From 2a6f751b6aba9a96497fc4b5fef0cfc033b9a94b Mon Sep 17 00:00:00 2001 From: "pyup.io vuln bot" Date: Thu, 31 Oct 2024 23:00:48 -0700 Subject: [PATCH] november update --- data/insecure_full.json | 15505 ++++++++++++++++++++------------------ 1 file changed, 7986 insertions(+), 7519 deletions(-) diff --git a/data/insecure_full.json b/data/insecure_full.json index 0bfe6ab5..99d41666 100644 --- a/data/insecure_full.json +++ b/data/insecure_full.json @@ -2,7 +2,7 @@ "$meta": { "advisory": "PyUp.io metadata", "base_domain": "https://pyup.io", - "timestamp": 1727762451 + "timestamp": 1730440847 }, "10cent10": [ { @@ -43,6 +43,19 @@ "v": ">0,<0" } ], + "123bla": [ + { + "advisory": "The OpenSSF Package Analysis project identified '123bla' @ 0.0.1 (pypi) as malicious.", + "cve": "PVE-2024-73967", + "id": "pyup.io-73967", + "more_info_path": "/vulnerabilities/PVE-2024-73967/73967", + "specs": [ + ">=0", + "<=0" + ], + "v": ">=0,<=0" + } + ], "12cent": [ { "advisory": "12Cent is a malicious package. It exfiltrates data from the host where it is installed.\r\nhttps://bertusk.medium.com/malicious-pypi-packages-found-exfiltrating-data-and-opening-reverse-shells-87d4afb5d99e", @@ -305,40 +318,40 @@ ], "acryl-datahub": [ { - "advisory": "DataHub under 0.8.45 uses the X-DataHub-Actor HTTP header to identify the user making requests without authentication. However, this can be exploited by attackers who can manipulate the case of the header (e.g., X-DATAHUB-ACTOR), leading to potential authorization bypass and unauthorized actions. This issue, identified and reported by GitHub Security Lab, is known as GHSL-2022-079.\r\nhttps://github.com/datahub-project/datahub/security/advisories/GHSA-qgp2-qr66-j8r8", - "cve": "CVE-2023-25559", - "id": "pyup.io-63343", - "more_info_path": "/vulnerabilities/CVE-2023-25559/63343", + "advisory": "DataHub's AuthServiceClient, particularly versions below 0.8.45, creates JSON strings using format strings with user-controlled data. This approach lets potential attackers alter these JSON strings and forward them to the backend, causing potential misuse and authentication bypasses. This could lead to the creation of system accounts, potentially resulting in full system compromise. This vulnerability was discovered and reported by the GitHub Security lab and is being tracked under GHSL-2022-081.\r\nhttps://github.com/datahub-project/datahub/security/advisories/GHSA-7wc6-p6c4-522c", + "cve": "CVE-2023-25561", + "id": "pyup.io-63339", + "more_info_path": "/vulnerabilities/CVE-2023-25561/63339", "specs": [ "<0.8.45" ], "v": "<0.8.45" }, { - "advisory": "In DataHub versions prior to 0.8.45, session cookies are only cleared upon new sign-ins, not during logouts. This allows potential attackers to bypass authentication checks using the AuthUtils.hasValidSessionCookie() method by using a cookie from a logged-out session. Consequently, any logged-out session cookie might be considered valid, leading to an authentication bypass. Users are advised to upgrade to version 0.8.45 to rectify this vulnerability. Currently, there are no known workarounds. This vulnerability was identified and reported by the GitHub Security lab and is being tracked under GHSL-2022-083.\r\nhttps://github.com/datahub-project/datahub/security/advisories/GHSA-3974-hxjh-m3jj\r\nhttps://github.com/datahub-project/datahub/blob/aa146db611e3a4ca3aa17bb740783f789d4444d3/datahub-frontend/app/auth/AuthUtils.java#L78", - "cve": "CVE-2023-25562", - "id": "pyup.io-63338", - "more_info_path": "/vulnerabilities/CVE-2023-25562/63338", + "advisory": "DataHub under 0.8.45 uses the X-DataHub-Actor HTTP header to identify the user making requests without authentication. However, this can be exploited by attackers who can manipulate the case of the header (e.g., X-DATAHUB-ACTOR), leading to potential authorization bypass and unauthorized actions. This issue, identified and reported by GitHub Security Lab, is known as GHSL-2022-079.\r\nhttps://github.com/datahub-project/datahub/security/advisories/GHSA-qgp2-qr66-j8r8", + "cve": "CVE-2023-25559", + "id": "pyup.io-63343", + "more_info_path": "/vulnerabilities/CVE-2023-25559/63343", "specs": [ "<0.8.45" ], "v": "<0.8.45" }, { - "advisory": "DataHub's AuthServiceClient, particularly versions below 0.8.45, creates JSON strings using format strings with user-controlled data. This approach lets potential attackers alter these JSON strings and forward them to the backend, causing potential misuse and authentication bypasses. This could lead to the creation of system accounts, potentially resulting in full system compromise. This vulnerability was discovered and reported by the GitHub Security lab and is being tracked under GHSL-2022-081.\r\nhttps://github.com/datahub-project/datahub/security/advisories/GHSA-7wc6-p6c4-522c", - "cve": "CVE-2023-25561", - "id": "pyup.io-63339", - "more_info_path": "/vulnerabilities/CVE-2023-25561/63339", + "advisory": "DataHub under 0.8.45 frontend, acting as a proxy, is found to have a vulnerability where it doesn't properly construct URLs when forwarding data to the DataHub Metadata Store (GMS), potentially allowing external users to reroute requests from the DataHub Frontend to any host. This could enable attackers to reroute a request from the frontend proxy to any other server and return the result. The vulnerability was discovered and reported by the GitHub Security lab and is tracked as GHSL-2022-076.\r\nhttps://github.com/datahub-project/datahub/security/advisories/GHSA-5w2h-q83m-65xg", + "cve": "CVE-2023-25557", + "id": "pyup.io-63341", + "more_info_path": "/vulnerabilities/CVE-2023-25557/63341", "specs": [ "<0.8.45" ], "v": "<0.8.45" }, { - "advisory": "DataHub under 0.8.45 frontend, acting as a proxy, is found to have a vulnerability where it doesn't properly construct URLs when forwarding data to the DataHub Metadata Store (GMS), potentially allowing external users to reroute requests from the DataHub Frontend to any host. This could enable attackers to reroute a request from the frontend proxy to any other server and return the result. The vulnerability was discovered and reported by the GitHub Security lab and is tracked as GHSL-2022-076.\r\nhttps://github.com/datahub-project/datahub/security/advisories/GHSA-5w2h-q83m-65xg", - "cve": "CVE-2023-25557", - "id": "pyup.io-63341", - "more_info_path": "/vulnerabilities/CVE-2023-25557/63341", + "advisory": "In DataHub versions prior to 0.8.45, session cookies are only cleared upon new sign-ins, not during logouts. This allows potential attackers to bypass authentication checks using the AuthUtils.hasValidSessionCookie() method by using a cookie from a logged-out session. Consequently, any logged-out session cookie might be considered valid, leading to an authentication bypass. Users are advised to upgrade to version 0.8.45 to rectify this vulnerability. Currently, there are no known workarounds. This vulnerability was identified and reported by the GitHub Security lab and is being tracked under GHSL-2022-083.\r\nhttps://github.com/datahub-project/datahub/security/advisories/GHSA-3974-hxjh-m3jj\r\nhttps://github.com/datahub-project/datahub/blob/aa146db611e3a4ca3aa17bb740783f789d4444d3/datahub-frontend/app/auth/AuthUtils.java#L78", + "cve": "CVE-2023-25562", + "id": "pyup.io-63338", + "more_info_path": "/vulnerabilities/CVE-2023-25562/63338", "specs": [ "<0.8.45" ], @@ -442,9 +455,9 @@ "actipy": [ { "advisory": "Actipy 1.1.0 updates its dependency 'numpy' requirement to '>=1.22' to include security fixes.", - "cve": "CVE-2021-34141", - "id": "pyup.io-51296", - "more_info_path": "/vulnerabilities/CVE-2021-34141/51296", + "cve": "CVE-2021-41496", + "id": "pyup.io-51303", + "more_info_path": "/vulnerabilities/CVE-2021-41496/51303", "specs": [ "<1.1.0" ], @@ -452,9 +465,9 @@ }, { "advisory": "Actipy 1.1.0 updates its dependency 'numpy' requirement to '>=1.22' to include security fixes.", - "cve": "CVE-2021-41496", - "id": "pyup.io-51303", - "more_info_path": "/vulnerabilities/CVE-2021-41496/51303", + "cve": "CVE-2021-34141", + "id": "pyup.io-51296", + "more_info_path": "/vulnerabilities/CVE-2021-34141/51296", "specs": [ "<1.1.0" ], @@ -1210,9 +1223,9 @@ }, { "advisory": "Aim 1.2.13 updates its dependency 'pillow' to v6.2.2 to include security fixes.", - "cve": "CVE-2020-5312", - "id": "pyup.io-48614", - "more_info_path": "/vulnerabilities/CVE-2020-5312/48614", + "cve": "CVE-2020-5310", + "id": "pyup.io-48607", + "more_info_path": "/vulnerabilities/CVE-2020-5310/48607", "specs": [ "<1.2.13" ], @@ -1220,9 +1233,9 @@ }, { "advisory": "Aim 1.2.13 updates its dependency 'pillow' to v6.2.2 to include security fixes.", - "cve": "CVE-2020-5313", - "id": "pyup.io-48615", - "more_info_path": "/vulnerabilities/CVE-2020-5313/48615", + "cve": "CVE-2020-5312", + "id": "pyup.io-48614", + "more_info_path": "/vulnerabilities/CVE-2020-5312/48614", "specs": [ "<1.2.13" ], @@ -1230,9 +1243,9 @@ }, { "advisory": "Aim 1.2.13 updates its dependency 'pillow' to v6.2.2 to include security fixes.", - "cve": "CVE-2020-5310", - "id": "pyup.io-48607", - "more_info_path": "/vulnerabilities/CVE-2020-5310/48607", + "cve": "CVE-2020-5313", + "id": "pyup.io-48615", + "more_info_path": "/vulnerabilities/CVE-2020-5313/48615", "specs": [ "<1.2.13" ], @@ -1425,20 +1438,20 @@ "v": "<3.8.0" }, { - "advisory": "Aiohttp 3.8.6 updates vendored copy of 'llhttp' to v9.1.3 to include a security fix.\r\nhttps://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9", - "cve": "PVE-2023-61657", - "id": "pyup.io-61657", - "more_info_path": "/vulnerabilities/PVE-2023-61657/61657", + "advisory": "Aiohttp 3.8.6 includes a fix for CVE-2023-47627: The HTTP parser in AIOHTTP has numerous problems with header parsing, which could lead to request smuggling. This parser is only used when AIOHTTP_NO_EXTENSIONS is enabled (or not using a prebuilt wheel).\r\nhttps://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg", + "cve": "CVE-2023-47627", + "id": "pyup.io-62326", + "more_info_path": "/vulnerabilities/CVE-2023-47627/62326", "specs": [ "<3.8.6" ], "v": "<3.8.6" }, { - "advisory": "Aiohttp 3.8.6 includes a fix for CVE-2023-47627: The HTTP parser in AIOHTTP has numerous problems with header parsing, which could lead to request smuggling. This parser is only used when AIOHTTP_NO_EXTENSIONS is enabled (or not using a prebuilt wheel).\r\nhttps://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg", - "cve": "CVE-2023-47627", - "id": "pyup.io-62326", - "more_info_path": "/vulnerabilities/CVE-2023-47627/62326", + "advisory": "Aiohttp 3.8.6 updates vendored copy of 'llhttp' to v9.1.3 to include a security fix.\r\nhttps://github.com/aio-libs/aiohttp/security/advisories/GHSA-pjjw-qhg8-p2p9", + "cve": "PVE-2023-61657", + "id": "pyup.io-61657", + "more_info_path": "/vulnerabilities/PVE-2023-61657/61657", "specs": [ "<3.8.6" ], @@ -1475,20 +1488,20 @@ "v": "<3.9.1" }, { - "advisory": "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server (e.g. nginx) for serving static files. Users following the recommendation are unaffected. Other users can disable `show_index` if unable to upgrade. See CVE-2024-27306.", - "cve": "CVE-2024-27306", - "id": "pyup.io-70630", - "more_info_path": "/vulnerabilities/CVE-2024-27306/70630", + "advisory": "Affected versions of `aiohttp` are vulnerable to an infinite loop condition. This occurs when an attacker sends a specially crafted POST (multipart/form-data) request. Upon processing, the `aiohttp` server enters an infinite loop, preventing it from processing further requests. This results in a denial-of-service (DoS) attack, allowing an attacker to stop the application from serving requests after a single request. Users are advised to upgrade to version 3.9.4 or manually apply a patch to their systems as per the linked GHSA instructions.", + "cve": "CVE-2024-30251", + "id": "pyup.io-71545", + "more_info_path": "/vulnerabilities/CVE-2024-30251/71545", "specs": [ "<3.9.4" ], "v": "<3.9.4" }, { - "advisory": "Affected versions of `aiohttp` are vulnerable to an infinite loop condition. This occurs when an attacker sends a specially crafted POST (multipart/form-data) request. Upon processing, the `aiohttp` server enters an infinite loop, preventing it from processing further requests. This results in a denial-of-service (DoS) attack, allowing an attacker to stop the application from serving requests after a single request. Users are advised to upgrade to version 3.9.4 or manually apply a patch to their systems as per the linked GHSA instructions.", - "cve": "CVE-2024-30251", - "id": "pyup.io-71545", - "more_info_path": "/vulnerabilities/CVE-2024-30251/71545", + "advisory": "aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server (e.g. nginx) for serving static files. Users following the recommendation are unaffected. Other users can disable `show_index` if unable to upgrade. See CVE-2024-27306.", + "cve": "CVE-2024-27306", + "id": "pyup.io-70630", + "more_info_path": "/vulnerabilities/CVE-2024-27306/70630", "specs": [ "<3.9.4" ], @@ -2908,20 +2921,20 @@ ], "anaplan-api": [ { - "advisory": "Anaplan-api 0.2.13 updates its idna dependency from version 3.6 to 3.7 to address CVE-2024-3651.", - "cve": "CVE-2024-3651", - "id": "pyup.io-71679", - "more_info_path": "/vulnerabilities/CVE-2024-3651/71679", + "advisory": "Anaplan-api 0.2.13 updates its cryptography dependency from version 42.0.6 to 42.0.8 to include a security fix for CVE-2024-4603.", + "cve": "CVE-2024-4603", + "id": "pyup.io-71674", + "more_info_path": "/vulnerabilities/CVE-2024-4603/71674", "specs": [ "<0.2.13" ], "v": "<0.2.13" }, { - "advisory": "Anaplan-api 0.2.13 updates its cryptography dependency from version 42.0.6 to 42.0.8 to address security concerns, including CVE-2024-4603.", - "cve": "CVE-2024-4603", - "id": "pyup.io-71674", - "more_info_path": "/vulnerabilities/CVE-2024-4603/71674", + "advisory": "Anaplan-api 0.2.13 updates its idna dependency from version 3.6 to 3.7 to address CVE-2024-3651.", + "cve": "CVE-2024-3651", + "id": "pyup.io-71679", + "more_info_path": "/vulnerabilities/CVE-2024-3651/71679", "specs": [ "<0.2.13" ], @@ -3022,20 +3035,20 @@ "v": "<1.2.1" }, { - "advisory": "Ansible 1.2.3 includes a fix for CVE-2013-4259: runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/.", - "cve": "CVE-2013-4259", - "id": "pyup.io-42920", - "more_info_path": "/vulnerabilities/CVE-2013-4259/42920", + "advisory": "Ansible 1.2.3 includes local security fixes for predictable file locations for ControlPersist and retry file paths on shared machines on operating systems without kernel symlink/hardlink protections. See CVE-2013-4260.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=998227", + "cve": "CVE-2013-4260", + "id": "pyup.io-25616", + "more_info_path": "/vulnerabilities/CVE-2013-4260/25616", "specs": [ "<1.2.3" ], "v": "<1.2.3" }, { - "advisory": "Ansible 1.2.3 includes local security fixes for predictable file locations for ControlPersist and retry file paths on shared machines on operating systems without kernel symlink/hardlink protections. See CVE-2013-4260.