial of service.
31) Out-of-bounds read (CVE-ID: CVE-2021-29590)
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to an out-of-bounds read in TFLite Minimum and Maximum operators when processing empty input tensors. A remote attacker can supply crafted tensor inputs to disclose sensitive information.
32) Division by zero (CVE-ID: CVE-2021-29588)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the TransposeConv operator implementation when parsing a crafted model. A remote attacker can supply a model with zero stride values to cause a denial of service.
33) Division by zero (CVE-ID: CVE-2021-29589)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the GatherNd operator implementation when parsing a crafted model with an empty params tensor. A remote attacker can supply a specially crafted model to cause a denial of service.
34) Division by zero (CVE-ID: CVE-2021-29587)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in the SpaceToDepth TFLite operator Prepare step when parsing a crafted model. A remote attacker can supply a model with a zero block_size value to cause a denial of service.
35) Division by zero (CVE-ID: CVE-2021-29586)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in optimized pooling implementations in TFLite when parsing a specially crafted model with zero stride values. A remote attacker can supply a specially crafted model to cause a denial of service.
36) Division by zero (CVE-ID: CVE-2021-29585)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in ComputeOutSize in the TFLite padding computation when parsing a specially crafted model with a stride value of 0. A remote attacker can supply a specially crafted model to cause a denial of service.
37) Heap-based buffer overflow (CVE-ID: CVE-2021-29583)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to heap-based buffer overflow in tf.raw_ops.FusedBatchNorm when processing crafted tensor inputs. A local user can supply tensors whose scale, offset, mean, or variance sizes do not match the number of channels in x to cause a denial of service.
Empty tensors can also trigger undefined behavior through null pointer dereference.
38) Integer overflow (CVE-ID: CVE-2021-29584)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to integer overflow in the SparseSplit operation when constructing a new tensor shape from user-supplied shape dimensions. A remote attacker can supply crafted input values to trigger a CHECK failure and cause a denial of service.
39) Out-of-bounds read (CVE-ID: CVE-2021-29582)
The vulnerability allows a local user to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in tf.raw_ops.Dequantize when processing mismatched min_range and max_range tensors. A local user can supply crafted input tensors with different shapes to disclose sensitive information.
40) Out-of-bounds read (CVE-ID: CVE-2021-29581)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in tf.raw_ops.CTCBeamSearchDecoder when processing an empty input tensor. A local user can supply a crafted input tensor and sequence_length values to cause a denial of service.
The issue occurs because the implementation fails to detect empty input tensors and proceeds to read data from a null buffer.
41) Heap-based buffer overflow (CVE-ID: CVE-2021-29579)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in the tf.raw_ops.MaxPoolGrad operation when processing crafted tensor inputs. A local user can supply malformed input tensors to trigger an out-of-bounds memory access and cause a denial of service.
42) Heap-based buffer overflow (CVE-ID: CVE-2021-29578)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in the FractionalAvgPoolGrad operation when processing crafted pooling sequence arguments. A local user can supply tensors with pooling sequences that do not have enough elements for the out_backprop tensor shape to cause a denial of service.
43) Input validation error (CVE-ID: CVE-2021-29580)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.FractionalMaxPoolGrad when processing crafted input tensors. A local user can supply empty tensors or tensors with mismatched ranks to cause a denial of service.
The process can abort when a CHECK condition becomes false.
44) Heap-based buffer overflow (CVE-ID: CVE-2021-29577)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in tf.raw_ops.AvgPool3DGrad when processing crafted orig_input_shape and grad tensors with mismatched first and last dimensions. A local user can supply specially crafted tensor inputs to cause a denial of service.
45) Heap-based buffer overflow (CVE-ID: CVE-2021-29576)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in tf.raw_ops.MaxPool3DGradGrad when processing crafted input tensors. A local user can supply malformed arguments that cause Pool3dParameters initialization to fail and trigger a heap buffer overflow to cause a denial of service.
46) Input validation error (CVE-ID: CVE-2021-29574)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in MaxPool3DGradGrad when processing empty tensor inputs. A remote attacker can supply crafted empty tensors to cause a denial of service.
The issue is triggered by dereferencing null pointers backing empty tensors.
47) Input validation error (CVE-ID: CVE-2021-29573)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.MaxPoolGradWithArgmax when processing crafted tensors with a zero batch dimension. A local user can supply crafted input, grad, and argmax tensors to trigger a division by zero and cause a denial of service.
48) Input validation error (CVE-ID: CVE-2021-29575)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.ReverseSequence when processing invalid seq_dim or batch_dim arguments. A remote attacker can supply crafted argument values to cause a denial of service.
Negative values for seq_dim can trigger a stack overflow or a CHECK-failure, and similar behavior can occur with invalid batch_dim values.
49) Input validation error (CVE-ID: CVE-2021-29572)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.SdcaOptimizer when processing user-supplied arguments. A local user can supply crafted input that violates the operation constraints to cause a denial of service.
The issue can trigger undefined behavior through a null pointer dereference.
50) Out-of-bounds write (CVE-ID: CVE-2021-29571)
The vulnerability allows a remote attacker to cause memory corruption.
The vulnerability exists due to an out-of-bounds write in tf.raw_ops.DrawBoundingBoxesV2 when parsing specially crafted input tensors. A remote attacker can supply a crafted boxes tensor with a last dimension smaller than 4 to cause memory corruption.
The issue also involves out-of-bounds reads from heap-allocated data.
51) Out-of-bounds read (CVE-ID: CVE-2021-29569)
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to an out-of-bounds read in the RequantizationRange operation when processing specially crafted input tensors with empty input_min or input_max values. A remote attacker can supply specially crafted inputs to disclose sensitive information.
52) Out-of-bounds read (CVE-ID: CVE-2021-29570)
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to an out-of-bounds read in tf.raw_ops.MaxPoolGradWithArgmax when parsing specially crafted inputs. A remote attacker can supply specially crafted inputs to disclose sensitive information.
The implementation uses the same value to index two different arrays without guaranteeing that their sizes are identical.
53) Input validation error (CVE-ID: CVE-2021-29567)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.SparseDenseCwiseMul when processing crafted sparse and dense tensor inputs with inconsistent dimensions. A remote attacker can send crafted input tensors to cause a denial of service.
The issue can trigger internal CHECK failures or out-of-bounds access to heap-allocated tensor buffers.
54) Input validation error (CVE-ID: CVE-2021-29568)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.ParameterizedTruncatedNormal when processing an empty shape argument. A remote attacker can supply a specially crafted input tensor to cause a denial of service.
55) Out-of-bounds write (CVE-ID: CVE-2021-29566)
The vulnerability allows a remote attacker to write outside the bounds of heap allocated arrays.
The vulnerability exists due to out-of-bounds write in tf.raw_ops.Dilation2DBackpropInput when processing invalid arguments. A remote attacker can pass crafted input tensors and parameters to write outside the bounds of heap allocated arrays.
56) NULL pointer dereference (CVE-ID: CVE-2021-29565)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to missing input validation in tf.raw_ops.SparseFillEmptyRows when processing an empty dense_shape tensor. A remote attacker can send crafted input to trigger a null pointer dereference and cause a denial of service.
57) Input validation error (CVE-ID: CVE-2021-29564)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.EditDistance when processing crafted input tensors. A remote attacker can supply malformed tensor shapes and values to trigger a null pointer dereference and cause a denial of service.
58) Input validation error (CVE-ID: CVE-2021-29563)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.RFFT when processing a crafted fft_length value. A remote attacker can supply a crafted input tensor and fft_length value to cause a denial of service.
An fft_length value of zero can cause Eigen code to operate on an empty matrix, triggering an assertion and terminating the program.
59) Input validation error (CVE-ID: CVE-2021-29562)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.IRFFT when processing a crafted fft_length value that causes Eigen code to operate on an empty matrix. A remote attacker can send crafted input to trigger an assertion failure and cause a denial of service.
60) Input validation error (CVE-ID: CVE-2021-29561)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.LoadAndRemapMatrix when processing a crafted ckpt_path tensor argument. A remote attacker can send a specially crafted tensor input to cause a denial of service.
The issue is triggered when the operation receives a non-scalar value where a valid scalar checkpoint path is assumed.
61) Heap-based buffer overflow (CVE-ID: CVE-2021-29560)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to heap-based buffer overflow in tf.raw_ops.RaggedTensorToTensor when processing user-controlled ragged tensor input. A remote attacker can supply crafted input shapes and row partition tensors to cause a denial of service.
The issue can be triggered when parent_output_index is shorter than row_split.
62) Out-of-bounds read (CVE-ID: CVE-2021-29559)
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in tf.raw_ops.UnicodeEncode when processing a malformed input_value and input_splits pair. A remote attacker can supply crafted sparse tensor inputs to disclose sensitive information.
The issue occurs because the implementation assumes that the input_value and input_splits pair specifies a valid sparse tensor.
63) Heap-based buffer overflow (CVE-ID: CVE-2021-29558)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in tf.raw_ops.SparseSplit when processing user-supplied sparse tensor input. A remote attacker can supply crafted indices and split parameters to cause a denial of service.
The issue is triggered because an array element is accessed using a user-controlled offset, resulting in heap memory being overwritten.
64) Division by zero (CVE-ID: CVE-2021-29556)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.Reverse when processing a tensor whose first dimension is zero. A remote attacker can supply a crafted tensor input to cause a denial of service.
65) Division by zero (CVE-ID: CVE-2021-29557)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.SparseMatMul when processing an empty b tensor. A remote attacker can supply crafted input tensors to cause a denial of service.