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=998227", - "cve": "CVE-2013-4260", - "id": "pyup.io-25616", - "more_info_path": "/vulnerabilities/CVE-2013-4260/25616", + "advisory": "Ansible 1.2.3 includes a fix for CVE-2013-4259: runner/connection_plugins/ssh.py in Ansible before 1.2.3, when using ControlPersist, allows local users to redirect a ssh session via a symlink attack on a socket file with a predictable name in /tmp/.", + "cve": "CVE-2013-4259", + "id": "pyup.io-42920", + "more_info_path": "/vulnerabilities/CVE-2013-4259/42920", "specs": [ "<1.2.3" ], @@ -3172,20 +3185,20 @@ "v": "<1.8.3" }, { - "advisory": "Ansible 1.9.2 includes a fix for CVE-2015-6240: The chroot, jail, and zone connection plugins in Ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1243468", - "cve": "CVE-2015-6240", - "id": "pyup.io-42917", - "more_info_path": "/vulnerabilities/CVE-2015-6240/42917", + "advisory": "Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", + "cve": "CVE-2015-3908", + "id": "pyup.io-25625", + "more_info_path": "/vulnerabilities/CVE-2015-3908/25625", "specs": [ "<1.9.2" ], "v": "<1.9.2" }, { - "advisory": "Ansible before 1.9.2 does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.", - "cve": "CVE-2015-3908", - "id": "pyup.io-25625", - "more_info_path": "/vulnerabilities/CVE-2015-3908/25625", + "advisory": "Ansible 1.9.2 includes a fix for CVE-2015-6240: The chroot, jail, and zone connection plugins in Ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1243468", + "cve": "CVE-2015-6240", + "id": "pyup.io-42917", + "more_info_path": "/vulnerabilities/CVE-2015-6240/42917", "specs": [ "<1.9.2" ], @@ -3289,10 +3302,10 @@ "v": "<2.7.17,>=2.8.0a0,<2.8.11,>=2.9.0a0,<2.9.7" }, { - "advisory": "Ansible versions 2.7.17, 2.8.9 and 2.9.6 include a fix for CVE-2020-1739: A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior. When a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739", - "cve": "CVE-2020-1739", - "id": "pyup.io-42871", - "more_info_path": "/vulnerabilities/CVE-2020-1739/42871", + "advisory": "Ansible versions 2.7.17, 2.8.9 and 2.9.6 include a fix for CVE-2020-1735: A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735", + "cve": "CVE-2020-1735", + "id": "pyup.io-42877", + "more_info_path": "/vulnerabilities/CVE-2020-1735/42877", "specs": [ "<2.7.17", ">=2.8.0a0,<2.8.9", @@ -3301,10 +3314,10 @@ "v": "<2.7.17,>=2.8.0a0,<2.8.9,>=2.9.0a0,<2.9.6" }, { - "advisory": "Ansible versions 2.7.17, 2.8.9 and 2.9.6 include a fix for CVE-2020-1735: A flaw was found in the Ansible Engine when the fetch module is used. An attacker could intercept the module, inject a new path, and then choose a new destination path on the controller node. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1735", - "cve": "CVE-2020-1735", - "id": "pyup.io-42877", - "more_info_path": "/vulnerabilities/CVE-2020-1735/42877", + "advisory": "Ansible versions 2.7.17, 2.8.9 and 2.9.6 include a fix for CVE-2020-1739: A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior. When a password is set with the argument \"password\" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1739", + "cve": "CVE-2020-1739", + "id": "pyup.io-42871", + "more_info_path": "/vulnerabilities/CVE-2020-1739/42871", "specs": [ "<2.7.17", ">=2.8.0a0,<2.8.9", @@ -3597,10 +3610,10 @@ "v": ">=2.7.0a0,<2.7.15,>=2.8.0a0,<2.8.7,>=2.9.0a0,<2.9.1" }, { - "advisory": "Ansible versions 2.7.17, 2.8.9 and 2.9.6 include a fix for CVE-2020-10684: A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10684", - "cve": "CVE-2020-10684", - "id": "pyup.io-42864", - "more_info_path": "/vulnerabilities/CVE-2020-10684/42864", + "advisory": "Ansible versions 2.7.17, 2.8.9 and 2.9.6 include a fix for CVE-2020-1736: A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736", + "cve": "CVE-2020-1736", + "id": "pyup.io-42875", + "more_info_path": "/vulnerabilities/CVE-2020-1736/42875", "specs": [ ">=2.7.0a0,<2.7.17", ">=2.8.0a0,<2.8.9", @@ -3609,10 +3622,10 @@ "v": ">=2.7.0a0,<2.7.17,>=2.8.0a0,<2.8.9,>=2.9.0a0,<2.9.6" }, { - "advisory": "Ansible versions 2.7.17, 2.8.9 and 2.9.6 include a fix for CVE-2020-1736: A flaw was found in Ansible Engine when a file is moved using atomic_move primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions before the move. This could lead to the disclosure of sensitive data. All versions in 2.7.x, 2.8.x and 2.9.x branches are believed to be vulnerable.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-1736", - "cve": "CVE-2020-1736", - "id": "pyup.io-42875", - "more_info_path": "/vulnerabilities/CVE-2020-1736/42875", + "advisory": "Ansible versions 2.7.17, 2.8.9 and 2.9.6 include a fix for CVE-2020-10684: A flaw was found in Ansible Engine, all versions 2.7.x, 2.8.x and 2.9.x prior to 2.7.17, 2.8.9 and 2.9.6 respectively, when using ansible_facts as a subkey of itself and promoting it to a variable when inject is enabled, overwriting the ansible_facts after the clean. An attacker could take advantage of this by altering the ansible_facts, such as ansible_hosts, users and any other key data which would lead into privilege escalation or code injection.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10684", + "cve": "CVE-2020-10684", + "id": "pyup.io-42864", + "more_info_path": "/vulnerabilities/CVE-2020-10684/42864", "specs": [ ">=2.7.0a0,<2.7.17", ">=2.8.0a0,<2.8.9", @@ -4332,20 +4345,30 @@ "v": "<1.9.0a0" }, { - "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the Amazon provider integration. Therefore, it is affected by CVE-2023-25956.", - "cve": "CVE-2023-25956", - "id": "pyup.io-63177", - "more_info_path": "/vulnerabilities/CVE-2023-25956/63177", + "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the JDBC provider integration. Therefore, it is affected by CVE-2023-22886.", + "cve": "CVE-2023-22886", + "id": "pyup.io-63171", + "more_info_path": "/vulnerabilities/CVE-2023-22886/63171", "specs": [ "<2.0.0b1" ], "v": "<2.0.0b1" }, { - "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the JDBC provider integration. Therefore, it is affected by CVE-2023-22886.", - "cve": "CVE-2023-22886", - "id": "pyup.io-63171", - "more_info_path": "/vulnerabilities/CVE-2023-22886/63171", + "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the Apache Hive provider integration. Therefore, it is affected by CVE-2023-25696.", + "cve": "CVE-2023-25696", + "id": "pyup.io-63179", + "more_info_path": "/vulnerabilities/CVE-2023-25696/63179", + "specs": [ + "<2.0.0b1" + ], + "v": "<2.0.0b1" + }, + { + "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the Apache Spark provider integration. Therefore, it is affected by CVE-2023-28710.", + "cve": "CVE-2023-28710", + "id": "pyup.io-63173", + "more_info_path": "/vulnerabilities/CVE-2023-28710/63173", "specs": [ "<2.0.0b1" ], @@ -4391,16 +4414,6 @@ ], "v": "<2.0.0b1" }, - { - "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the Apache Hive provider integration. Therefore, it is affected by CVE-2023-25696.", - "cve": "CVE-2023-25696", - "id": "pyup.io-63179", - "more_info_path": "/vulnerabilities/CVE-2023-25696/63179", - "specs": [ - "<2.0.0b1" - ], - "v": "<2.0.0b1" - }, { "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the Apache Hive provider integration. Therefore, it is affected by CVE-2022-46421.", "cve": "CVE-2022-46421", @@ -4411,16 +4424,6 @@ ], "v": "<2.0.0b1" }, - { - "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the Apache Spark provider integration. Therefore, it is affected by CVE-2023-28710.", - "cve": "CVE-2023-28710", - "id": "pyup.io-63173", - "more_info_path": "/vulnerabilities/CVE-2023-28710/63173", - "specs": [ - "<2.0.0b1" - ], - "v": "<2.0.0b1" - }, { "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the Apache Hive provider integration. Therefore, it is affected by CVE-2023-28706.", "cve": "CVE-2023-28706", @@ -4441,6 +4444,16 @@ ], "v": "<2.0.0b1" }, + { + "advisory": "Apache-airflow before 2.0.0b1 bundles the code for the Amazon provider integration. Therefore, it is affected by CVE-2023-25956.", + "cve": "CVE-2023-25956", + "id": "pyup.io-63177", + "more_info_path": "/vulnerabilities/CVE-2023-25956/63177", + "specs": [ + "<2.0.0b1" + ], + "v": "<2.0.0b1" + }, { "advisory": "Apache-airflow 2.1.0rc1 updates its NPM dependency 'stylelint' to include a security fix.\r\nhttps://github.com/apache/airflow/pull/15784", "cve": "CVE-2020-7753", @@ -4521,6 +4534,16 @@ ], "v": "<2.3.0" }, + { + "advisory": "Apache-airflow 2.3.0 updates its NPM dependency 'tar' requirement to '>=6.1.9' to include security fixes.", + "cve": "CVE-2021-37712", + "id": "pyup.io-48617", + "more_info_path": "/vulnerabilities/CVE-2021-37712/48617", + "specs": [ + "<2.3.0" + ], + "v": "<2.3.0" + }, { "advisory": "Apache-airflow 2.3.0 updates its NPM dependency 'tar' requirement to '>=6.1.9' to include security fixes.", "cve": "CVE-2021-37701", @@ -4542,14 +4565,14 @@ "v": "<2.3.0" }, { - "advisory": "Apache-airflow 2.3.0 updates its NPM dependency 'tar' requirement to '>=6.1.9' to include security fixes.", - "cve": "CVE-2021-37712", - "id": "pyup.io-48617", - "more_info_path": "/vulnerabilities/CVE-2021-37712/48617", + "advisory": "Affected version of Apache-airflow are vulnerable to Privilege Context Switching Error. File Task Handler should apply different permissions to log files generated by Airflow in order to handle impersonation.", + "cve": "CVE-2023-25754", + "id": "pyup.io-62916", + "more_info_path": "/vulnerabilities/CVE-2023-25754/62916", "specs": [ - "<2.3.0" + "<2.6.0" ], - "v": "<2.3.0" + "v": "<2.6.0" }, { "advisory": "The details page for task instances in the user interface is subject to a stored XSS vulnerability. This problem pertains to Apache Airflow versions prior to 2.6.0.\r\nhttps://github.com/apache/airflow/pull/30447/commits/3d894f7a643e9319f5c48e343ac39b248dedaa9b\r\nhttps://github.com/apache/airflow/pull/30779/commits/7c566f7ef4b33175aafc4f89f94fb2096b093940", @@ -4571,16 +4594,6 @@ ], "v": "<2.6.0" }, - { - "advisory": "Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0.", - "cve": "CVE-2023-25754", - "id": "pyup.io-62916", - "more_info_path": "/vulnerabilities/CVE-2023-25754/62916", - "specs": [ - "<2.6.0" - ], - "v": "<2.6.0" - }, { "advisory": "Apache Airflow, versions before 2.6.3, is affected by a vulnerability that allows an attacker to perform unauthorized file access outside the intended directory structure by manipulating the run_id parameter. This vulnerability is considered low since it requires an authenticated user to exploit it. It is recommended to upgrade to a version that is not affected", "cve": "CVE-2023-22887", @@ -4671,6 +4684,16 @@ ], "v": "<2.7.0" }, + { + "advisory": "Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests, leading to a denial of service (DoS) condition on the server. Furthermore, malicious actors can leverage this vulnerability to establish harmful connections with the server.\r\n\r\nUsers of Apache Airflow are strongly advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability. Additionally, administrators are encouraged to review and adjust user permissions to restrict access to sensitive functionalities, reducing the attack surface.", + "cve": "CVE-2023-37379", + "id": "pyup.io-65002", + "more_info_path": "/vulnerabilities/CVE-2023-37379/65002", + "specs": [ + "<2.7.0" + ], + "v": "<2.7.0" + }, { "advisory": "A session fixation vulnerability allows authenticated users to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database (for database session backend), or changing the secure_key and restarting the webserver, there were no mechanisms to force-logout the user (and all other users with that). With this fix implemented, when using the database session backend, the existing sessions of the user are invalidated when the password of the user is reset. When using the securecookie session backend, the sessions are NOT invalidated and still require changing the secure key and restarting the webserver (and logging out all other users), but the user resetting the password is informed about it with a flash message warning displayed in the UI. Documentation is also updated explaining this behavior.", "cve": "CVE-2023-40273", @@ -4691,16 +4714,6 @@ ], "v": "<2.7.0" }, - { - "advisory": "Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests, leading to a denial of service (DoS) condition on the server. Furthermore, malicious actors can leverage this vulnerability to establish harmful connections with the server.\r\n\r\nUsers of Apache Airflow are strongly advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability. Additionally, administrators are encouraged to review and adjust user permissions to restrict access to sensitive functionalities, reducing the attack surface.", - "cve": "CVE-2023-37379", - "id": "pyup.io-65002", - "more_info_path": "/vulnerabilities/CVE-2023-37379/65002", - "specs": [ - "<2.7.0" - ], - "v": "<2.7.0" - }, { "advisory": "Versions of Apache Airflow are susceptible to a vulnerability permitting authenticated and DAG-view authorized users to manipulate certain DAG run detail values, like configuration parameters and start dates, through note submission.", "cve": "CVE-2023-40611", @@ -4821,6 +4834,16 @@ ], "v": "<2.9.3" }, + { + "advisory": "Apache-airflow 2.3.2 and prior versions ship with vulnerable dependencies (click == 7.1.2).", + "cve": "PVE-2022-47833", + "id": "pyup.io-49785", + "more_info_path": "/vulnerabilities/PVE-2022-47833/49785", + "specs": [ + "<=2.3.2" + ], + "v": "<=2.3.2" + }, { "advisory": "Apache-airflow 2.3.2 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", "cve": "PVE-2021-42852", @@ -4841,16 +4864,6 @@ ], "v": "<=2.3.2" }, - { - "advisory": "Apache-airflow 2.3.2 and prior versions ship with vulnerable dependencies (click == 7.1.2).", - "cve": "PVE-2022-47833", - "id": "pyup.io-49785", - "more_info_path": "/vulnerabilities/PVE-2022-47833/49785", - "specs": [ - "<=2.3.2" - ], - "v": "<=2.3.2" - }, { "advisory": "The LDAP auth backend (airflow.contrib.auth.backends.ldap_auth) prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking.", "cve": "CVE-2018-20245", @@ -4902,20 +4915,20 @@ "v": ">=0,<1.10.11rc1" }, { - "advisory": "An issue was found in Apache Airflow versions 1.10.10 and below. It was discovered that many of the admin management screens in the new/RBAC UI handled escaping incorrectly, allowing authenticated users with appropriate permissions to create stored XSS attacks.", - "cve": "CVE-2020-11983", - "id": "pyup.io-54181", - "more_info_path": "/vulnerabilities/CVE-2020-11983/54181", + "advisory": "Apache-airflow 1.10.11rc1 includes a fix for CVE-2020-11978: A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use). If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable.", + "cve": "CVE-2020-11978", + "id": "pyup.io-54349", + "more_info_path": "/vulnerabilities/CVE-2020-11978/54349", "specs": [ ">=0,<1.10.11rc1" ], "v": ">=0,<1.10.11rc1" }, { - "advisory": "Apache-airflow 1.10.11rc1 includes a fix for CVE-2020-11978: A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which would allow any authenticated user to run arbitrary commands as the user running airflow worker/scheduler (depending on the executor in use). If you already have examples disabled by setting load_examples=False in the config then you are not vulnerable.", - "cve": "CVE-2020-11978", - "id": "pyup.io-54349", - "more_info_path": "/vulnerabilities/CVE-2020-11978/54349", + "advisory": "An issue was found in Apache Airflow versions 1.10.10 and below. It was discovered that many of the admin management screens in the new/RBAC UI handled escaping incorrectly, allowing authenticated users with appropriate permissions to create stored XSS attacks.", + "cve": "CVE-2020-11983", + "id": "pyup.io-54181", + "more_info_path": "/vulnerabilities/CVE-2020-11983/54181", "specs": [ ">=0,<1.10.11rc1" ], @@ -5082,20 +5095,20 @@ "v": ">=0,<2.3.0" }, { - "advisory": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider versions prior to 4.1.0. It also impacts any Apache Airflow versions prior to 2.3.0 in case HIve Provider is installed (Hive Provider 4.1.0 can only be installed for Airflow 2.3.0+). Note that you need to manually install the HIve Provider version 