66) Division by zero (CVE-ID: CVE-2021-29555)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.FusedBatchNorm when processing a crafted tensor with a zero-sized last dimension. A remote attacker can supply crafted input tensors to cause a denial of service.
The issue results in a floating-point exception at runtime.
67) Division by zero (CVE-ID: CVE-2021-29554)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.DenseCountSparseOutput when processing user-supplied input tensors. A remote attacker can supply crafted values and weights arguments to cause a denial of service.
The issue results in an FPE runtime error.
68) Input validation error (CVE-ID: CVE-2021-29552)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in UnsortedSegmentJoin when processing a malformed num_segments tensor argument. A remote attacker can supply an empty tensor instead of a valid scalar to cause a denial of service.
The issue is triggered by a failed CHECK assertion when the operation assumes that num_segments contains exactly one element.
69) Out-of-bounds read (CVE-ID: CVE-2021-29553)
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in tf.raw_ops.QuantizeAndDequantizeV3 when processing a user-supplied axis attribute. A remote attacker can supply a crafted axis value to disclose sensitive information.
70) Out-of-bounds read (CVE-ID: CVE-2021-29551)
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to out-of-bounds read in MatrixTriangularSolve when processing empty input tensors after a failed validation condition. A remote attacker can send crafted input tensors to disclose sensitive information.
The issue occurs because kernel execution is not terminated after the validation check sets a non-OK status.
71) Division by zero (CVE-ID: CVE-2021-29550)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.FractionalAvgPool when processing user-supplied input shapes and pooling ratios. A remote attacker can supply crafted value and pooling_ratio arguments to cause a denial of service.
The issue occurs because a computed output size can become 0 in released builds, leading to a crash in a later modulo operation.
72) Input validation error (CVE-ID: CVE-2021-29549)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.QuantizedAdd when processing crafted input shapes. A remote attacker can supply inputs that cause the computed divisor to become zero to cause a denial of service.
73) Input validation error (CVE-ID: CVE-2021-29548)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.QuantizedBatchNormWithGlobalNormalization when processing crafted input tensors. A local user can supply malformed arguments that violate the operation's constraints to cause a denial of service.
74) Out-of-bounds read (CVE-ID: CVE-2021-29547)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to an out-of-bounds read in tf.raw_ops.QuantizedBatchNormWithGlobalNormalization when processing empty input tensors. A remote attacker can supply crafted empty inputs to cause a denial of service.
The issue is triggered when one of the scalar min or max input tensors is empty and the implementation accesses element 0 of the flattened buffer.
75) Division by zero (CVE-ID: CVE-2021-29546)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.QuantizedBiasAdd when processing crafted input tensors with zero elements. A remote attacker can supply crafted tensor inputs to cause a denial of service.
76) Heap-based buffer overflow (CVE-ID: CVE-2021-29545)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in SparseTensorToCSRSparseMatrix when converting sparse tensors to CSR sparse matrices. A local user can supply crafted sparse tensor indices to cause a denial of service.
77) Input validation error (CVE-ID: CVE-2021-29543)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.CTCGreedyDecoder when processing crafted input tensors and sequence_length values. A remote attacker can send crafted input to trigger a CHECK failure and cause a denial of service.
The issue results in abnormal program termination instead of returning a valid error to the user.
78) Input validation error (CVE-ID: CVE-2021-29544)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.QuantizeAndDequantizeV4Grad when processing crafted input tensors. A remote attacker can supply input_min and input_max tensors with an invalid rank to cause a denial of service.
The issue is triggered by a CHECK failure when the operation passes non-1-dimensional tensors to vec().
79) Input validation error (CVE-ID: CVE-2021-29541)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.StringNGrams when processing a crafted data_splits argument. A remote attacker can supply a specially crafted data_splits input to cause a denial of service.
The issue occurs when the output is computed to have zero or negative size, causing later writes to dereference a null pointer.
80) Heap-based buffer overflow (CVE-ID: CVE-2021-29542)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in tf.raw_ops.StringNGrams when processing crafted input tensors. A remote attacker can pass crafted inputs to trigger a heap buffer overflow and cause a denial of service.
The issue occurs in corner cases where generated tokens contain only padding elements, causing the implementation to read data[-1] when num_tokens becomes 0.
81) Heap-based buffer overflow (CVE-ID: CVE-2021-29540)
The vulnerability allows a remote attacker to cause a heap buffer overflow.
The vulnerability exists due to heap-based buffer overflow in Conv2DBackpropFilter when processing crafted filter_sizes input. A remote attacker can supply a specially crafted tensor configuration to cause a heap buffer overflow.
The issue occurs because the implementation computes the size of the filter tensor but does not validate that it matches the number of elements in filter_sizes.
82) Division by zero (CVE-ID: CVE-2021-29538)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in Conv2DBackpropFilter when processing user-supplied tensor shapes. A remote attacker can provide crafted input tensors with empty shapes to cause a denial of service.
83) Heap-based buffer overflow (CVE-ID: CVE-2021-29536)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in QuantizedReshape when processing invalid quantization threshold tensors. A remote attacker can pass empty input_min or input_max tensors to cause a denial of service.
The issue occurs because the implementation assumes the threshold arguments are valid scalars and accesses element 0 even when the tensors are empty.
84) Heap-based buffer overflow (CVE-ID: CVE-2021-29537)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in QuantizedResizeBilinear when processing invalid quantization threshold tensors. A local user can pass empty min or max tensors to trigger the overflow and cause a denial of service.
The issue occurs if the min or max input tensors are empty, causing access to element 0 of an empty flattened buffer.
85) Integer overflow (CVE-ID: CVE-2021-29534)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.SparseConcat when processing user-supplied shapes. A remote attacker can provide crafted shape values that trigger an integer overflow and a CHECK failure to cause a denial of service.
The issue is triggered when a dimension derived from shapes[0] causes overflow during TensorShape construction.
86) Heap-based buffer overflow (CVE-ID: CVE-2021-29535)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in QuantizedMul when processing invalid quantization threshold tensors. A remote attacker can pass empty threshold tensors to trigger the overflow and cause a denial of service.
The issue occurs if any of the min_x, max_x, min_y, or max_y input tensors is empty instead of a valid scalar.
87) Input validation error (CVE-ID: CVE-2021-29533)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.DrawBoundingBoxes when processing user-supplied image and box inputs. A remote attacker can pass an empty image to trigger a CHECK failure and abort program execution to cause a denial of service.
88) Out-of-bounds read (CVE-ID: CVE-2021-29532)
The vulnerability allows a remote attacker to disclose sensitive information.
The vulnerability exists due to improper input validation in tf.raw_ops.RaggedCross when processing invalid tensor values. A remote attacker can pass crafted tensor arguments to trigger out-of-bounds reads and disclose sensitive information.
89) Input validation error (CVE-ID: CVE-2021-29531)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.EncodePng when encoding an empty input tensor as pixel data. A remote attacker can provide an empty input tensor to trigger process abort and cause a denial of service.
The issue is triggered because an empty tensor results in a null image buffer that reaches a CHECK_NOTNULL assertion in png::WriteImageToBuffer.
90) Heap-based buffer overflow (CVE-ID: CVE-2021-29529)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in tf.raw_ops.QuantizedResizeBilinear when processing manipulated input values that trigger float rounding errors during image interpolation. A remote attacker can supply crafted input tensors to cause a denial of service.
The issue occurs when rounding causes the computed upper interpolation bound to become smaller than the lower bound, leading to an off-by-one out-of-bounds access.
91) Input validation error (CVE-ID: CVE-2021-29530)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.SparseMatrixSparseCholesky when processing an invalid permutation argument. A local user can provide a specially crafted permutation input to cause a denial of service.
The issue can be triggered by a null pointer dereference after validation fails inside ValidateInputs but execution continues in the caller.
92) Division by zero (CVE-ID: CVE-2021-29528)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.QuantizedMul when processing caller-controlled input tensors. A remote attacker can supply crafted input values to cause a denial of service.
93) Division by zero (CVE-ID: CVE-2021-29527)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.QuantizedConv2D when processing user-supplied input tensors. A remote attacker can supply a crafted filter tensor to cause a denial of service.
94) Division by zero (CVE-ID: CVE-2021-29526)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.Conv2D when processing caller-controlled input dimensions. A local user can supply crafted input and filter tensors to cause a denial of service.
95) Division by zero (CVE-ID: CVE-2021-29525)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.Conv2DBackpropInput when processing crafted input tensors. A local user can supply crafted arguments to trigger a division by zero and cause a denial of service.
96) Division by zero (CVE-ID: CVE-2021-29524)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to division by zero in tf.raw_ops.Conv2DBackpropFilter when processing user-supplied input tensors and filter parameters. A remote attacker can supply crafted arguments to trigger a division by zero and cause a denial of service.
97) Integer overflow (CVE-ID: CVE-2021-29523)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to an integer overflow in tf.raw_ops.AddManySparseToTensorsMap when processing a crafted sparse_shape argument. A remote attacker can supply crafted dimension values that trigger a CHECK failure to cause a denial of service.
98) Input validation error (CVE-ID: CVE-2021-29522)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.Conv3DBackprop* operations when processing empty input tensors. A remote attacker can supply crafted tensor shapes to cause a denial of service.
The issue is triggered by a division by zero while computing the shard size.