4.1.0 in order to get rid of the vulnerability on top of Airflow 2.3.0+ version that has lower version of the Hive Provider installed).", - "cve": "CVE-2022-41131", - "id": "pyup.io-54592", - "more_info_path": "/vulnerabilities/CVE-2022-41131/54592", + "advisory": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airflow Pinot Provider versions prior to 4.0.0. It also impacts any Apache Airflow versions prior to 2.3.0 in case Apache Airflow Pinot Provider is installed (Apache Airflow Pinot Provider 4.0.0 can only be installed for Airflow 2.3.0+). Note that you need to manually install the Pinot Provider version 4.0.0 in order to get rid of the vulnerability on top of Airflow 2.3.0+ version.", + "cve": "CVE-2022-38649", + "id": "pyup.io-54586", + "more_info_path": "/vulnerabilities/CVE-2022-38649/54586", "specs": [ ">=0,<2.3.0" ], "v": ">=0,<2.3.0" }, { - "advisory": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Pinot Provider, Apache Airflow allows an attacker to control commands executed in the task execution context, without write access to DAG files. This issue affects Apache Airflow Pinot Provider versions prior to 4.0.0. It also impacts any Apache Airflow versions prior to 2.3.0 in case Apache Airflow Pinot Provider is installed (Apache Airflow Pinot Provider 4.0.0 can only be installed for Airflow 2.3.0+). Note that you need to manually install the Pinot Provider version 4.0.0 in order to get rid of the vulnerability on top of Airflow 2.3.0+ version.", - "cve": "CVE-2022-38649", - "id": "pyup.io-54586", - "more_info_path": "/vulnerabilities/CVE-2022-38649/54586", + "advisory": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Apache Airflow Hive Provider, Apache Airflow allows an attacker to execute arbtrary commands in the task execution context, without write access to DAG files. This issue affects Hive Provider versions prior to 4.1.0. It also impacts any Apache Airflow versions prior to 2.3.0 in case HIve Provider is installed (Hive Provider 4.1.0 can only be installed for Airflow 2.3.0+). Note that you need to manually install the HIve Provider version 4.1.0 in order to get rid of the vulnerability on top of Airflow 2.3.0+ version that has lower version of the Hive Provider installed).", + "cve": "CVE-2022-41131", + "id": "pyup.io-54592", + "more_info_path": "/vulnerabilities/CVE-2022-41131/54592", "specs": [ ">=0,<2.3.0" ], @@ -5555,6 +5568,16 @@ ], "v": "<=2021.3.3" }, + { + "advisory": "Apache-airflow-backport-providers-amazon 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", + "cve": "CVE-2023-25754", + "id": "pyup.io-62919", + "more_info_path": "/vulnerabilities/CVE-2023-25754/62919", + "specs": [ + "<=2021.3.3" + ], + "v": "<=2021.3.3" + }, { "advisory": "Apache-airflow-backport-providers-amazon 2021.3.3 and prior versions ship with vulnerable dependencies (flask-appbuilder == 2.3.4).", "cve": "CVE-2021-29621", @@ -5575,16 +5598,6 @@ ], "v": "<=2021.3.3" }, - { - "advisory": "Apache-airflow-backport-providers-amazon 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", - "cve": "CVE-2023-25754", - "id": "pyup.io-62919", - "more_info_path": "/vulnerabilities/CVE-2023-25754/62919", - "specs": [ - "<=2021.3.3" - ], - "v": "<=2021.3.3" - }, { "advisory": "Apache-airflow-backport-providers-amazon <=2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", "cve": "CVE-2021-33502", @@ -5620,20 +5633,20 @@ ], "apache-airflow-backport-providers-apache-hive": [ { - "advisory": "Apache-airflow-backport-providers-apache-hive is affected by CVE-2023-28706.", - "cve": "CVE-2023-28706", - "id": "pyup.io-59570", - "more_info_path": "/vulnerabilities/CVE-2023-28706/59570", + "advisory": "apache-airflow-backport-providers-apache-hive 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", + "cve": "CVE-2023-25754", + "id": "pyup.io-62921", + "more_info_path": "/vulnerabilities/CVE-2023-25754/62921", "specs": [ "<=2021.3.3" ], "v": "<=2021.3.3" }, { - "advisory": "apache-airflow-backport-providers-apache-hive 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", - "cve": "CVE-2023-25754", - "id": "pyup.io-62921", - "more_info_path": "/vulnerabilities/CVE-2023-25754/62921", + "advisory": "Apache-airflow-backport-providers-apache-hive is affected by CVE-2023-28706.", + "cve": "CVE-2023-28706", + "id": "pyup.io-59570", + "more_info_path": "/vulnerabilities/CVE-2023-28706/59570", "specs": [ "<=2021.3.3" ], @@ -5654,7 +5667,17 @@ ], "apache-airflow-backport-providers-apache-spark": [ { - "advisory": "Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection allowing reading files on the Airflow server.\r\nIt is recommended to upgrade to a version that is not affected.", + "advisory": "Apache-airflow-backport-providers-apache-spark is affected by CVE-2023-28710.", + "cve": "CVE-2023-28710", + "id": "pyup.io-59572", + "more_info_path": "/vulnerabilities/CVE-2023-28710/59572", + "specs": [ + "<4.0.1" + ], + "v": "<4.0.1" + }, + { + "advisory": "Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection allowing reading files on the Airflow server.", "cve": "CVE-2023-40272", "id": "pyup.io-65223", "more_info_path": "/vulnerabilities/CVE-2023-40272/65223", @@ -5663,16 +5686,6 @@ ], "v": "<4.1.3" }, - { - "advisory": "Apache-airflow-backport-providers-apache-spark is affected by CVE-2023-28710.", - "cve": "CVE-2023-28710", - "id": "pyup.io-59572", - "more_info_path": "/vulnerabilities/CVE-2023-28710/59572", - "specs": [ - "<=2021.3.3" - ], - "v": "<=2021.3.3" - }, { "advisory": "Apache-airflow-backport-providers-apache-spark is affected by CVE-2023-40195: Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider.\r\nWhen the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to configure Spark hooks can effectively run arbitrary code on the Airflow node by pointing it at a malicious Spark server. Prior to version 4.1.3, this was not called out in the documentation explicitly, so it is possible that administrators provided authorizations to configure Spark hooks without taking this into account. We recommend administrators to review their configurations to make sure the authorization to configure Spark hooks is only provided to fully trusted users.\r\nhttps://airflow.apache.org/docs/apache-airflow-providers-apache-spark/4.1.3/connections/spark.html", "cve": "CVE-2023-40195", @@ -6731,6 +6744,16 @@ ], "v": "<=2021.3.3" }, + { + "advisory": "apache-airflow-backport-providers-slack 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", + "cve": "CVE-2023-25754", + "id": "pyup.io-62963", + "more_info_path": "/vulnerabilities/CVE-2023-25754/62963", + "specs": [ + "<=2021.3.3" + ], + "v": "<=2021.3.3" + }, { "advisory": "Apache-airflow-backport-providers-slack 2021.3.3 and prior versions ship with vulnerable dependencies (flask-caching == 1.3.3).", "cve": "CVE-2021-33026", @@ -6761,16 +6784,6 @@ ], "v": "<=2021.3.3" }, - { - "advisory": "apache-airflow-backport-providers-slack 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", - "cve": "CVE-2023-25754", - "id": "pyup.io-62963", - "more_info_path": "/vulnerabilities/CVE-2023-25754/62963", - "specs": [ - "<=2021.3.3" - ], - "v": "<=2021.3.3" - }, { "advisory": "Apache-airflow-backport-providers-slack 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", "cve": "CVE-2020-7753", @@ -6907,6 +6920,16 @@ ], "v": "<=2021.3.3" }, + { + "advisory": "apache-airflow-backport-providers-ssh 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", + "cve": "CVE-2023-25754", + "id": "pyup.io-62966", + "more_info_path": "/vulnerabilities/CVE-2023-25754/62966", + "specs": [ + "<=2021.3.3" + ], + "v": "<=2021.3.3" + }, { "advisory": "Apache-airflow-backport-providers-ssh 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", "cve": "CVE-2020-7753", @@ -6937,16 +6960,6 @@ ], "v": "<=2021.3.3" }, - { - "advisory": "apache-airflow-backport-providers-ssh 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", - "cve": "CVE-2023-25754", - "id": "pyup.io-62966", - "more_info_path": "/vulnerabilities/CVE-2023-25754/62966", - "specs": [ - "<=2021.3.3" - ], - "v": "<=2021.3.3" - }, { "advisory": "Apache-airflow-backport-providers-ssh 2021.3.3 and prior versions ship with vulnerable dependencies (apache-airflow == 1.10.15).", "cve": "CVE-2021-33502", @@ -7081,16 +7094,6 @@ } ], "apache-airflow-providers-amazon": [ - { - "advisory": "Apache-airflow-providers-amazon 4.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", - "cve": "CVE-2022-29217", - "id": "pyup.io-49834", - "more_info_path": "/vulnerabilities/CVE-2022-29217/49834", - "specs": [ - "<=4.0.0" - ], - "v": "<=4.0.0" - }, { "advisory": "Apache-airflow-providers-amazon 4.0.0 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", "cve": "PVE-2021-42852", @@ -7112,7 +7115,17 @@ "v": "<=4.0.0" }, { - "advisory": "Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1.\r\nhttps://github.com/apache/airflow/pull/29587", + "advisory": "Apache-airflow-providers-amazon 4.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", + "cve": "CVE-2022-29217", + "id": "pyup.io-49834", + "more_info_path": "/vulnerabilities/CVE-2022-29217/49834", + "specs": [ + "<=4.0.0" + ], + "v": "<=4.0.0" + }, + { + "advisory": "Generation of Error Message Containing Sensitive Information vulnerability in the Apache Airflow AWS Provider. This issue affects Apache Airflow AWS Provider versions before 7.2.1.", "cve": "CVE-2023-25956", "id": "pyup.io-54663", "more_info_path": "/vulnerabilities/CVE-2023-25956/54663", @@ -7198,7 +7211,7 @@ "v": "<4.1.0" }, { - "advisory": "Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider before 6.0.0.\r\nhttps://github.com/apache/airflow/pull/30212", + "advisory": "Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Software Foundation Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider before 6.0.0.", "cve": "CVE-2023-28706", "id": "pyup.io-59569", "more_info_path": "/vulnerabilities/CVE-2023-28706/59569", @@ -7218,7 +7231,7 @@ "v": "<6.1.1" }, { - "advisory": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. Patching on top of CVE-2023-35797 Before 6.1.2 the proxy_user option can also inject semicolon. This issue affects Apache Airflow Apache Hive Provider: before 6.1.2. It is recommended updating provider version to 6.1.2 in order to avoid this vulnerability.", + "advisory": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider. The fix for CVE-2023-35797 was incomplete: the proxy_user option can also inject semicolon.", "cve": "CVE-2023-37415", "id": "pyup.io-71999", "more_info_path": "/vulnerabilities/CVE-2023-37415/71999", @@ -7278,7 +7291,7 @@ "v": ">=0,<5.0.0" }, { - "advisory": "Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3.\r\nhttps://github.com/apache/airflow/pull/29502", + "advisory": "Improper Input Validation vulnerability in the Apache Airflow Hive Provider. This issue affects Apache Airflow Hive Provider versions before 5.1.3.", "cve": "CVE-2023-25696", "id": "pyup.io-54657", "more_info_path": "/vulnerabilities/CVE-2023-25696/54657", @@ -7290,20 +7303,20 @@ ], "apache-airflow-providers-apache-livy": [ { - "advisory": "Apache-airflow-providers-apache-livy 3.0.0 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", - "cve": "PVE-2021-42852", - "id": "pyup.io-49892", - "more_info_path": "/vulnerabilities/PVE-2021-42852/49892", + "advisory": "Apache-airflow-providers-apache-livy 3.0.0 and prior versions ship with vulnerable dependencies (click == 7.1.2).", + "cve": "PVE-2022-47833", + "id": "pyup.io-49890", + "more_info_path": "/vulnerabilities/PVE-2022-47833/49890", "specs": [ "<=3.0.0" ], "v": "<=3.0.0" }, { - "advisory": "Apache-airflow-providers-apache-livy 3.0.0 and prior versions ship with vulnerable dependencies (click == 7.1.2).", - "cve": "PVE-2022-47833", - "id": "pyup.io-49890", - "more_info_path": "/vulnerabilities/PVE-2022-47833/49890", + "advisory": "Apache-airflow-providers-apache-livy 3.0.0 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", + "cve": "PVE-2021-42852", + "id": "pyup.io-49892", + "more_info_path": "/vulnerabilities/PVE-2021-42852/49892", "specs": [ "<=3.0.0" ], @@ -7322,7 +7335,7 @@ ], "apache-airflow-providers-apache-spark": [ { - "advisory": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider. This issue affects Apache Airflow Spark Provider: before 4.0.1.\r\nhttps://github.com/apache/airflow/pull/30223", + "advisory": "Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider. This issue affects Apache Airflow Spark Provider before 4.0.1.", "cve": "CVE-2023-28710", "id": "pyup.io-59571", "more_info_path": "/vulnerabilities/CVE-2023-28710/59571", @@ -7332,7 +7345,7 @@ "v": "<4.0.1" }, { - "advisory": "Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection allowing reading files on the Airflow server.\r\nIt is recommended to upgrade to a version that is not affected.", + "advisory": "Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection allowing reading files on the Airflow server.", "cve": "CVE-2023-40272", "id": "pyup.io-65224", "more_info_path": "/vulnerabilities/CVE-2023-40272/65224", @@ -7341,16 +7354,6 @@ ], "v": "<4.1.3" }, - { - "advisory": "Apache-airflow-providers-apache-spark 3.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", - "cve": "CVE-2022-29217", - "id": "pyup.io-49846", - "more_info_path": "/vulnerabilities/CVE-2022-29217/49846", - "specs": [ - "<=3.0.0" - ], - "v": "<=3.0.0" - }, { "advisory": "Apache-airflow-providers-apache-spark 3.0.0 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", "cve": "PVE-2021-42852", @@ -7371,6 +7374,16 @@ ], "v": "<=3.0.0" }, + { + "advisory": "Apache-airflow-providers-apache-spark 3.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", + "cve": "CVE-2022-29217", + "id": "pyup.io-49846", + "more_info_path": "/vulnerabilities/CVE-2022-29217/49846", + "specs": [ + "<=3.0.0" + ], + "v": "<=3.0.0" + }, { "advisory": "Apache-airflow-providers-apache-spark is affected by CVE-2023-40195: Deserialization of Untrusted Data, Inclusion of Functionality from Untrusted Control Sphere vulnerability in Apache Software Foundation Apache Airflow Spark Provider.\r\nWhen the Apache Spark provider is installed on an Airflow deployment, an Airflow user that is authorized to configure Spark hooks can effectively run arbitrary code on the Airflow node by pointing it at a malicious Spark server. Prior to version 4.1.3, this was not called out in the documentation explicitly, so it is possible that administrators provided authorizations to configure Spark hooks without taking this into account. We recommend administrators to review their configurations to make sure the authorization to configure Spark hooks is only provided to fully trusted users.\r\nhttps://airflow.apache.org/docs/apache-airflow-providers-apache-spark/4.1.3/connections/spark.html", "cve": "CVE-2023-40195", @@ -7447,6 +7460,16 @@ } ], "apache-airflow-providers-cloudant": [ + { + "advisory": "Apache-airflow-providers-cloudant 3.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", + "cve": "CVE-2022-29217", + "id": "pyup.io-49843", + "more_info_path": "/vulnerabilities/CVE-2022-29217/49843", + "specs": [ + "<=3.0.0" + ], + "v": "<=3.0.0" + }, { "advisory": "Apache-airflow-providers-cloudant 3.0.0 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", "cve": "PVE-2021-42852", @@ -7466,21 +7489,11 @@ "<=3.0.0" ], "v": "<=3.0.0" - }, - { - "advisory": "Apache-airflow-providers-cloudant 3.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", - "cve": "CVE-2022-29217", - "id": "pyup.io-49843", - "more_info_path": "/vulnerabilities/CVE-2022-29217/49843", - "specs": [ - "<=3.0.0" - ], - "v": "<=3.0.0" } ], "apache-airflow-providers-cncf-kubernetes": [ { - "advisory": "Arbitrary code execution in Apache Airflow CNCF Kubernetes provider version 5.0.0 allows user to change xcom sidecar image and resources via Airflow connection.\r\n\r\nIn order to exploit this weakness, a user would already need elevated permissions (Op or Admin) to change the connection object in this manner.\u00a0 Operators should upgrade to provider version 7.0.0 which has removed the vulnerability.", + "advisory": "Arbitrary code execution in Apache Airflow CNCF Kubernetes provider allows user to change xcom sidecar image and resources via Airflow connection. In order to exploit this weakness, a user would already need elevated permissions (Op or Admin) to change the connection object in this manner.", "cve": "CVE-2023-33234", "id": "pyup.io-64194", "more_info_path": "/vulnerabilities/CVE-2023-33234/64194", @@ -7501,16 +7514,6 @@ } ], "apache-airflow-providers-databricks": [ - { - "advisory": "Apache-airflow-providers-databricks 3.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", - "cve": "CVE-2022-29217", - "id": "pyup.io-49825", - "more_info_path": "/vulnerabilities/CVE-2022-29217/49825", - "specs": [ - "<=3.0.0" - ], - "v": "<=3.0.0" - }, { "advisory": "Apache-airflow-providers-databricks 3.0.0 and prior versions ship with vulnerable dependencies (click == 7.1.2).", "cve": "PVE-2022-47833", @@ -7530,6 +7533,16 @@ "<=3.0.0" ], "v": "<=3.0.0" + }, + { + "advisory": "Apache-airflow-providers-databricks 3.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", + "cve": "CVE-2022-29217", + "id": "pyup.io-49825", + "more_info_path": "/vulnerabilities/CVE-2022-29217/49825", + "specs": [ + "<=3.0.0" + ], + "v": "<=3.0.0" } ], "apache-airflow-providers-datadog": [ @@ -7650,20 +7663,20 @@ "v": "<=8.1.0" }, { - "advisory": "Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0.\r\nhttps://github.com/apache/airflow/pull/29497", - "cve": "CVE-2023-25691", - "id": "pyup.io-54665", - "more_info_path": "/vulnerabilities/CVE-2023-25691/54665", + "advisory": "Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0.\r\nhttps://github.com/apache/airflow/pull/29499", + "cve": "CVE-2023-25692", + "id": "pyup.io-54664", + "more_info_path": "/vulnerabilities/CVE-2023-25692/54664", "specs": [ ">=0,<8.10.0" ], "v": ">=0,<8.10.0" }, { - "advisory": "Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0.\r\nhttps://github.com/apache/airflow/pull/29499", - "cve": "CVE-2023-25692", - "id": "pyup.io-54664", - "more_info_path": "/vulnerabilities/CVE-2023-25692/54664", + "advisory": "Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0.\r\nhttps://github.com/apache/airflow/pull/29497", + "cve": "CVE-2023-25691", + "id": "pyup.io-54665", + "more_info_path": "/vulnerabilities/CVE-2023-25691/54665", "specs": [ ">=0,<8.10.0" ], @@ -7851,16 +7864,6 @@ } ], "apache-airflow-providers-mongo": [ - { - "advisory": "Apache-airflow-providers-mongo 3.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", - "cve": "CVE-2022-29217", - "id": "pyup.io-49807", - "more_info_path": "/vulnerabilities/CVE-2022-29217/49807", - "specs": [ - "<=3.0.0" - ], - "v": "<=3.0.0" - }, { "advisory": "Apache-airflow-providers-mongo 3.0.0 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", "cve": "PVE-2021-42852", @@ -7881,6 +7884,16 @@ ], "v": "<=3.0.0" }, + { + "advisory": "Apache-airflow-providers-mongo 3.0.0 and prior versions ship with vulnerable dependencies (pyjwt == 1.7.1).", + "cve": "CVE-2022-29217", + "id": "pyup.io-49807", + "more_info_path": "/vulnerabilities/CVE-2022-29217/49807", + "specs": [ + "<=3.0.0" + ], + "v": "<=3.0.0" + }, { "advisory": "When SSL\u00a0was enabled for Mongo Hook, default settings included \"allow_insecure\" which caused that certificates were not validated. This was unexpected and undocumented.", "cve": "CVE-2024-25141", @@ -8094,20 +8107,20 @@ "v": "<=5.0.0" }, { - "advisory": "Apache-airflow-providers-postgres 5.0.0 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", - "cve": "PVE-2021-42852", - "id": "pyup.io-49823", - "more_info_path": "/vulnerabilities/PVE-2021-42852/49823", + "advisory": "Apache-airflow-providers-postgres 5.0.0 and prior versions ship with vulnerable dependencies (click == 7.1.2).", + "cve": "PVE-2022-47833", + "id": "pyup.io-49821", + "more_info_path": "/vulnerabilities/PVE-2022-47833/49821", "specs": [ "<=5.0.0" ], "v": "<=5.0.0" }, { - "advisory": "Apache-airflow-providers-postgres 5.0.0 and prior versions ship with vulnerable dependencies (click == 7.1.2).", - "cve": "PVE-2022-47833", - "id": "pyup.io-49821", - "more_info_path": "/vulnerabilities/PVE-2022-47833/49821", + "advisory": "Apache-airflow-providers-postgres 5.0.0 and prior versions ship with vulnerable dependencies (wtforms == 2.3.3).", + "cve": "PVE-2021-42852", + "id": "pyup.io-49823", + "more_info_path": "/vulnerabilities/PVE-2021-42852/49823", "specs": [ "<=5.0.0" ], @@ -8871,8 +8884,8 @@ { "advisory": "Apache-superset 0.34.0 updates its dependency 'jinja2' to v2.10.1 to include a security fix.", "cve": "CVE-2019-10906", - "id": "pyup.io-45813", - "more_info_path": "/vulnerabilities/CVE-2019-10906/45813", + "id": "pyup.io-39479", + "more_info_path": "/vulnerabilities/CVE-2019-10906/39479", "specs": [ "<0.34.0" ], @@ -8881,8 +8894,8 @@ { "advisory": "Apache-superset 0.34.0 updates its dependency 'jinja2' to v2.10.1 to include a security fix.", "cve": "CVE-2019-10906", - "id": "pyup.io-39479", - "more_info_path": "/vulnerabilities/CVE-2019-10906/39479", + "id": "pyup.io-45813", + "more_info_path": "/vulnerabilities/CVE-2019-10906/45813", "specs": [ "<0.34.0" ], @@ -9129,20 +9142,20 @@ "v": "<3.0.0" }, { - "advisory": "Apache-superset 3.0.0 updates its NPM dependency 'ansi-regex' to include a security fix.", - "cve": "CVE-2021-3807", - "id": "pyup.io-61908", - "more_info_path": "/vulnerabilities/CVE-2021-3807/61908", + "advisory": "An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service. This issue affects Apache Superset: before 3.0.0", + "cve": "CVE-2023-42504", + "id": "pyup.io-65228", + "more_info_path": "/vulnerabilities/CVE-2023-42504/65228", "specs": [ "<3.0.0" ], "v": "<3.0.0" }, { - "advisory": "An authenticated malicious user could initiate multiple concurrent requests, each requesting multiple dashboard exports, leading to a possible denial of service. This issue affects Apache Superset: before 3.0.0", - "cve": "CVE-2023-42504", - "id": "pyup.io-65228", - "more_info_path": "/vulnerabilities/CVE-2023-42504/65228", + "advisory": "Apache-superset 3.0.0 updates its NPM dependency 'ansi-regex' to include a security fix.", + "cve": "CVE-2021-3807", + "id": "pyup.io-61908", + "more_info_path": "/vulnerabilities/CVE-2021-3807/61908", "specs": [ "<3.0.0" ], @@ -9211,6 +9224,17 @@ ], "v": "<=1.5.2,==2.0.0" }, + { + "advisory": "Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.", + "cve": "CVE-2022-43717", + "id": "pyup.io-54616", + "more_info_path": "/vulnerabilities/CVE-2022-43717/54616", + "specs": [ + "<=1.5.2", + "==2.0.0" + ], + "v": "<=1.5.2,==2.0.0" + }, { "advisory": "An authenticated attacker with update datasets permission could change a dataset link to an untrusted site, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.", "cve": "CVE-2022-43721", @@ -9233,17 +9257,6 @@ ], "v": "<=1.5.2,==2.0.0" }, - { - "advisory": "Dashboard rendering does not sufficiently sanitize the content of markdown components leading to possible XSS attack vectors that can be performed by authenticated users with create dashboard permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.", - "cve": "CVE-2022-43717", - "id": "pyup.io-54616", - "more_info_path": "/vulnerabilities/CVE-2022-43717/54616", - "specs": [ - "<=1.5.2", - "==2.0.0" - ], - "v": "<=1.5.2,==2.0.0" - }, { "advisory": "Upload data forms do not correctly render user input leading to possible XSS attack vectors that can be performed by authenticated users with database connection update permissions. This issue affects Apache Superset version 1.5.2 and prior versions and version 2.0.0.", "cve": "CVE-2022-43718", @@ -9327,20 +9340,20 @@ "v": "<=2.1.0" }, { - "advisory": "A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0.", - "cve": "CVE-2023-27526", - "id": "pyup.io-62904", - "more_info_path": "/vulnerabilities/CVE-2023-27526/62904", + "advisory": "By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users.\u00a0This vulnerability exists in Apache Superset versions up to and including 2.1.0.", + "cve": "CVE-2023-39264", + "id": "pyup.io-64999", + "more_info_path": "/vulnerabilities/CVE-2023-39264/64999", "specs": [ "<=2.1.0" ], "v": "<=2.1.0" }, { - "advisory": "By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users.\u00a0This vulnerability exists in Apache Superset versions up to and including 2.1.0.", - "cve": "CVE-2023-39264", - "id": "pyup.io-64999", - "more_info_path": "/vulnerabilities/CVE-2023-39264/64999", + "advisory": "A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0.", + "cve": "CVE-2023-27526", + "id": "pyup.io-62904", + "more_info_path": "/vulnerabilities/CVE-2023-27526/62904", "specs": [ "<=2.1.0" ], @@ -9516,17 +9529,6 @@ ], "v": ">=0,<1.5.1" }, - { - "advisory": "An authenticated Gamma user can create a dashboard and add charts to it, this user would automatically become one of the owners of the charts allowing him to incorrectly have write permissions to these charts. This issue affects Apache Superset: before 2.1.2, from 3.0.0 before 3.0.2. Users are recommended to upgrade to version 3.0.2 or 2.1.3, which fixes the issue.", - "cve": "CVE-2023-49734", - "id": "pyup.io-65195", - "more_info_path": "/vulnerabilities/CVE-2023-49734/65195", - "specs": [ - ">=0,<2.1.3", - ">=3.0.0,<3.0.2" - ], - "v": ">=0,<2.1.3,>=3.0.0,<3.0.2" - }, { "advisory": "Uncontrolled resource consumption can be triggered by authenticated attacker that uploads a malicious ZIP to import database, dashboards or datasets.\u00a0\u00a0\r\nThis vulnerability exists in Apache Superset versions up to and including 2.1.2 and versions 3.0.0, 3.0.1.", "cve": "CVE-2023-46104", @@ -9550,10 +9552,32 @@ "v": ">=0,<2.1.3,>=3.0.0,<3.0.2" }, { - "advisory": "A vulnerability in various versions of Apache Superset allows authenticated users with alert creation privileges to execute a specially crafted SQL statement, leading to a database error. This error, improperly handled, could expose sensitive information in the alert's error log. Users are advised to upgrade their systems to mitigate this issue.", - "cve": "CVE-2024-27315", - "id": "pyup.io-68480", - "more_info_path": "/vulnerabilities/CVE-2024-27315/68480", + "advisory": "An authenticated Gamma user can create a dashboard and add charts to it, this user would automatically become one of the owners of the charts allowing him to incorrectly have write permissions to these charts. This issue affects Apache Superset: before 2.1.2, from 3.0.0 before 3.0.2. Users are recommended to upgrade to version 3.0.2 or 2.1.3, which fixes the issue.", + "cve": "CVE-2023-49734", + "id": "pyup.io-65195", + "more_info_path": "/vulnerabilities/CVE-2023-49734/65195", + "specs": [ + ">=0,<2.1.3", + ">=3.0.0,<3.0.2" + ], + "v": ">=0,<2.1.3,>=3.0.0,<3.0.2" + }, + { + "advisory": "Apache Superset with custom roles that include `can write on dataset` and without all data access permissions, allows for users to create virtual datasets to data they don't have access to. These users could then use those virtual datasets to get access to unauthorized data. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue.", + "cve": "CVE-2024-24779", + "id": "pyup.io-68494", + "more_info_path": "/vulnerabilities/CVE-2024-24779/68494", + "specs": [ + ">=0,<3.0.4", + ">=3.1.0,<3.1.1" + ], + "v": ">=0,<3.0.4,>=3.1.0,<3.1.1" + }, + { + "advisory": "A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.", + "cve": "CVE-2024-24772", + "id": "pyup.io-68496", + "more_info_path": "/vulnerabilities/CVE-2024-24772/68496", "specs": [ ">=0,<3.0.4", ">=3.1.0,<3.1.1" @@ -9583,26 +9607,15 @@ "v": ">=0,<3.0.4,>=3.1.0,<3.1.1" }, { - "advisory": "Apache Superset with custom roles that include `can write on dataset` and without all data access permissions, allows for users to create virtual datasets to data they don't have access to. These users could then use those virtual datasets to get access to unauthorized data. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1. Users are recommended to upgrade to version 3.1.1 or 3.0.4, which fixes the issue.", - "cve": "CVE-2024-24779", - "id": "pyup.io-68494", - "more_info_path": "/vulnerabilities/CVE-2024-24779/68494", - "specs": [ - ">=0,<3.0.4", - ">=3.1.0,<3.1.1" - ], - "v": ">=0,<3.0.4,>=3.1.0,<3.1.1" - }, - { - "advisory": "A guest user could exploit a chart data REST API and send arbitrary SQL statements that on error could leak information from the underlying analytics database. This issue affects Apache Superset: before 3.0.4, from 3.1.0 before 3.1.1.", - "cve": "CVE-2024-24772", - "id": "pyup.io-68496", - "more_info_path": "/vulnerabilities/CVE-2024-24772/68496", + "advisory": "A vulnerability in various versions of Apache Superset allows authenticated users with alert creation privileges to execute a specially crafted SQL statement, leading to a database error. This error, improperly handled, could expose sensitive information in the alert's error log.", + "cve": "CVE-2024-27315", + "id": "pyup.io-68480", + "more_info_path": "/vulnerabilities/CVE-2024-27315/68480", "specs": [ ">=0,<3.0.4", - ">=3.1.0,<3.1.1" + ">=3.1.0rc1,<3.1.1" ], - "v": ">=0,<3.0.4,>=3.1.0,<3.1.1" + "v": ">=0,<3.0.4,>=3.1.0rc1,<3.1.1" }, { "advisory": "An Incorrect authorisation check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability.", @@ -10079,6 +10092,16 @@ } ], "archivebox": [ + { + "advisory": "Affected versions of Archivebox are vulnerable to Improper Authorization.", + "cve": "PVE-2024-73588", + "id": "pyup.io-73588", + "more_info_path": "/vulnerabilities/PVE-2024-73588/73588", + "specs": [ + "<0.8.3rc" + ], + "v": "<0.8.3rc" + }, { "advisory": "ArchiveBox is an open source self-hosted web archiving system. Any users who are using the `wget` extractor and view the content it outputs. The impact is potentially severe if you are logged in to the ArchiveBox admin site in the same browser session and view an archived malicious page designed to target your ArchiveBox instance. Malicious Javascript could potentially act using your logged-in admin credentials and add/remove/modify snapshots, add/remove/modify ArchiveBox users, and generally do anything an admin user could do. The impact is less severe for non-logged-in users, as malicious Javascript cannot *modify* any archives, but it can still *read* all the other archived content by fetching the snapshot index and iterating through it. Because all of ArchiveBox's archived content is served from the same host and port as the admin panel, when archived pages are viewed the JS executes in the same context as all the other archived pages (and the admin panel), defeating most of the browser's usual CORS/CSRF security protections and leading to this issue. A patch is being developed in https://github.com/ArchiveBox/ArchiveBox/issues/239. As a mitigation for this issue would be to disable the wget extractor by setting `archivebox config --set SAVE_WGET=False`, ensure you are always logged out, or serve only a [static HTML version](https://github.com/ArchiveBox/ArchiveBox/wiki/Publishing-Your-Archive#2-export-and-host-it-as-static-html) of your archive.", "cve": "CVE-2023-45815", @@ -10260,20 +10283,20 @@ "v": "<5.0.0" }, { - "advisory": "Argo-workflows 5.0.0 (Python SDK) is compatible with Argo-workflows core v3.0.0, which improves cookie security.