99) Heap-based buffer overflow (CVE-ID: CVE-2021-29520)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a heap-based buffer overflow in Conv3DBackpropInputV2 and Conv3DBackpropFilterV2 when processing crafted tensor arguments. A local user can supply mismatched input, filter_sizes, or out_backprop tensor shapes to cause a denial of service.
The issue occurs because the implementation accesses these tensors in parallel while assuming they have the same shape.
100) Input validation error (CVE-ID: CVE-2021-29521)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.SparseCountSparseOutput when processing a crafted dense_shape argument. A local user can supply a dense_shape tensor with negative values to cause a denial of service.
The issue is triggered because the implementation assumes the first element of dense_shape is positive and uses it to initialize a std::vector-backed data structure.
101) Type Confusion (CVE-ID: CVE-2021-29519)
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to type confusion in tf.raw_ops.SparseCross when processing crafted combinations of sparse and dense inputs with mismatched data types. A remote attacker can send crafted input tensors to cause a denial of service.
102) NULL pointer dereference (CVE-ID: CVE-2021-29518)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a null pointer dereference in session operations in eager mode when invoking raw session ops. A local user can call GetSessionTensor or DeleteSessionTensor in eager mode to cause a denial of service.
Eager mode is the default in TensorFlow 2.0 and later.
103) Division by zero (CVE-ID: CVE-2021-29517)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to division by zero in the Conv3D implementation when processing crafted tensor shapes. A local user can supply tensors with a zero-valued fifth filter dimension to cause a denial of service.
Invalid tensor shapes can also trigger an Eigen assertion.
104) NULL pointer dereference (CVE-ID: CVE-2021-29516)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a null pointer dereference in the RaggedTensorToVariant operation when processing an invalid empty ragged tensor. A local user can supply a crafted invalid ragged tensor to cause a denial of service.
105) NULL pointer dereference (CVE-ID: CVE-2021-29515)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to a null pointer dereference in MatrixDiagV2 and MatrixDiagV3 operations when processing empty tensor arguments. A local user can supply crafted empty tensors to trigger a crash and cause a denial of service.
106) Heap-based buffer overflow (CVE-ID: CVE-2021-29514)
The vulnerability allows a remote attacker to cause memory corruption.
The vulnerability exists due to a heap-based buffer overflow in the RaggedBincount op when processing a malformed splits argument that does not specify a valid SparseTensor. A remote attacker can supply a specially crafted splits tensor to cause memory corruption.
107) Type Confusion (CVE-ID: CVE-2021-29513)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to type confusion in the Python array to C++ array conversion code in ndarray_tensor.cc when processing tensors of non-numeric types where numeric tensors are expected. A local user can supply a specially crafted tensor type to cause a denial of service.
108) Input validation error (CVE-ID: CVE-2021-29539)
The vulnerability allows a local user to cause a denial of service.
The vulnerability exists due to improper input validation in tf.raw_ops.ImmutableConst when processing a dtype value of tf.resource or tf.variant. A local user can call the operation with a crafted dtype argument to cause a denial of service.
Remediation
Install update from vendor's website.
References
- https://github.com/tensorflow/tensorflow/releases/tag/v2.5.0
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wvjw-p9f5-vq28
- https://github.com/tensorflow/tensorflow/commit/82e6203221865de4008445b13c69b6826d2b28d9
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mmq6-q8r3-48fm
- https://github.com/tensorflow/tensorflow/commit/890f7164b70354c57d40eda52dcdd7658677c09f
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xqfj-cr6q-pc8w
- https://github.com/tensorflow/tensorflow/commit/1dc6a7ce6e0b3e27a7ae650bfc05b195ca793f88
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvv-7x94-7vq8
- https://github.com/tensorflow/tensorflow/commit/e6340f0665d53716ef3197ada88936c2a5f7a2d3
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qw5h-7f53-xrp6
- https://github.com/tensorflow/tensorflow/commit/e07e1c3d26492c06f078c7e5bf2d138043e199c1
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8pmx-p244-g88h
- https://github.com/tensorflow/tensorflow/commit/698e01511f62a3c185754db78ebce0eee1f0184d
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vvg4-vgrv-xfr7
- https://github.com/tensorflow/tensorflow/commit/14607c0707040d775e06b6817325640cb4b5864c
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2xgj-xhgf-ggjv
- https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mq5c-prh3-3f3h