\r\nhttps://github.com/argoproj/argo-workflows/issues/2759", - "cve": "PVE-2022-46476", - "id": "pyup.io-46476", - "more_info_path": "/vulnerabilities/PVE-2022-46476/46476", + "advisory": "Argo-workflows 5.0.0 (Python SDK) is compatible with Argo-workflows core v3.0.0, which includes a fix for an issue that allowed to list archived workflows that shouldn't be accessible.\r\nhttps://github.com/argoproj/argo-workflows/blob/7e9fc374a22c63fd5e09c322b37bd810f5d57a0e/sdks/python/README.md\r\nhttps://github.com/argoproj/argo-workflows/pull/2079", + "cve": "PVE-2022-46479", + "id": "pyup.io-46479", + "more_info_path": "/vulnerabilities/PVE-2022-46479/46479", "specs": [ "<5.0.0" ], "v": "<5.0.0" }, { - "advisory": "Argo-workflows 5.0.0 (Python SDK) is compatible with Argo-workflows core v3.0.0, which includes a fix for an issue that allowed to list archived workflows that shouldn't be accessible.\r\nhttps://github.com/argoproj/argo-workflows/blob/7e9fc374a22c63fd5e09c322b37bd810f5d57a0e/sdks/python/README.md\r\nhttps://github.com/argoproj/argo-workflows/pull/2079", - "cve": "PVE-2022-46479", - "id": "pyup.io-46479", - "more_info_path": "/vulnerabilities/PVE-2022-46479/46479", + "advisory": "Argo-workflows 5.0.0 (Python SDK) is compatible with Argo-workflows core v3.0.0, which improves cookie security.\r\nhttps://github.com/argoproj/argo-workflows/issues/2759", + "cve": "PVE-2022-46476", + "id": "pyup.io-46476", + "more_info_path": "/vulnerabilities/PVE-2022-46476/46476", "specs": [ "<5.0.0" ], @@ -10423,19 +10446,19 @@ }, { "advisory": "Argo-workflows 6.4.7 (Python SDK) is compatible with Argo-workflows core v3.4.7, which upgrades docker to v20.10.24 to include security fixes.\r\nhttps://github.com/argoproj/argo-workflows/pull/10868", - "cve": "CVE-2023-28841", - "id": "pyup.io-54995", - "more_info_path": "/vulnerabilities/CVE-2023-28841/54995", + "cve": "CVE-2023-28842", + "id": "pyup.io-54996", + "more_info_path": "/vulnerabilities/CVE-2023-28842/54996", "specs": [ "<6.4.7" ], "v": "<6.4.7" }, { - "advisory": "Argo-workflows 6.4.7 (Python SDK) is compatible with Argo-workflows core v3.4.7, which upgrades docker to v20.10.24 to include security fixes.\r\nhttps://github.com/argoproj/argo-workflows/pull/10868", - "cve": "CVE-2023-28842", - "id": "pyup.io-54996", - "more_info_path": "/vulnerabilities/CVE-2023-28842/54996", + "advisory": "Argo-workflows 6.4.7 (Python SDK) is compatible with Argo-workflows core v3.4.7, which updates UI NPM dependencies to include security fixes.\r\nhttps://github.com/argoproj/argo-workflows/pull/10842", + "cve": "CVE-2021-4279", + "id": "pyup.io-54997", + "more_info_path": "/vulnerabilities/CVE-2021-4279/54997", "specs": [ "<6.4.7" ], @@ -10443,19 +10466,19 @@ }, { "advisory": "Argo-workflows 6.4.7 (Python SDK) is compatible with Argo-workflows core v3.4.7, which upgrades docker to v20.10.24 to include security fixes.\r\nhttps://github.com/argoproj/argo-workflows/pull/10868", - "cve": "CVE-2023-28840", - "id": "pyup.io-54979", - "more_info_path": "/vulnerabilities/CVE-2023-28840/54979", + "cve": "CVE-2023-28841", + "id": "pyup.io-54995", + "more_info_path": "/vulnerabilities/CVE-2023-28841/54995", "specs": [ "<6.4.7" ], "v": "<6.4.7" }, { - "advisory": "Argo-workflows 6.4.7 (Python SDK) is compatible with Argo-workflows core v3.4.7, which updates UI NPM dependencies to include security fixes.\r\nhttps://github.com/argoproj/argo-workflows/pull/10842", - "cve": "CVE-2021-4279", - "id": "pyup.io-54997", - "more_info_path": "/vulnerabilities/CVE-2021-4279/54997", + "advisory": "Argo-workflows 6.4.7 (Python SDK) is compatible with Argo-workflows core v3.4.7, which upgrades docker to v20.10.24 to include security fixes.\r\nhttps://github.com/argoproj/argo-workflows/pull/10868", + "cve": "CVE-2023-28840", + "id": "pyup.io-54979", + "more_info_path": "/vulnerabilities/CVE-2023-28840/54979", "specs": [ "<6.4.7" ], @@ -10605,6 +10628,19 @@ "v": "<2.0.0" } ], + "artifact-lab-3-package-24ddbc49": [ + { + "advisory": "The OpenSSF Package Analysis project identified 'artifact-lab-3-package-24ddbc49' @ 0.7.0 (pypi) as malicious.", + "cve": "PVE-2024-73971", + "id": "pyup.io-73971", + "more_info_path": "/vulnerabilities/PVE-2024-73971/73971", + "specs": [ + "<=0", + ">=0" + ], + "v": "<=0,>=0" + } + ], "artifact-lab-3-package-3eef6c2c": [ { "advisory": "The artifact-lab-3-package-3eef6c2c has been flagged as malicious due to communication with a domain linked to unauthorized activities, potentially compromising system security. The package contains malicious code, raising concerns about its integrity. Immediate action is required to remove this package and replace it with a trusted alternative to prevent unauthorized access and safeguard sensitive information.", @@ -10951,9 +10987,9 @@ }, { "advisory": "Async-tkinter-loop 0.3.0 updates its dependency 'pillow' requirement to '^9.0.1' to include security fixes.", - "cve": "CVE-2022-22817", - "id": "pyup.io-49245", - "more_info_path": "/vulnerabilities/CVE-2022-22817/49245", + "cve": "CVE-2022-22815", + "id": "pyup.io-49244", + "more_info_path": "/vulnerabilities/CVE-2022-22815/49244", "specs": [ "<0.3.0" ], @@ -10961,9 +10997,9 @@ }, { "advisory": "Async-tkinter-loop 0.3.0 updates its dependency 'pillow' requirement to '^9.0.1' to include security fixes.", - "cve": "CVE-2022-22815", - "id": "pyup.io-49244", - "more_info_path": "/vulnerabilities/CVE-2022-22815/49244", + "cve": "CVE-2022-24303", + "id": "pyup.io-49242", + "more_info_path": "/vulnerabilities/CVE-2022-24303/49242", "specs": [ "<0.3.0" ], @@ -10971,9 +11007,9 @@ }, { "advisory": "Async-tkinter-loop 0.3.0 updates its dependency 'pillow' requirement to '^9.0.1' to include security fixes.", - "cve": "CVE-2022-24303", - "id": "pyup.io-49242", - "more_info_path": "/vulnerabilities/CVE-2022-24303/49242", + "cve": "CVE-2022-22817", + "id": "pyup.io-49245", + "more_info_path": "/vulnerabilities/CVE-2022-22817/49245", "specs": [ "<0.3.0" ], @@ -11739,16 +11775,6 @@ ], "v": ">=0.4.0,<0.4.1" }, - { - "advisory": "Autogluon 0.4.1 updates its dependency 'ray' minimum requirement to v1.10.0 to include security fixes.", - "cve": "CVE-2021-44228", - "id": "pyup.io-48621", - "more_info_path": "/vulnerabilities/CVE-2021-44228/48621", - "specs": [ - ">=0.4.0,<0.4.1" - ], - "v": ">=0.4.0,<0.4.1" - }, { "advisory": "Autogluon 0.4.1 updates its dependency 'ray' minimum requirement to v1.10.0 to include security fixes.", "cve": "CVE-2021-44832", @@ -11779,6 +11805,16 @@ ], "v": ">=0.4.0,<0.4.1" }, + { + "advisory": "Autogluon 0.4.1 updates its dependency 'ray' minimum requirement to v1.10.0 to include security fixes.", + "cve": "CVE-2021-44228", + "id": "pyup.io-48621", + "more_info_path": "/vulnerabilities/CVE-2021-44228/48621", + "specs": [ + ">=0.4.0,<0.4.1" + ], + "v": ">=0.4.0,<0.4.1" + }, { "advisory": "The autogluon.multimodal module has a vulnerability due to the incorrect neutralization of special elements utilized in an operating system command. This issue is identified as an 'OS Command Injection'.", "cve": "PVE-2023-99929", @@ -11915,16 +11951,6 @@ ], "v": "<9.0.1" }, - { - "advisory": "Av 9.0.1 updates wheel components to include security fixes [wavpack].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", - "cve": "CVE-2020-35738", - "id": "pyup.io-45838", - "more_info_path": "/vulnerabilities/CVE-2020-35738/45838", - "specs": [ - "<9.0.1" - ], - "v": "<9.0.1" - }, { "advisory": "Av 9.0.1 updates wheel components to include security fixes [openjpeg].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", "cve": "CVE-2020-8112", @@ -11936,10 +11962,10 @@ "v": "<9.0.1" }, { - "advisory": "Av 9.0.1 updates wheel components to include security fixes [openjpeg].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", - "cve": "CVE-2020-15389", - "id": "pyup.io-45828", - "more_info_path": "/vulnerabilities/CVE-2020-15389/45828", + "advisory": "Av 9.0.1 updates wheel components to include security fixes [wavpack].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", + "cve": "CVE-2020-35738", + "id": "pyup.io-45838", + "more_info_path": "/vulnerabilities/CVE-2020-35738/45838", "specs": [ "<9.0.1" ], @@ -11957,9 +11983,9 @@ }, { "advisory": "Av 9.0.1 updates wheel components to include security fixes [openjpeg].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", - "cve": "CVE-2020-6851", - "id": "pyup.io-45827", - "more_info_path": "/vulnerabilities/CVE-2020-6851/45827", + "cve": "CVE-2020-15389", + "id": "pyup.io-45828", + "more_info_path": "/vulnerabilities/CVE-2020-15389/45828", "specs": [ "<9.0.1" ], @@ -11967,9 +11993,9 @@ }, { "advisory": "Av 9.0.1 updates wheel components to include security fixes [openjpeg].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", - "cve": "CVE-2020-27844", - "id": "pyup.io-45824", - "more_info_path": "/vulnerabilities/CVE-2020-27844/45824", + "cve": "CVE-2020-6851", + "id": "pyup.io-45827", + "more_info_path": "/vulnerabilities/CVE-2020-6851/45827", "specs": [ "<9.0.1" ], @@ -11995,6 +12021,16 @@ ], "v": "<9.0.1" }, + { + "advisory": "Av 9.0.1 updates wheel components to include security fixes [openjpeg].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", + "cve": "CVE-2020-27842", + "id": "pyup.io-45834", + "more_info_path": "/vulnerabilities/CVE-2020-27842/45834", + "specs": [ + "<9.0.1" + ], + "v": "<9.0.1" + }, { "advisory": "Av 9.0.1 updates wheel components to include security fixes [openjpeg].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", "cve": "CVE-2020-27823", @@ -12007,9 +12043,9 @@ }, { "advisory": "Av 9.0.1 updates wheel components to include security fixes [openjpeg].\r\nhttps://github.com/PyAV-Org/PyAV/issues/901", - "cve": "CVE-2020-27842", - "id": "pyup.io-45834", - "more_info_path": "/vulnerabilities/CVE-2020-27842/45834", + "cve": "CVE-2020-27844", + "id": "pyup.io-45824", + "more_info_path": "/vulnerabilities/CVE-2020-27844/45824", "specs": [ "<9.0.1" ], @@ -12037,9 +12073,9 @@ }, { "advisory": "Av 9.1.0 updates 'FFmpeg' binary wheels to fix security vulnerabilities.\r\nhttps://github.com/PyAV-Org/PyAV/commit/9cbe441d637be15d5b4b57211a7df3958c3c0a02", - "cve": "CVE-2018-10392", - "id": "pyup.io-47802", - "more_info_path": "/vulnerabilities/CVE-2018-10392/47802", + "cve": "CVE-2018-10393", + "id": "pyup.io-47835", + "more_info_path": "/vulnerabilities/CVE-2018-10393/47835", "specs": [ "<9.1.0" ], @@ -12057,9 +12093,9 @@ }, { "advisory": "Av 9.1.0 updates 'FFmpeg' binary wheels to fix security vulnerabilities.\r\nhttps://github.com/PyAV-Org/PyAV/commit/9cbe441d637be15d5b4b57211a7df3958c3c0a02", - "cve": "CVE-2018-10393", - "id": "pyup.io-47835", - "more_info_path": "/vulnerabilities/CVE-2018-10393/47835", + "cve": "CVE-2018-10392", + "id": "pyup.io-47802", + "more_info_path": "/vulnerabilities/CVE-2018-10392/47802", "specs": [ "<9.1.0" ], @@ -12917,20 +12953,20 @@ "v": "<14.0.0.0rc1" }, { - "advisory": "Barbican 17.0.0.0rc1 and prior versions are affected by CVE-2023-1633: A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2181761", - "cve": "CVE-2023-1633", - "id": "pyup.io-61407", - "more_info_path": "/vulnerabilities/CVE-2023-1633/61407", + "advisory": "Barbican 17.0.0.0rc1 and prior versions are affected by CVE-2023-1636: A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2181765", + "cve": "CVE-2023-1636", + "id": "pyup.io-61408", + "more_info_path": "/vulnerabilities/CVE-2023-1636/61408", "specs": [ "<=17.0.0.0rc1" ], "v": "<=17.0.0.0rc1" }, { - "advisory": "Barbican 17.0.0.0rc1 and prior versions are affected by CVE-2023-1636: A vulnerability was found in OpenStack Barbican containers. This vulnerability is only applicable to deployments that utilize an all-in-one configuration. Barbican containers share the same CGROUP, USER, and NET namespace with the host system and other OpenStack services. If any service is compromised, it could gain access to the data transmitted to and from Barbican.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2181765", - "cve": "CVE-2023-1636", - "id": "pyup.io-61408", - "more_info_path": "/vulnerabilities/CVE-2023-1636/61408", + "advisory": "Barbican 17.0.0.0rc1 and prior versions are affected by CVE-2023-1633: A credentials leak flaw was found in OpenStack Barbican. This flaw allows a local authenticated attacker to read the configuration file, gaining access to sensitive credentials.\r\nhttps://bugzilla.redhat.com/show_bug.cgi?id=2181761", + "cve": "CVE-2023-1633", + "id": "pyup.io-61407", + "more_info_path": "/vulnerabilities/CVE-2023-1633/61407", "specs": [ "<=17.0.0.0rc1" ], @@ -13061,20 +13097,20 @@ "v": "<0.4.1" }, { - "advisory": "Baybe 0.8.2 has updated its onnx dependency to version 1.16.0 or newer to address the security issue CVE-2024-27318.", + "advisory": "Baybe 0.8.2 has updated its onnx dependency to version 1.16.0 or newer to address the security issue CVE-2024-27319.", "cve": "CVE-2024-27318", - "id": "pyup.io-66978", - "more_info_path": "/vulnerabilities/CVE-2024-27318/66978", + "id": "pyup.io-66984", + "more_info_path": "/vulnerabilities/CVE-2024-27318/66984", "specs": [ "<0.8.2" ], "v": "<0.8.2" }, { - "advisory": "Baybe 0.8.2 has updated its onnx dependency to version 1.16.0 or newer to address the security issue CVE-2024-27319.", + "advisory": "Baybe 0.8.2 has updated its onnx dependency to version 1.16.0 or newer to address the security issue CVE-2024-27318.", "cve": "CVE-2024-27318", - "id": "pyup.io-66984", - "more_info_path": "/vulnerabilities/CVE-2024-27318/66984", + "id": "pyup.io-66978", + "more_info_path": "/vulnerabilities/CVE-2024-27318/66978", "specs": [ "<0.8.2" ], @@ -13494,6 +13530,16 @@ "<0.3.0a1" ], "v": "<0.3.0a1" + }, + { + "advisory": "Affected versions of the Betty cache package are vulnerable to a Race Condition (CWE-362). This vulnerability may result in data corruption or inconsistent state when multiple coroutines access shared cache items concurrently. The issue arises in the _CacheItemLock class's release method, which no longer acquires a lock before modifying shared data. Attackers could exploit this by triggering concurrent cache operations, leading to unpredictable behavior. To mitigate this issue, reintroduce the lock in the release method to ensure proper synchronization of shared resources.", + "cve": "PVE-2024-73610", + "id": "pyup.io-73610", + "more_info_path": "/vulnerabilities/PVE-2024-73610/73610", + "specs": [ + "<0.4.0a12" + ], + "v": "<0.4.0a12" } ], "bgcflow-wrapper": [ @@ -13780,20 +13826,20 @@ ], "bikeshed": [ { - "advisory": "Bikeshed version 3.0.0 includes a fix for CVE-2021-23422:\r\nWhen an untrusted source file containing Inline Tag Command metadata is processed or when an arbitrary OS command is executed, the command output would be included in the HTML output.\r\nhttps://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd", - "cve": "CVE-2021-23422", - "id": "pyup.io-41179", - "more_info_path": "/vulnerabilities/CVE-2021-23422/41179", + "advisory": "Bikeshed version 3.0.0 includes a fix for CVE-2021-23423:\r\nWhen an untrusted source file containing include, include-code or include-raw block is processed, the contents of arbitrary files could be disclosed in the HTML output.\r\nhttps://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd", + "cve": "CVE-2021-23423", + "id": "pyup.io-41180", + "more_info_path": "/vulnerabilities/CVE-2021-23423/41180", "specs": [ "<3.0.0" ], "v": "<3.0.0" }, { - "advisory": "Bikeshed version 3.0.0 includes a fix for CVE-2021-23423:\r\nWhen an untrusted source file containing include, include-code or include-raw block is processed, the contents of arbitrary files could be disclosed in the HTML output.