- https://github.com/tensorflow/tensorflow/commit/c5b0d5f8ac19888e46ca14b0e27562e7fbbee9a9
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9rpc-5v9q-5r7f
- https://github.com/tensorflow/tensorflow/commit/1d04d7d93f4ed3854abf75d6b712d72c3f70d6b6
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gv26-jpj9-c8gq
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cjc7-49v2-jp64
- https://github.com/tensorflow/tensorflow/commit/6fd02f44810754ae7481838b6a67c5df7f909ca3
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rgvq-pcvf-hx75
- https://github.com/tensorflow/tensorflow/commit/b761c9b652af2107cfbc33efd19be0ce41daa33e
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h4pc-gx2w-f2xv
- https://github.com/tensorflow/tensorflow/commit/ae2daeb45abfe2c6dda539cf8d0d6f653d3ef412
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-crch-j389-5f84
- https://github.com/tensorflow/tensorflow/commit/c59c37e7b2d563967da813fa50fe20b21f4da683
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jf7h-7m85-w2v2
- https://github.com/tensorflow/tensorflow/commit/7c8cc4ec69cd348e44ad6a2699057ca88faad3e5
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c84-4hx6-xmm4
- https://github.com/tensorflow/tensorflow/commit/4253f96a58486ffe84b61c0415bb234a4632ee73
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rm6-75mf-7r7r
- https://github.com/tensorflow/tensorflow/commit/5117e0851348065ed59c991562c0ec80d9193db2
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rf3h-xgv5-2q39
- https://github.com/tensorflow/tensorflow/commit/cbda3c6b2dbbd3fbdc482ff8c0170a78ec2e97d0
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8qh-3xrq-c825
- https://github.com/tensorflow/tensorflow/commit/3ebedd7e345453d68e279cfc3e4072648e5e12e5
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-97wf-p777-86jq
- https://github.com/tensorflow/tensorflow/commit/b22786e7e9b7bdb6a56936ff29cc7e9968d7bc1d
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pmpr-55fj-r229
- https://github.com/tensorflow/tensorflow/commit/6841e522a3e7d48706a02e8819836e809f738682
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v52p-hfjf-wg88
- https://github.com/tensorflow/tensorflow/commit/6d36ba65577006affb272335b7c1abd829010708
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cfx7-2xpc-8w4h
- https://github.com/tensorflow/tensorflow/commit/2c74674348a4708ced58ad6eb1b23354df8ee044
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4vrf-ff7v-hpgr
- https://github.com/tensorflow/tensorflow/commit/f61c57bd425878be108ec787f4d96390579fb83e
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3qgw-p4fm-x7gf
- https://github.com/tensorflow/tensorflow/commit/ff489d95a9006be080ad14feb378f2b4dac35552
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vf94-36g5-69v8
- https://github.com/tensorflow/tensorflow/commit/106d8f4fb89335a2c52d7c895b7a7485465ca8d9
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cwv3-863g-39vx
- https://github.com/tensorflow/tensorflow/commit/9c1dc920d8ffb4893d6c9d27d1f039607b326743
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jjr8-m8g8-p6wv
- https://github.com/tensorflow/tensorflow/commit/f8378920345f4f4604202d4ab15ef64b2aceaa16
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x6-8c7m-hv3f
- https://github.com/tensorflow/tensorflow/commit/953f28dca13c92839ba389c055587cfe6c723578
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vfr4-x8j2-3rf9
- https://github.com/tensorflow/tensorflow/commit/801c1c6be5324219689c98e1bd3e0ca365ee834d
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3w67-q784-6w7c
- https://github.com/tensorflow/tensorflow/commit/8e45822aa0b9f5df4b4c64f221e64dc930a70a9d
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j7rm-8ww4-xx2g
- https://github.com/tensorflow/tensorflow/commit/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-26j7-6w8w-7922
- https://github.com/tensorflow/tensorflow/commit/5f7975d09eac0f10ed8a17dbb6f5964977725adc
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv78-g7wq-mhp4
- https://github.com/tensorflow/tensorflow/commit/49847ae69a4e1a97ae7f2db5e217c77721e37948
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9xh4-23q4-v6wr
- https://github.com/tensorflow/tensorflow/commit/6972f9dfe325636b3db4e0bc517ee22a159365c0
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvjm-fvxx-q3hv
- https://github.com/tensorflow/tensorflow/commit/4c0ee937c0f61c4fc5f5d32d9bb4c67428012a60
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c45w-2wxr-pp53
- https://github.com/tensorflow/tensorflow/commit/5899741d0421391ca878da47907b1452f06aaf1b
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq2r-5xvm-3hc3
- https://github.com/tensorflow/tensorflow/commit/b1b323042264740c398140da32e93fb9c2c9f33e
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-79fv-9865-4qcv
- https://github.com/tensorflow/tensorflow/commit/a74768f8e4efbda4def9f16ee7e13cf3922ac5f7
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6f89-8j54-29xf
- https://github.com/tensorflow/tensorflow/commit/12c727cee857fa19be717f336943d95fca4ffe4f