\r\nhttps://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd", - "cve": "CVE-2021-23423", - "id": "pyup.io-41180", - "more_info_path": "/vulnerabilities/CVE-2021-23423/41180", + "advisory": "Bikeshed version 3.0.0 includes a fix for CVE-2021-23422:\r\nWhen an untrusted source file containing Inline Tag Command metadata is processed or when an arbitrary OS command is executed, the command output would be included in the HTML output.\r\nhttps://github.com/tabatkins/bikeshed/commit/b2f668fca204260b1cad28d5078e93471cb6b2dd", + "cve": "CVE-2021-23422", + "id": "pyup.io-41179", + "more_info_path": "/vulnerabilities/CVE-2021-23422/41179", "specs": [ "<3.0.0" ], @@ -14006,10 +14052,10 @@ "v": "<3.4.3" }, { - "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix an Expected Behavior Violation vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", - "cve": "CVE-2023-23931", - "id": "pyup.io-59616", - "more_info_path": "/vulnerabilities/CVE-2023-23931/59616", + "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Denial of Service vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", + "cve": "CVE-2023-0217", + "id": "pyup.io-59609", + "more_info_path": "/vulnerabilities/CVE-2023-0217/59609", "specs": [ "<5.3.1" ], @@ -14025,16 +14071,6 @@ ], "v": "<5.3.1" }, - { - "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Denial of Service vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", - "cve": "CVE-2022-4450", - "id": "pyup.io-59615", - "more_info_path": "/vulnerabilities/CVE-2022-4450/59615", - "specs": [ - "<5.3.1" - ], - "v": "<5.3.1" - }, { "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Use After Free vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", "cve": "CVE-2023-0215", @@ -14057,9 +14093,9 @@ }, { "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Denial of Service vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", - "cve": "CVE-2023-0217", - "id": "pyup.io-59609", - "more_info_path": "/vulnerabilities/CVE-2023-0217/59609", + "cve": "CVE-2022-3996", + "id": "pyup.io-59617", + "more_info_path": "/vulnerabilities/CVE-2022-3996/59617", "specs": [ "<5.3.1" ], @@ -14067,9 +14103,19 @@ }, { "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Denial of Service vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", - "cve": "CVE-2022-3996", - "id": "pyup.io-59617", - "more_info_path": "/vulnerabilities/CVE-2022-3996/59617", + "cve": "CVE-2023-0401", + "id": "pyup.io-59608", + "more_info_path": "/vulnerabilities/CVE-2023-0401/59608", + "specs": [ + "<5.3.1" + ], + "v": "<5.3.1" + }, + { + "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Type Confusion vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", + "cve": "CVE-2023-0286", + "id": "pyup.io-59611", + "more_info_path": "/vulnerabilities/CVE-2023-0286/59611", "specs": [ "<5.3.1" ], @@ -14077,9 +14123,9 @@ }, { "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Denial of Service vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", - "cve": "CVE-2023-0401", - "id": "pyup.io-59608", - "more_info_path": "/vulnerabilities/CVE-2023-0401/59608", + "cve": "CVE-2022-4203", + "id": "pyup.io-59614", + "more_info_path": "/vulnerabilities/CVE-2022-4203/59614", "specs": [ "<5.3.1" ], @@ -14096,30 +14142,30 @@ "v": "<5.3.1" }, { - "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Type Confusion vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", - "cve": "CVE-2023-0286", - "id": "pyup.io-59611", - "more_info_path": "/vulnerabilities/CVE-2023-0286/59611", + "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Denial of Service vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", + "cve": "CVE-2022-4450", + "id": "pyup.io-59615", + "more_info_path": "/vulnerabilities/CVE-2022-4450/59615", "specs": [ "<5.3.1" ], "v": "<5.3.1" }, { - "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix a Denial of Service vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", - "cve": "CVE-2022-4203", - "id": "pyup.io-59614", - "more_info_path": "/vulnerabilities/CVE-2022-4203/59614", + "advisory": "Bittensor 5.3.1 updates its dependency 'cryptography' to version '41.0.0' to fix an Expected Behavior Violation vulnerability.\r\nhttps://github.com/opentensor/bittensor/commit/91d13b0fa711621cbf823708d4368b1b387e42c4", + "cve": "CVE-2023-23931", + "id": "pyup.io-59616", + "more_info_path": "/vulnerabilities/CVE-2023-23931/59616", "specs": [ "<5.3.1" ], "v": "<5.3.1" }, { - "advisory": "Bittensor version 6.12.0 updates its `certifi` package to versions 2023.7.22 and 2024.2.2 to address the security issues identified in CVE-2023-37920.", - "cve": "CVE-2023-37920", - "id": "pyup.io-70794", - "more_info_path": "/vulnerabilities/CVE-2023-37920/70794", + "advisory": "Bittensor version 6.12.0 updates FastAPI to versions 0.99.1 and 0.110.1 to address security issues highlighted in CVE-2024-24762.", + "cve": "CVE-2024-24762", + "id": "pyup.io-70789", + "more_info_path": "/vulnerabilities/CVE-2024-24762/70789", "specs": [ "<6.12.0" ], @@ -14136,10 +14182,10 @@ "v": "<6.12.0" }, { - "advisory": "Bittensor version 6.12.0 updates FastAPI to versions 0.99.1 and 0.110.1 to address security issues highlighted in CVE-2024-24762.", - "cve": "CVE-2024-24762", - "id": "pyup.io-70789", - "more_info_path": "/vulnerabilities/CVE-2024-24762/70789", + "advisory": "Bittensor version 6.12.0 updates its `certifi` package to versions 2023.7.22 and 2024.2.2 to address the security issues identified in CVE-2023-37920.", + "cve": "CVE-2023-37920", + "id": "pyup.io-70794", + "more_info_path": "/vulnerabilities/CVE-2023-37920/70794", "specs": [ "<6.12.0" ], @@ -14725,9 +14771,9 @@ }, { "advisory": "Bokeh 2.4.2 updates its dependency 'jquery-ui' to v1.13.0 to include security fixes.", - "cve": "CVE-2021-41182", - "id": "pyup.io-42772", - "more_info_path": "/vulnerabilities/CVE-2021-41182/42772", + "cve": "CVE-2021-41184", + "id": "pyup.io-42815", + "more_info_path": "/vulnerabilities/CVE-2021-41184/42815", "specs": [ "<2.4.2" ], @@ -14735,9 +14781,9 @@ }, { "advisory": "Bokeh 2.4.2 updates its dependency 'jquery-ui' to v1.13.0 to include security fixes.", - "cve": "CVE-2021-41184", - "id": "pyup.io-42815", - "more_info_path": "/vulnerabilities/CVE-2021-41184/42815", + "cve": "CVE-2021-41182", + "id": "pyup.io-42772", + "more_info_path": "/vulnerabilities/CVE-2021-41182/42772", "specs": [ "<2.4.2" ], @@ -15515,20 +15561,20 @@ "v": "<4.0.0" }, { - "advisory": "C2cwsgiutils 4.1.2 updates its dependency 'lxml' to v4.6.3 to include a security fix.", - "cve": "CVE-2021-28957", - "id": "pyup.io-53061", - "more_info_path": "/vulnerabilities/CVE-2021-28957/53061", + "advisory": "C2cwsgiutils 4.1.2 updates its dependency 'mako' to v1.2.2 to include a security fix.", + "cve": "CVE-2022-40023", + "id": "pyup.io-53014", + "more_info_path": "/vulnerabilities/CVE-2022-40023/53014", "specs": [ "<4.1.2" ], "v": "<4.1.2" }, { - "advisory": "C2cwsgiutils 4.1.2 updates its dependency 'mako' to v1.2.2 to include a security fix.", - "cve": "CVE-2022-40023", - "id": "pyup.io-53014", - "more_info_path": "/vulnerabilities/CVE-2022-40023/53014", + "advisory": "C2cwsgiutils 4.1.2 updates its dependency 'lxml' to v4.6.3 to include a security fix.", + "cve": "CVE-2021-28957", + "id": "pyup.io-53061", + "more_info_path": "/vulnerabilities/CVE-2021-28957/53061", "specs": [ "<4.1.2" ], @@ -16236,20 +16282,20 @@ "v": "<2.0.0" }, { - "advisory": "Cashocs version 2.0.0 updates its pygments dependency to version 2.7.4 from the previous 2.5.2, addressing the vulnerability identified as CVE-2021-20270.\r\nhttps://github.com/sblauth/cashocs/pull/141/commits/1fb563e91e1b4d564cb4784c7c812bf27c7e15b7", - "cve": "CVE-2021-20270", - "id": "pyup.io-64944", - "more_info_path": "/vulnerabilities/CVE-2021-20270/64944", + "advisory": "Cashocs version 2.0.0 updates its setuptools dependency to version 65.5.1 from the previous 39.0.1, addressing the vulnerability identified as CVE-2022-40897.\r\nhttps://github.com/sblauth/cashocs/pull/137/commits/eb3fdc2bc65c87fb27d3622ada71c4d841a856a2", + "cve": "CVE-2022-40897", + "id": "pyup.io-64817", + "more_info_path": "/vulnerabilities/CVE-2022-40897/64817", "specs": [ "<2.0.0" ], "v": "<2.0.0" }, { - "advisory": "Cashocs version 2.0.0 updates its setuptools dependency to version 65.5.1 from the previous 39.0.1, addressing the vulnerability identified as CVE-2022-40897.\r\nhttps://github.com/sblauth/cashocs/pull/137/commits/eb3fdc2bc65c87fb27d3622ada71c4d841a856a2", - "cve": "CVE-2022-40897", - "id": "pyup.io-64817", - "more_info_path": "/vulnerabilities/CVE-2022-40897/64817", + "advisory": "Cashocs version 2.0.0 updates its pygments dependency to version 2.7.4 from the previous 2.5.2, addressing the vulnerability identified as CVE-2021-20270.\r\nhttps://github.com/sblauth/cashocs/pull/141/commits/1fb563e91e1b4d564cb4784c7c812bf27c7e15b7", + "cve": "CVE-2021-20270", + "id": "pyup.io-64944", + "more_info_path": "/vulnerabilities/CVE-2021-20270/64944", "specs": [ "<2.0.0" ], @@ -16772,20 +16818,20 @@ "v": "<0.0.83" }, { - "advisory": "Cdk-ecr-deployment 2.0.7 updates its GO dependency 'opencontainers/runc' to v1.0.3 to include a security fix.\r\nhttps://github.com/cdklabs/cdk-ecr-deployment/commit/74e8412f370f4ab00be5b5a1f509c2615a874a46", - "cve": "CVE-2021-43784", - "id": "pyup.io-54973", - "more_info_path": "/vulnerabilities/CVE-2021-43784/54973", + "advisory": "Cdk-ecr-deployment 2.0.7 updates its GO dependency 'containerd' to v1.5.9 to include a security fix.\r\nhttps://github.com/cdklabs/cdk-ecr-deployment/commit/74e8412f370f4ab00be5b5a1f509c2615a874a46", + "cve": "CVE-2021-43816", + "id": "pyup.io-44474", + "more_info_path": "/vulnerabilities/CVE-2021-43816/44474", "specs": [ "<2.0.7" ], "v": "<2.0.7" }, { - "advisory": "Cdk-ecr-deployment 2.0.7 updates its GO dependency 'containerd' to v1.5.9 to include a security fix.\r\nhttps://github.com/cdklabs/cdk-ecr-deployment/commit/74e8412f370f4ab00be5b5a1f509c2615a874a46", - "cve": "CVE-2021-43816", - "id": "pyup.io-44474", - "more_info_path": "/vulnerabilities/CVE-2021-43816/44474", + "advisory": "Cdk-ecr-deployment 2.0.7 updates its GO dependency 'opencontainers/runc' to v1.0.3 to include a security fix.\r\nhttps://github.com/cdklabs/cdk-ecr-deployment/commit/74e8412f370f4ab00be5b5a1f509c2615a874a46", + "cve": "CVE-2021-43784", + "id": "pyup.io-54973", + "more_info_path": "/vulnerabilities/CVE-2021-43784/54973", "specs": [ "<2.0.7" ], @@ -16850,20 +16896,20 @@ ], "cedar-backup3": [ { - "advisory": "Cedar-backup3 version 1.10 fixes a shell-interpolation bug.", - "cve": "PVE-2021-42010", - "id": "pyup.io-42010", - "more_info_path": "/vulnerabilities/PVE-2021-42010/42010", + "advisory": "Cedar-backup3 version 1.10 stops using insecure os.popen().", + "cve": "PVE-2022-46427", + "id": "pyup.io-46427", + "more_info_path": "/vulnerabilities/PVE-2022-46427/46427", "specs": [ "<1.10" ], "v": "<1.10" }, { - "advisory": "Cedar-backup3 version 1.10 stops using insecure os.popen().", - "cve": "PVE-2022-46427", - "id": "pyup.io-46427", - "more_info_path": "/vulnerabilities/PVE-2022-46427/46427", + "advisory": "Cedar-backup3 version 1.10 fixes a shell-interpolation bug.", + "cve": "PVE-2021-42010", + "id": "pyup.io-42010", + "more_info_path": "/vulnerabilities/PVE-2021-42010/42010", "specs": [ "<1.10" ], @@ -17496,6 +17542,19 @@ "<1.2.0" ], "v": "<1.2.0" + }, + { + "advisory": "Affected versions of the Chainlit backend are vulnerable to Missing Authorization (CWE-862). This flaw allows unauthorized users to access and retrieve session files by guessing or obtaining valid session_ids, potentially leading to data breaches. The vulnerability exists in the get_file endpoint, which lacked proper user verification. Exploitability is high if session_ids are predictable. Chainlit mitigates this issue by enforcing strict authorization checks.\r\nUPDATE: \"1.3.1 release temporarily reverts the file access security improvements from 1.3.0 to restore element functionality. The element feature currently has a known security vulnerability that could allow unauthorized access to files. We strongly recommend against using elements in production environments until the next release. A comprehensive security fix using HTTP-only cookie authentication will be implemented in an upcoming release.\"", + "cve": "PVE-2024-73842", + "id": "pyup.io-73842", + "more_info_path": "/vulnerabilities/PVE-2024-73842/73842", + "specs": [ + "<1.3.0", + ">=2.0.dev0,<2.0.dev1", + ">2.0.dev1", + ">1.3.0,<2.0.dev0" + ], + "v": "<1.3.0,>=2.0.dev0,<2.0.dev1,>2.0.dev1,>1.3.0,<2.0.dev0" } ], "changedetection-io": [ @@ -17738,50 +17797,50 @@ "v": "<3.0.3" }, { - "advisory": "Chartify 3.0.3 includes a version of 'pillow' (6.2.0) affected by several CVEs.", - "cve": "CVE-2020-5312", - "id": "pyup.io-43570", - "more_info_path": "/vulnerabilities/CVE-2020-5312/43570", + "advisory": "Chartify 3.0.4 updates its dependency 'pillow' requirement to '>=8.4.0' to include security fixes.", + "cve": "CVE-2019-19911", + "id": "pyup.io-38345", + "more_info_path": "/vulnerabilities/CVE-2019-19911/38345", "specs": [ "<=3.0.3" ], "v": "<=3.0.3" }, { - "advisory": "libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.", - "cve": "CVE-2020-5310", - "id": "pyup.io-43568", - "more_info_path": "/vulnerabilities/CVE-2020-5310/43568", + "advisory": "Chartify 3.0.3 includes a version of 'pillow' (6.2.0) affected by several CVEs.", + "cve": "CVE-2020-5311", + "id": "pyup.io-43569", + "more_info_path": "/vulnerabilities/CVE-2020-5311/43569", "specs": [ "<=3.0.3" ], "v": "<=3.0.3" }, { - "advisory": "libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.", - "cve": "CVE-2020-5313", - "id": "pyup.io-43571", - "more_info_path": "/vulnerabilities/CVE-2020-5313/43571", + "advisory": "Chartify 3.0.3 includes a version of 'pillow' (6.2.0) affected by several CVEs.", + "cve": "CVE-2020-5312", + "id": "pyup.io-43570", + "more_info_path": "/vulnerabilities/CVE-2020-5312/43570", "specs": [ "<=3.0.3" ], "v": "<=3.0.3" }, { - "advisory": "Chartify 3.0.4 updates its dependency 'pillow' requirement to '>=8.4.0' to include security fixes.", - "cve": "CVE-2019-19911", - "id": "pyup.io-38345", - "more_info_path": "/vulnerabilities/CVE-2019-19911/38345", + "advisory": "libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.", + "cve": "CVE-2020-5310", + "id": "pyup.io-43568", + "more_info_path": "/vulnerabilities/CVE-2020-5310/43568", "specs": [ "<=3.0.3" ], "v": "<=3.0.3" }, { - "advisory": "Chartify 3.0.3 includes a version of 'pillow' (6.2.0) affected by several CVEs.", - "cve": "CVE-2020-5311", - "id": "pyup.io-43569", - "more_info_path": "/vulnerabilities/CVE-2020-5311/43569", + "advisory": "libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.", + "cve": "CVE-2020-5313", + "id": "pyup.io-43571", + "more_info_path": "/vulnerabilities/CVE-2020-5313/43571", "specs": [ "<=3.0.3" ], @@ -17922,6 +17981,18 @@ "v": "<0.6.0" } ], + "chaturbate-poller": [ + { + "advisory": "Affected versions of Chaturbate-poller are vulnerable to Sensitive Information Exposure.", + "cve": "PVE-2024-73683", + "id": "pyup.io-73683", + "more_info_path": "/vulnerabilities/PVE-2024-73683/73683", + "specs": [ + "<0.11.0" + ], + "v": "<0.11.0" + } + ], "chazz": [ { "advisory": "Chazz is a malicious package. It delivers the W4SP Stealer Malware to your system.