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x8h6-xgqx-jqgp
- https://github.com/tensorflow/tensorflow/commit/32fdcbff9d06d010d908fcc4bd4b36eb3ce15925
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6r6-84gr-92rm
- https://github.com/tensorflow/tensorflow/commit/6fc9141f42f6a72180ecd24021c3e6b36165fe0d
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7cqx-92hp-x6wh
- https://github.com/tensorflow/tensorflow/commit/63c6a29d0f2d692b247f7bf81f8732d6442fad09
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-828x-qc2p-wprq
- https://github.com/tensorflow/tensorflow/commit/a3d9f9be9ac2296615644061b40cefcee341dcc4
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vpm-rcf4-9wqw
- https://github.com/tensorflow/tensorflow/commit/376c352a37ce5a68b721406dc7e77ac4b6cf483d
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6qgm-fv6v-rfpv
- https://github.com/tensorflow/tensorflow/commit/ecf768cbe50cedc0a45ce1ee223146a3d3d26d23
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5gqf-456p-4836
- https://github.com/tensorflow/tensorflow/commit/f7cc8755ac6683131fdfa7a8a121f9d7a9dec6fb
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-whr9-vfh2-7hm6
- https://github.com/tensorflow/tensorflow/commit/79865b542f9ffdc9caeb255631f7c56f1d4b6517
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3h8m-483j-7xxm
- https://github.com/tensorflow/tensorflow/commit/ef0c008ee84bad91ec6725ddc42091e19a30cf0e
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-545v-42p7-98fq
- https://github.com/tensorflow/tensorflow/commit/dcd7867de0fea4b72a2b34bd41eb74548dc23886
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wp3c-xw9g-gpcg
- https://github.com/tensorflow/tensorflow/commit/7ae2af34087fb4b5c8915279efd03da3b81028bc
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4p4p-www8-8fv9
- https://github.com/tensorflow/tensorflow/commit/5e52ef5a461570cfb68f3bdbbebfe972cb4e0fd8
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pvrc-hg3f-58r6
- https://github.com/tensorflow/tensorflow/commit/3f6fe4dfef6f57e768260b48166c27d148f3015f
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6pg-pjwc-j585
- https://github.com/tensorflow/tensorflow/commit/faa76f39014ed3b5e2c158593b1335522e573c7f
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75f6-78jr-4656
- https://github.com/tensorflow/tensorflow/commit/f4c364a5d6880557f6f5b6eb5cee2c407f0186b3
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ph87-fvjr-v33w
- https://github.com/tensorflow/tensorflow/commit/31bd5026304677faa8a0b77602c6154171b9aec1
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-36vm-xw34-x4pj
- https://github.com/tensorflow/tensorflow/commit/1c56f53be0b722ca657cbc7df461ed676c8642a2
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gvm4-h8j3-rjrq
- https://github.com/tensorflow/tensorflow/commit/77dd114513d7796e1e2b8aece214a380af26fbf4
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8gv3-57p6-g35r
- https://github.com/tensorflow/tensorflow/commit/a84358aa12f0b1518e606095ab9cfddbf597c121
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-59q2-x2qc-4c97
- https://github.com/tensorflow/tensorflow/commit/51300ba1cc2f487aefec6e6631fef03b0e08b298
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mqh2-9wrp-vx84
- https://github.com/tensorflow/tensorflow/commit/8ba6fa29cd8bf9cef9b718dc31c78c73081f5b31
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxqh-cfjm-fp93
- https://github.com/tensorflow/tensorflow/commit/4071d8e2f6c45c1955a811fee757ca2adbe462c1
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xw93-v57j-fcgh
- https://github.com/tensorflow/tensorflow/commit/7f283ff806b2031f407db64c4d3edcda8fb9f9f5
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r35g-4525-29fq
- https://github.com/tensorflow/tensorflow/commit/1a2a87229d1d61e23a39373777c056161eb4084d
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qg48-85hg-mqc5
- https://github.com/tensorflow/tensorflow/commit/da5ff2daf618591f64b2b62d9d9803951b945e9f
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jhq9-wm9m-cf89
- https://github.com/tensorflow/tensorflow/commit/704866eabe03a9aeda044ec91a8d0c83fc1ebdbe
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h9px-9vqg-222h
- https://github.com/tensorflow/tensorflow/commit/99085e8ff02c3763a0ec2263e44daec416f6a387
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vqw6-72r7-fgw7
- https://github.com/tensorflow/tensorflow/commit/480641e3599775a8895254ffbc0fc45621334f68
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f78g-q7r4-9wcv
- https://github.com/tensorflow/tensorflow/commit/548b5eaf23685d86f722233d8fbc21d0a4aecb96
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x83m-p7pv-ch8v
- https://github.com/tensorflow/tensorflow/commit/744009c9e5cc5d0447f0dc39d055f917e1fd9e16
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p45v-v4pw-77jr
- https://github.com/tensorflow/tensorflow/commit/d6ed5bcfe1dcab9e85a4d39931bd18d99018e75b
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4fg4-p75j-w5xj