\r\nhttps://thehackernews.com/2022/12/w4sp-stealer-discovered-in-multiple.html", @@ -20365,16 +20436,6 @@ ], "v": "<2.4.0" }, - { - "advisory": "Chia 2.4.0 updates Tensorflow to v2.4.3 to include security fixes.", - "cve": "CVE-2021-29544", - "id": "pyup.io-44249", - "more_info_path": "/vulnerabilities/CVE-2021-29544/44249", - "specs": [ - "<2.4.0" - ], - "v": "<2.4.0" - }, { "advisory": "Chia 2.4.0 updates Tensorflow to v2.4.3 to include security fixes.", "cve": "CVE-2021-29546", @@ -20595,6 +20656,16 @@ ], "v": "<2.4.0" }, + { + "advisory": "Chia 2.4.0 updates Tensorflow to v2.4.3 to include security fixes.", + "cve": "CVE-2021-29544", + "id": "pyup.io-44249", + "more_info_path": "/vulnerabilities/CVE-2021-29544/44249", + "specs": [ + "<2.4.0" + ], + "v": "<2.4.0" + }, { "advisory": "Chia versions 2.5.0 and prior require as minimum dependency TensorFlow v2.6.0 or lower, that have several known vulnerabilities.", "cve": "CVE-2021-41213", @@ -21659,9 +21730,9 @@ }, { "advisory": "Chia-blockchain 1.8.1rc4 updates its NPM dependency 'Electron' to 22.3.7 to include security fixes.", - "cve": "CVE-2023-2134", - "id": "pyup.io-64105", - "more_info_path": "/vulnerabilities/CVE-2023-2134/64105", + "cve": "CVE-2023-2135", + "id": "pyup.io-64106", + "more_info_path": "/vulnerabilities/CVE-2023-2135/64106", "specs": [ "<1.8.1rc4" ], @@ -21669,9 +21740,9 @@ }, { "advisory": "Chia-blockchain 1.8.1rc4 updates its NPM dependency 'Electron' to 22.3.7 to include security fixes.", - "cve": "CVE-2023-2135", - "id": "pyup.io-64106", - "more_info_path": "/vulnerabilities/CVE-2023-2135/64106", + "cve": "CVE-2023-2134", + "id": "pyup.io-64105", + "more_info_path": "/vulnerabilities/CVE-2023-2134/64105", "specs": [ "<1.8.1rc4" ], @@ -22693,9 +22764,9 @@ "cloudvision": [ { "advisory": "Cloudvision 1.13.0 updates 'cryptography' minimum version to v41.0.3 to include security fixes in bundled OpenSSL.", - "cve": "CVE-2023-2975", - "id": "pyup.io-61130", - "more_info_path": "/vulnerabilities/CVE-2023-2975/61130", + "cve": "CVE-2023-3446", + "id": "pyup.io-61131", + "more_info_path": "/vulnerabilities/CVE-2023-3446/61131", "specs": [ "<1.13.0" ], @@ -22703,9 +22774,9 @@ }, { "advisory": "Cloudvision 1.13.0 updates 'cryptography' minimum version to v41.0.3 to include security fixes in bundled OpenSSL.", - "cve": "CVE-2023-3446", - "id": "pyup.io-61131", - "more_info_path": "/vulnerabilities/CVE-2023-3446/61131", + "cve": "CVE-2023-3817", + "id": "pyup.io-61129", + "more_info_path": "/vulnerabilities/CVE-2023-3817/61129", "specs": [ "<1.13.0" ], @@ -22713,9 +22784,9 @@ }, { "advisory": "Cloudvision 1.13.0 updates 'cryptography' minimum version to v41.0.3 to include security fixes in bundled OpenSSL.", - "cve": "CVE-2023-3817", - "id": "pyup.io-61129", - "more_info_path": "/vulnerabilities/CVE-2023-3817/61129", + "cve": "CVE-2023-2975", + "id": "pyup.io-61130", + "more_info_path": "/vulnerabilities/CVE-2023-2975/61130", "specs": [ "<1.13.0" ], @@ -23224,6 +23295,16 @@ ], "v": "<6.23.0" }, + { + "advisory": "Codechecker 6.24.2 includes a fix for an endpoint parsing issue that lead to unauthorized access.", + "cve": "PVE-2024-73768", + "id": "pyup.io-73768", + "more_info_path": "/vulnerabilities/PVE-2024-73768/73768", + "specs": [ + "<6.24.2" + ], + "v": "<6.24.2" + }, { "advisory": "In Ericsson CodeChecker prior to 6.18.2, a Stored Cross-site scripting (XSS) vulnerability in the comments component of the reports viewer allows remote attackers to inject arbitrary web script or HTML via the POST JSON data of the /CodeCheckerService API.", "cve": "CVE-2021-44217", @@ -23741,6 +23822,18 @@ "v": ">0,<0" } ], + "commlib-py": [ + { + "advisory": "Commlib-py 0.11.5 updates its dependency 'certifi' to include a security fix.", + "cve": "CVE-2024-39689", + "id": "pyup.io-73597", + "more_info_path": "/vulnerabilities/CVE-2024-39689/73597", + "specs": [ + "<0.11.5" + ], + "v": "<0.11.5" + } + ], "commondatamodel-objectmodel": [ { "advisory": "Microsoft Common Data Model SDK Denial of Service Vulnerability.", @@ -23849,20 +23942,20 @@ "v": "<2.6.0" }, { - "advisory": "Compliance-trestle 3.3.0 updates its dependency 'urllib3' from version 1.26.17 to 1.26.19 to include a security fix.", - "cve": "CVE-2024-37891", - "id": "pyup.io-72186", - "more_info_path": "/vulnerabilities/CVE-2024-37891/72186", + "advisory": "Compliance-trestle 3.3.0 updates its dependency 'Jinja2' from version 3.1.3 to 3.1.4 to include a security fix.", + "cve": "CVE-2024-34064", + "id": "pyup.io-72184", + "more_info_path": "/vulnerabilities/CVE-2024-34064/72184", "specs": [ "<3.3.0" ], "v": "<3.3.0" }, { - "advisory": "Compliance-trestle 3.3.0 updates its dependency 'Jinja2' from version 3.1.3 to 3.1.4 to include a security fix.", - "cve": "CVE-2024-34064", - "id": "pyup.io-72184", - "more_info_path": "/vulnerabilities/CVE-2024-34064/72184", + "advisory": "Compliance-trestle 3.3.0 updates its dependency 'urllib3' from version 1.26.17 to 1.26.19 to include a security fix.", + "cve": "CVE-2024-37891", + "id": "pyup.io-72186", + "more_info_path": "/vulnerabilities/CVE-2024-37891/72186", "specs": [ "<3.3.0" ], @@ -23871,20 +23964,20 @@ ], "composer": [ { - "advisory": "Composer 0.13.0 updates its dependency 'ipython' to v8.11.0 in Dockerfile to include a security fix.\r\nhttps://github.com/mosaicml/composer/pull/2007", - "cve": "CVE-2023-24816", - "id": "pyup.io-53697", - "more_info_path": "/vulnerabilities/CVE-2023-24816/53697", + "advisory": "Composer 0.13.0 updates its dependency 'pillow' to v9.0.0 in Dockerfile to include security fixes.\r\nhttps://github.com/mosaicml/composer/pull/2007", + "cve": "PVE-2021-44525", + "id": "pyup.io-53693", + "more_info_path": "/vulnerabilities/PVE-2021-44525/53693", "specs": [ "<0.13.0" ], "v": "<0.13.0" }, { - "advisory": "Composer 0.13.0 updates its dependency 'pillow' to v9.0.0 in Dockerfile to include security fixes.\r\nhttps://github.com/mosaicml/composer/pull/2007", - "cve": "PVE-2021-44525", - "id": "pyup.io-53693", - "more_info_path": "/vulnerabilities/PVE-2021-44525/53693", + "advisory": "Composer 0.13.0 updates its dependency 'ipython' to v8.11.0 in Dockerfile to include a security fix.\r\nhttps://github.com/mosaicml/composer/pull/2007", + "cve": "CVE-2023-24816", + "id": "pyup.io-53697", + "more_info_path": "/vulnerabilities/CVE-2023-24816/53697", "specs": [ "<0.13.0" ], @@ -23920,6 +24013,16 @@ ], "v": "<0.13.0" }, + { + "advisory": "Composer 0.13.0 updates its dependency 'pillow' to v9.0.0 in Dockerfile to include security fixes.\r\nhttps://github.com/mosaicml/composer/pull/2007", + "cve": "CVE-2022-22815", + "id": "pyup.io-53687", + "more_info_path": "/vulnerabilities/CVE-2022-22815/53687", + "specs": [ + "<0.13.0" + ], + "v": "<0.13.0" + }, { "advisory": "Composer 0.13.0 updates its dependency 'urllib3' requirement to '>=1.26.5,<2'' in Dockerfile to include a security fix.\r\nhttps://github.com/mosaicml/composer/pull/2007", "cve": "CVE-2021-33503", @@ -23940,16 +24043,6 @@ ], "v": "<0.13.0" }, - { - "advisory": "Composer 0.13.0 updates its dependency 'pillow' to v9.0.0 in Dockerfile to include security fixes.\r\nhttps://github.com/mosaicml/composer/pull/2007", - "cve": "CVE-2022-22815", - "id": "pyup.io-53687", - "more_info_path": "/vulnerabilities/CVE-2022-22815/53687", - "specs": [ - "<0.13.0" - ], - "v": "<0.13.0" - }, { "advisory": "Composer 0.9.0 includes a fix for a Race Condition vulnerability.\r\nhttps://github.com/mosaicml/composer/pull/1328", "cve": "PVE-2023-60601", @@ -23973,20 +24066,20 @@ "v": ">=0" }, { - "advisory": "A security vulnerability affects the composiohq composio library. The vulnerability exists in the path function of the file composio\\server\\api.py. Attackers can manipulate the 'file' argument to achieve path traversal, potentially accessing unauthorized files on the system. This vulnerability has been publicly disclosed and exploits may exist in the wild.", - "cve": "CVE-2024-8865", - "id": "pyup.io-73300", - "more_info_path": "/vulnerabilities/CVE-2024-8865/73300", + "advisory": "A security vulnerability affects the composiohq composio library. The vulnerability exists in the Calculator function of the file python/composio/tools/local/mathematical/actions/calculator.py. Attackers can exploit this vulnerability to perform code injection, potentially executing arbitrary code on the target system. This vulnerability has been publicly disclosed and exploits may exist in the wild.", + "cve": "CVE-2024-8864", + "id": "pyup.io-73301", + "more_info_path": "/vulnerabilities/CVE-2024-8864/73301", "specs": [ ">=0" ], "v": ">=0" }, { - "advisory": "A security vulnerability affects the composiohq composio library. The vulnerability exists in the Calculator function of the file python/composio/tools/local/mathematical/actions/calculator.py. Attackers can exploit this vulnerability to perform code injection, potentially executing arbitrary code on the target system. This vulnerability has been publicly disclosed and exploits may exist in the wild.", - "cve": "CVE-2024-8864", - "id": "pyup.io-73301", - "more_info_path": "/vulnerabilities/CVE-2024-8864/73301", + "advisory": "A security vulnerability affects the composiohq composio library. The vulnerability exists in the path function of the file composio\\server\\api.py. Attackers can manipulate the 'file' argument to achieve path traversal, potentially accessing unauthorized files on the system. This vulnerability has been publicly disclosed and exploits may exist in the wild.", + "cve": "CVE-2024-8865", + "id": "pyup.io-73300", + "more_info_path": "/vulnerabilities/CVE-2024-8865/73300", "specs": [ ">=0" ], @@ -24003,6 +24096,16 @@ "<1.49.0" ], "v": "<1.49.0" + }, + { + "advisory": "Affected versions of the Conan package manager are vulnerable to Improper Authorization (CWE-285). The server's authorization mechanism allowed users to bypass permission checks if the package owner's username matched their own, potentially leading to unauthorized access or modification of packages. This vulnerability can be exploited by any authenticated user who owns a package, resulting in privilege escalation. The affected methods are check_read_conan, check_write_conan, and check_delete_conan in authorize.py, as well as authentication checks in file_downloader.py and file_uploader.py.", + "cve": "PVE-2024-73937", + "id": "pyup.io-73937", + "more_info_path": "/vulnerabilities/PVE-2024-73937/73937", + "specs": [ + "<2.9.0" + ], + "v": "<2.9.0" } ], "concrete-datastore": [ @@ -24301,20 +24404,20 @@ "v": "<1.3.0" }, { - "advisory": "Confluent-kafka 1.4.0 fixes a security issue in the SASL SCRAM protocol handler: If 'sasl.username' and 'sasl.password' contained characters that needed escaping, a buffer overflow and heap corruption would occur. This was protected, but too late, by an assertion.", - "cve": "PVE-2022-48601", - "id": "pyup.io-48601", - "more_info_path": "/vulnerabilities/PVE-2022-48601/48601", + "advisory": "Confluent-kafka 1.4.0 fixes a security issue in the SASL SCRAM protocol handler the client nonce, which is expected to be a random string, was a static string.", + "cve": "PVE-2021-38165", + "id": "pyup.io-38165", + "more_info_path": "/vulnerabilities/PVE-2021-38165/38165", "specs": [ "<1.4.0" ], "v": "<1.4.0" }, { - "advisory": "Confluent-kafka 1.4.0 fixes a security issue in the SASL SCRAM protocol handler the client nonce, which is expected to be a random string, was a static string.", - "cve": "PVE-2021-38165", - "id": "pyup.io-38165", - "more_info_path": "/vulnerabilities/PVE-2021-38165/38165", + "advisory": "Confluent-kafka 1.4.0 fixes a security issue in the SASL SCRAM protocol handler: If 'sasl.username' and 'sasl.password' contained characters that needed escaping, a buffer overflow and heap corruption would occur. This was protected, but too late, by an assertion.", + "cve": "PVE-2022-48601", + "id": "pyup.io-48601", + "more_info_path": "/vulnerabilities/PVE-2022-48601/48601", "specs": [ "<1.4.0" ], @@ -24358,9 +24461,9 @@ "connect-sdk-python2": [ { "advisory": "Connect-sdk-python2 3.33.0 updates the minimum 'requests' version from 2.20.0 to 2.25.0, as earlier versions depend on a vulnerable 'urllib3' version.", - "cve": "CVE-2021-33503", - "id": "pyup.io-51387", - "more_info_path": "/vulnerabilities/CVE-2021-33503/51387", + "cve": "CVE-2020-26137", + "id": "pyup.io-51386", + "more_info_path": "/vulnerabilities/CVE-2020-26137/51386", "specs": [ "<3.33.0" ], @@ -24368,9 +24471,9 @@ }, { "advisory": "Connect-sdk-python2 3.33.0 updates the minimum 'requests' version from 2.20.0 to 2.25.0, as earlier versions depend on a vulnerable 'urllib3' version.", - "cve": "CVE-2019-11236", - "id": "pyup.io-51384", - "more_info_path": "/vulnerabilities/CVE-2019-11236/51384", + "cve": "CVE-2019-11324", + "id": "pyup.io-51385", + "more_info_path": "/vulnerabilities/CVE-2019-11324/51385", "specs": [ "<3.33.0" ], @@ -24388,9 +24491,9 @@ }, { "advisory": "Connect-sdk-python2 3.33.0 updates the minimum 'requests' version from 2.20.0 to 2.25.0, as earlier versions depend on a vulnerable 'urllib3' version.", - "cve": "CVE-2019-11324", - "id": "pyup.io-51385", - "more_info_path": "/vulnerabilities/CVE-2019-11324/51385", + "cve": "CVE-2019-11236", + "id": "pyup.io-51384", + "more_info_path": "/vulnerabilities/CVE-2019-11236/51384", "specs": [ "<3.33.0" ], @@ -24398,9 +24501,9 @@ }, { "advisory": "Connect-sdk-python2 3.33.0 updates the minimum 'requests' version from 2.20.0 to 2.25.0, as earlier versions depend on a vulnerable 'urllib3' version.", - "cve": "CVE-2020-26137", - "id": "pyup.io-51386", - "more_info_path": "/vulnerabilities/CVE-2020-26137/51386", + "cve": "CVE-2021-33503", + "id": "pyup.io-51387", + "more_info_path": "/vulnerabilities/CVE-2021-33503/51387", "specs": [ "<3.33.0" ], @@ -24410,9 +24513,9 @@ "connect-sdk-python3": [ { "advisory": "Connect-sdk-python3 3.33.0 updates the minimum 'requests' version from 2.20.0 to 2.25.0, as earlier versions depend on a vulnerable 'urllib3' version.", - "cve": "CVE-2018-20060", - "id": "pyup.io-51383", - "more_info_path": "/vulnerabilities/CVE-2018-20060/51383", + "cve": "CVE-2020-26137", + "id": "pyup.io-51380", + "more_info_path": "/vulnerabilities/CVE-2020-26137/51380", "specs": [ "<3.33.0" ], @@ -24420,9 +24523,9 @@ }, { "advisory": "Connect-sdk-python3 3.33.0 updates the minimum 'requests' version from 2.20.0 to 2.25.0, as earlier versions depend on a vulnerable 'urllib3' version.", - "cve": "CVE-2021-33503", - "id": "pyup.io-51360", - "more_info_path": "/vulnerabilities/CVE-2021-33503/51360", + "cve": "CVE-2019-11236", + "id": "pyup.io-51382", + "more_info_path": "/vulnerabilities/CVE-2019-11236/51382", "specs": [ "<3.33.0" ], @@ -24440,9 +24543,9 @@ }, { "advisory": "Connect-sdk-python3 3.33.0 updates the minimum 'requests' version from 2.20.0 to 2.25.0, as earlier versions depend on a vulnerable 'urllib3' version.", - "cve": "CVE-2019-11236", - "id": "pyup.io-51382", - "more_info_path": "/vulnerabilities/CVE-2019-11236/51382", + "cve": "CVE-2018-20060", + "id": "pyup.io-51383", + "more_info_path": "/vulnerabilities/CVE-2018-20060/51383", "specs": [ "<3.33.0" ], @@ -24450,9 +24553,9 @@ }, { "advisory": "Connect-sdk-python3 3.33.0 updates the minimum 'requests' version from 2.20.0 to 2.25.0, as earlier versions depend on a vulnerable 'urllib3' version.", - "cve": "CVE-2020-26137", - "id": "pyup.io-51380", - "more_info_path": "/vulnerabilities/CVE-2020-26137/51380", + "cve": "CVE-2021-33503", + "id": "pyup.io-51360", + "more_info_path": "/vulnerabilities/CVE-2021-33503/51360", "specs": [ "<3.33.0" ], @@ -24952,16 +25055,6 @@ } ], "crate-docs-theme": [ - { - "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'bootstrap' to v4.5.3 to include security fixes.", - "cve": "CVE-2018-14042", - "id": "pyup.io-49067", - "more_info_path": "/vulnerabilities/CVE-2018-14042/49067", - "specs": [ - "<0.13.0" - ], - "v": "<0.13.0" - }, { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'bootstrap' to