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m34j-p8rj-wjxq
- https://github.com/tensorflow/tensorflow/commit/67784700869470d65d5f2ef20aeb5e97c31673cb
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hmg3-c7xj-6qwm
- https://github.com/tensorflow/tensorflow/commit/1e922ccdf6bf46a3a52641f99fd47d54c1decd13
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fphq-gw9m-ghrv
- https://github.com/tensorflow/tensorflow/commit/ea3b43e98c32c97b35d52b4c66f9107452ca8fb2
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9
- https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xqfj-35wv-m3cr
- https://github.com/tensorflow/tensorflow/commit/ba424dd8f16f7110eea526a8086f1a155f14f22b
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hrh-9vmp-2jgg
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xgc3-m89p-vr3x
- https://github.com/tensorflow/tensorflow/commit/c570e2ecfc822941335ad48f6e10df4e21f11c96
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8qc-5fqr-52fp
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2gfx-95x2-5v3x
- https://github.com/tensorflow/tensorflow/commit/a324ac84e573fba362a5e53d4e74d5de6729933e
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8c89-2vwr-chcq
- https://github.com/tensorflow/tensorflow/commit/f6c40f0c6cbf00d46c7717a26419f2062f2f8694
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6j9c-grc6-5m6g
- https://github.com/tensorflow/tensorflow/commit/69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m3f9-w3p3-p669
- https://github.com/tensorflow/tensorflow/commit/efea03b38fb8d3b81762237dc85e579cc5fc6e87
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-393f-2jr3-cp69
- https://github.com/tensorflow/tensorflow/commit/b432a38fe0e1b4b904a6c222cbce794c39703e87
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j47f-4232-hvv8
- https://github.com/tensorflow/tensorflow/commit/44b7f486c0143f68b56c34e2d01e146ee445134a
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3qxp-qjq7-w4hf
- https://github.com/tensorflow/tensorflow/commit/26eb323554ffccd173e8a79a8c05c15b685ae4d1
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jfp7-4j67-8r3q
- https://github.com/tensorflow/tensorflow/commit/f851613f8f0fb0c838d160ced13c134f778e3ce7
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xcwj-wfcm-m23c
- https://github.com/tensorflow/tensorflow/commit/e6a7c7cc18c3aaad1ae0872cb0a959f5c923d2bd
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6f84-42vf-ppwp
- https://github.com/tensorflow/tensorflow/commit/a1b11d2fdd1e51bfe18bb1ede804f60abfa92da6
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4g7-fvjj-prg8
- https://github.com/tensorflow/tensorflow/commit/cfa91be9863a91d5105a3b4941096044ab32036b
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4vf2-4xcg-65cx
- https://github.com/tensorflow/tensorflow/commit/b12aa1d44352de21d1a6faaf04172d8c2508b42b
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xm2v-8rrw-w9pm
- https://github.com/tensorflow/tensorflow/commit/2be2cdf3a123e231b16f766aa0e27d56b4606535
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r4pj-74mg-8868
- https://github.com/tensorflow/tensorflow/commit/fca9874a9b42a2134f907d2fb46ab774a831404a
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2cpx-427x-q2c6
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c968-pq7h-7fxv
- https://github.com/tensorflow/tensorflow/commit/311403edbc9816df80274bd1ea8b3c0c0f22c3fa
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wcv5-qrj6-9pfm
- https://github.com/tensorflow/tensorflow/commit/8f37b52e1320d8d72a9529b2468277791a261197
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hr84-fqvp-48mm
- https://github.com/tensorflow/tensorflow/commit/c57c0b9f3a4f8684f3489dd9a9ec627ad8b599f5
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-772j-h9xw-ffp5
- https://github.com/tensorflow/tensorflow/commit/b1cc5e5a50e7cee09f2c6eb48eb40ee9c4125025
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-62gx-355r-9fhg
- https://github.com/tensorflow/tensorflow/commit/ff70c47a396ef1e3cb73c90513da4f5cb71bebba
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-772p-x54p-hjrv
- https://github.com/tensorflow/tensorflow/commit/799f835a3dfa00a4d852defa29b15841eea9d64f
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-84mw-34w6-2q43
- https://github.com/tensorflow/tensorflow/commit/b055b9c474cd376259dde8779908f9eeaf097d93
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hc6c-75p4-hmq4
- https://github.com/tensorflow/tensorflow/commit/a7116dd3913c4a4afd2a3a938573aa7c785fdfc6
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8h46-5m9h-7553
- https://github.com/tensorflow/tensorflow/commit/eebb96c2830d48597d055d247c0e9aebaea94cd5
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-452g-f7fp-9jf7
- https://github.com/tensorflow/tensorflow/commit/030af767d357d1b4088c4a25c72cb3906abac489
- https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g4h2-gqm3-c9wq
- https://github.com/tensorflow/tensorflow/commit/4f663d4b8f0bec1b48da6fa091a7d29609980fa4