v4.5.3 to include security fixes.", "cve": "CVE-2018-14040", @@ -24972,21 +25065,11 @@ ], "v": "<0.13.0" }, - { - "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'bootstrap' to v4.5.3 to include security fixes.", - "cve": "CVE-2016-10735", - "id": "pyup.io-49068", - "more_info_path": "/vulnerabilities/CVE-2016-10735/49068", - "specs": [ - "<0.13.0" - ], - "v": "<0.13.0" - }, { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", - "cve": "CVE-2020-7656", - "id": "pyup.io-49062", - "more_info_path": "/vulnerabilities/CVE-2020-7656/49062", + "cve": "CVE-2019-11358", + "id": "pyup.io-49060", + "more_info_path": "/vulnerabilities/CVE-2019-11358/49060", "specs": [ "<0.13.0" ], @@ -24994,19 +25077,19 @@ }, { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", - "cve": "CVE-2012-6708", - "id": "pyup.io-49057", - "more_info_path": "/vulnerabilities/CVE-2012-6708/49057", + "cve": "CVE-2019-11358", + "id": "pyup.io-49061", + "more_info_path": "/vulnerabilities/CVE-2019-11358/49061", "specs": [ "<0.13.0" ], "v": "<0.13.0" }, { - "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", - "cve": "CVE-2019-11358", - "id": "pyup.io-49061", - "more_info_path": "/vulnerabilities/CVE-2019-11358/49061", + "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'bootstrap' to v4.5.3 to include security fixes.", + "cve": "CVE-2018-14042", + "id": "pyup.io-49067", + "more_info_path": "/vulnerabilities/CVE-2018-14042/49067", "specs": [ "<0.13.0" ], @@ -25024,9 +25107,9 @@ }, { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", - "cve": "CVE-2011-4969", - "id": "pyup.io-39529", - "more_info_path": "/vulnerabilities/CVE-2011-4969/39529", + "cve": "CVE-2020-7656", + "id": "pyup.io-49062", + "more_info_path": "/vulnerabilities/CVE-2020-7656/49062", "specs": [ "<0.13.0" ], @@ -25034,9 +25117,9 @@ }, { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'bootstrap' to v4.5.3 to include security fixes.", - "cve": "CVE-2019-8331", - "id": "pyup.io-49063", - "more_info_path": "/vulnerabilities/CVE-2019-8331/49063", + "cve": "CVE-2016-10735", + "id": "pyup.io-49068", + "more_info_path": "/vulnerabilities/CVE-2016-10735/49068", "specs": [ "<0.13.0" ], @@ -25044,9 +25127,9 @@ }, { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", - "cve": "CVE-2019-11358", - "id": "pyup.io-49060", - "more_info_path": "/vulnerabilities/CVE-2019-11358/49060", + "cve": "CVE-2015-9251", + "id": "pyup.io-49058", + "more_info_path": "/vulnerabilities/CVE-2015-9251/49058", "specs": [ "<0.13.0" ], @@ -25054,9 +25137,19 @@ }, { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", - "cve": "CVE-2015-9251", - "id": "pyup.io-49059", - "more_info_path": "/vulnerabilities/CVE-2015-9251/49059", + "cve": "CVE-2011-4969", + "id": "pyup.io-39529", + "more_info_path": "/vulnerabilities/CVE-2011-4969/39529", + "specs": [ + "<0.13.0" + ], + "v": "<0.13.0" + }, + { + "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'bootstrap' to v4.5.3 to include security fixes.", + "cve": "CVE-2019-8331", + "id": "pyup.io-49063", + "more_info_path": "/vulnerabilities/CVE-2019-8331/49063", "specs": [ "<0.13.0" ], @@ -25072,6 +25165,16 @@ ], "v": "<0.13.0" }, + { + "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", + "cve": "CVE-2012-6708", + "id": "pyup.io-49057", + "more_info_path": "/vulnerabilities/CVE-2012-6708/49057", + "specs": [ + "<0.13.0" + ], + "v": "<0.13.0" + }, { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", "cve": "CVE-2012-6708", @@ -25085,8 +25188,8 @@ { "advisory": "Crate-docs-theme 0.13.0 updates its NPM dependency 'jquery' to v3.5.1 to include security fixes.", "cve": "CVE-2015-9251", - "id": "pyup.io-49058", - "more_info_path": "/vulnerabilities/CVE-2015-9251/49058", + "id": "pyup.io-49059", + "more_info_path": "/vulnerabilities/CVE-2015-9251/49059", "specs": [ "<0.13.0" ], @@ -25437,6 +25540,16 @@ ], "v": "<39.0.1" }, + { + "advisory": "Cryptography 39.0.1 includes a fix for CVE-2022-3996, a DoS vulnerability affecting openssl.\r\nhttps://github.com/pyca/cryptography/issues/7940", + "cve": "CVE-2022-3996", + "id": "pyup.io-53298", + "more_info_path": "/vulnerabilities/CVE-2022-3996/53298", + "specs": [ + "<39.0.1" + ], + "v": "<39.0.1" + }, { "advisory": "Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.\r\nhttps://github.com/pyca/cryptography/issues/8229", "cve": "CVE-2022-4203", @@ -25457,16 +25570,6 @@ ], "v": "<39.0.1" }, - { - "advisory": "Cryptography 39.0.1 includes a fix for CVE-2022-3996, a DoS vulnerability affecting openssl.\r\nhttps://github.com/pyca/cryptography/issues/7940", - "cve": "CVE-2022-3996", - "id": "pyup.io-53298", - "more_info_path": "/vulnerabilities/CVE-2022-3996/53298", - "specs": [ - "<39.0.1" - ], - "v": "<39.0.1" - }, { "advisory": "Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.\r\nhttps://github.com/pyca/cryptography/issues/8229", "cve": "CVE-2022-4304", @@ -25678,7 +25781,7 @@ "v": ">=3.1,<41.0.6" }, { - "advisory": "Checking excessively long invalid RSA public keys may take a long time. Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions however it is called from the OpenSSL pkey command line application. For that reason that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", + "advisory": "Checking excessively long invalid RSA public keys may take a long time. Applications that use the function EVP_PKEY_public_check() to check RSA public keys may experience long delays. Where the key that is being checked has been obtained from an untrusted source, this may lead to a Denial of Service. When function EVP_PKEY_public_check() is called on RSA public keys, a computation is done to confirm that the RSA modulus, n, is composite. For valid RSA keys, n is a product of two or more large primes and this computation completes quickly. However, if n is an overly large prime, then this computation would take a long time. An application that calls EVP_PKEY_public_check() and supplies an RSA key obtained from an untrusted source could be vulnerable to a Denial of Service attack. The function EVP_PKEY_public_check() is not called from other OpenSSL functions, however it is called from the OpenSSL pkey command line application. For that reason, that application is also vulnerable if used with the '-pubin' and '-check' options on untrusted data. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are affected by this issue.", "cve": "CVE-2023-6237", "id": "pyup.io-66777", "more_info_path": "/vulnerabilities/CVE-2023-6237/66777", @@ -25727,6 +25830,16 @@ ], "v": ">=37.0.0,<38.0.3" }, + { + "advisory": "Affected versions of Cryptography have a vulnerable statically linked copy of OpenSSL included in cryptography wheels.", + "cve": "PVE-2024-73711", + "id": "pyup.io-73711", + "more_info_path": "/vulnerabilities/PVE-2024-73711/73711", + "specs": [ + ">=37.0.0,<43.0.1" + ], + "v": ">=37.0.0,<43.0.1" + }, { "advisory": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Starting in version 38.0.0 and before version 42.0.4, if `pkcs12.serialize_key_and_certificates` is called with both a certificate whose public key did not match the provided private key and an `encryption_algorithm` with `hmac_hash` set (via `PrivateFormat.PKCS12.encryption_builder().hmac_hash(...)`, then a NULL pointer dereference would occur, crashing the Python process. This has been resolved in version 42.0.4, the first version in which a `ValueError` is properly raised.", "cve": "CVE-2024-26130", @@ -26794,9 +26907,9 @@ "dagster-cloud": [ { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-2509", - "id": "pyup.io-52163", - "more_info_path": "/vulnerabilities/CVE-2022-2509/52163", + "cve": "CVE-2022-0778", + "id": "pyup.io-52165", + "more_info_path": "/vulnerabilities/CVE-2022-0778/52165", "specs": [ "<1.1.4" ], @@ -26804,9 +26917,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2021-33574", - "id": "pyup.io-52153", - "more_info_path": "/vulnerabilities/CVE-2021-33574/52153", + "cve": "CVE-2021-46828", + "id": "pyup.io-52164", + "more_info_path": "/vulnerabilities/CVE-2021-46828/52164", "specs": [ "<1.1.4" ], @@ -26814,9 +26927,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-1587", - "id": "pyup.io-52157", - "more_info_path": "/vulnerabilities/CVE-2022-1587/52157", + "cve": "CVE-2022-1664", + "id": "pyup.io-52146", + "more_info_path": "/vulnerabilities/CVE-2022-1664/52146", "specs": [ "<1.1.4" ], @@ -26824,9 +26937,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-1664", - "id": "pyup.io-52146", - "more_info_path": "/vulnerabilities/CVE-2022-1664/52146", + "cve": "CVE-2018-25032", + "id": "pyup.io-52166", + "more_info_path": "/vulnerabilities/CVE-2018-25032/52166", "specs": [ "<1.1.4" ], @@ -26834,9 +26947,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2021-3999", - "id": "pyup.io-52160", - "more_info_path": "/vulnerabilities/CVE-2021-3999/52160", + "cve": "CVE-2022-2509", + "id": "pyup.io-52163", + "more_info_path": "/vulnerabilities/CVE-2022-2509/52163", "specs": [ "<1.1.4" ], @@ -26854,9 +26967,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2018-25032", - "id": "pyup.io-52166", - "more_info_path": "/vulnerabilities/CVE-2018-25032/52166", + "cve": "CVE-2021-33574", + "id": "pyup.io-52153", + "more_info_path": "/vulnerabilities/CVE-2021-33574/52153", "specs": [ "<1.1.4" ], @@ -26864,9 +26977,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-1292", - "id": "pyup.io-52154", - "more_info_path": "/vulnerabilities/CVE-2022-1292/52154", + "cve": "CVE-2021-3999", + "id": "pyup.io-52160", + "more_info_path": "/vulnerabilities/CVE-2021-3999/52160", "specs": [ "<1.1.4" ], @@ -26874,9 +26987,19 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-1271", - "id": "pyup.io-52159", - "more_info_path": "/vulnerabilities/CVE-2022-1271/52159", + "cve": "CVE-2022-1587", + "id": "pyup.io-52157", + "more_info_path": "/vulnerabilities/CVE-2022-1587/52157", + "specs": [ + "<1.1.4" + ], + "v": "<1.1.4" + }, + { + "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", + "cve": "CVE-2021-3997", + "id": "pyup.io-52170", + "more_info_path": "/vulnerabilities/CVE-2021-3997/52170", "specs": [ "<1.1.4" ], @@ -26894,9 +27017,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2021-46828", - "id": "pyup.io-52164", - "more_info_path": "/vulnerabilities/CVE-2021-46828/52164", + "cve": "CVE-2022-1292", + "id": "pyup.io-52154", + "more_info_path": "/vulnerabilities/CVE-2022-1292/52154", "specs": [ "<1.1.4" ], @@ -26904,9 +27027,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-0778", - "id": "pyup.io-52165", - "more_info_path": "/vulnerabilities/CVE-2022-0778/52165", + "cve": "CVE-2022-1586", + "id": "pyup.io-52158", + "more_info_path": "/vulnerabilities/CVE-2022-1586/52158", "specs": [ "<1.1.4" ], @@ -26914,9 +27037,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2021-3997", - "id": "pyup.io-52170", - "more_info_path": "/vulnerabilities/CVE-2021-3997/52170", + "cve": "CVE-2022-1271", + "id": "pyup.io-52159", + "more_info_path": "/vulnerabilities/CVE-2022-1271/52159", "specs": [ "<1.1.4" ], @@ -26934,9 +27057,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-23218", - "id": "pyup.io-52152", - "more_info_path": "/vulnerabilities/CVE-2022-23218/52152", + "cve": "CVE-2022-40674", + "id": "pyup.io-52150", + "more_info_path": "/vulnerabilities/CVE-2022-40674/52150", "specs": [ "<1.1.4" ], @@ -26944,9 +27067,9 @@ }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-1586", - "id": "pyup.io-52158", - "more_info_path": "/vulnerabilities/CVE-2022-1586/52158", + "cve": "CVE-2022-23218", + "id": "pyup.io-52152", + "more_info_path": "/vulnerabilities/CVE-2022-23218/52152", "specs": [ "<1.1.4" ], @@ -26972,16 +27095,6 @@ ], "v": "<1.1.4" }, - { - "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", - "cve": "CVE-2022-40674", - "id": "pyup.io-52150", - "more_info_path": "/vulnerabilities/CVE-2022-40674/52150", - "specs": [ - "<1.1.4" - ], - "v": "<1.1.4" - }, { "advisory": "Dagster-cloud 1.1.4 updates 'dagster/dagster-cloud-agent' Docker image\u2019s base to 'python:3.8.15-slim' to include security fixes.", "cve": "CVE-2021-4209", @@ -27111,9 +27224,9 @@ "dapla-toolbelt-pseudo": [ { "advisory": "Dapla-toolbelt-pseudo 0.2.1 updates its dependency 'cryptography' to v39.0.1 to include security fixes.", - "cve": "CVE-2023-0401", - "id": "pyup.io-53714", - "more_info_path": "/vulnerabilities/CVE-2023-0401/53714", + "cve": "CVE-2023-0286", + "id": "pyup.io-53733", + "more_info_path": "/vulnerabilities/CVE-2023-0286/53733", "specs": [ "<0.2.1" ], @@ -27131,9 +27244,9 @@ }, { "advisory": "Dapla-toolbelt-pseudo 0.2.1 updates its dependency 'cryptography' to v39.0.1 to include security fixes.", - "cve": "CVE-2023-0286", - "id": "pyup.io-53733", - "more_info_path": "/vulnerabilities/CVE-2023-0286/53733", + "cve": "CVE-2023-0401", + "id": "pyup.io-53714", + "more_info_path": "/vulnerabilities/CVE-2023-0401/53714", "specs": [ "<0.2.1" ], @@ -27141,9 +27254,9 @@ }, { "advisory": "Dapla-toolbelt-pseudo 0.2.1 updates its dependency 'cryptography' to v39.0.1 to include security fixes.", - "cve": "CVE-2022-4450", - "id": "pyup.io-53735", - "more_info_path": "/vulnerabilities/CVE-2022-4450/53735", + "cve": "CVE-2023-0215", + "id": "pyup.io-53731", + "more_info_path": "/vulnerabilities/CVE-2023-0215/53731", "specs": [ "<0.2.1" ], @@ -27151,9 +27264,9 @@ }, { "advisory": "Dapla-toolbelt-pseudo 0.2.1 updates its dependency 'cryptography' to v39.0.1 to include security fixes.", - "cve": "CVE-2023-0217", - "id": "pyup.io-53732", - "more_info_path": "/vulnerabilities/CVE-2023-0217/53732", + "cve": "CVE-2022-4304", + "id": "pyup.io-53734", + "more_info_path": "/vulnerabilities/CVE-2022-4304/53734", "specs": [ "<0.2.1" ], @@ -27161,9 +27274,9 @@ }, { "advisory": "Dapla-toolbelt-pseudo 0.2.1 updates its dependency 'cryptography' to v39.0.1 to include security fixes.", - "cve": "CVE-2022-4304", - "id": "pyup.io-53734", - "more_info_path": "/vulnerabilities/CVE-2022-4304/53734", + "cve": "CVE-2023-0217", + "id": "pyup.io-53732", + "more_info_path": "/vulnerabilities/CVE-2023-0217/53732", "specs": [ "<0.2.1" ], @@ -27171,9 +27284,9 @@ }, { "advisory": "Dapla-toolbelt-pseudo 0.2.1 updates its dependency 'cryptography' to v39.0.1 to include security fixes.", - "cve": "CVE-2023-0215", - "id": "pyup.io-53731", - "more_info_path": "/vulnerabilities/CVE-2023-0215/53731", + "cve": "CVE-2022-4450", + "id": "pyup.io-53735", + "more_info_path": "/vulnerabilities/CVE-2022-4450/53735", "specs": [ "<0.2.1" ], @@ -27821,6 +27934,18 @@ "v": "<0.7.2" } ], + "dataplaybook": [ + { + "advisory": "Dataplaybook has updated its pyyaml dependency from >=3.11,<4 to pyyaml>=4.2b1,<5 in response to CVE-2017-18342.", + "cve": "CVE-2017-18342", + "id": "pyup.io-73539", + "more_info_path": "/vulnerabilities/CVE-2017-18342/73539", + "specs": [ + "<1.0.2" + ], + "v": "<1.0.2" + } + ], "datasets": [ { "advisory": "Datasets version 2.14.7 updates its dependency to include pyarrow version 14.0.1. This update addresses the security vulnerability CVE-2023-47248.\r\nhttps://github.com/huggingface/datasets/pull/6404/commits/04a3f006a1a88c894ea10610d66dfddd73ad1490", @@ -29076,6 +29201,16 @@ ], "v": "<1.8.0b3" }, + { + "advisory": "Affected versions of the dbt package are potentially vulnerable to Improper Access Control (CWE-284). The documentation server (ServeTask) binds to all network interfaces, which allows remote attackers to connect and potentially exploit the server. The vulnerable function is the TCPServer configuration in serve.py. This flaw can be exploited remotely, depending on the network configuration, leading to unauthorized access. To mitigate this issue, the server bound to 127.0.0.1, limiting access to localhost.", + "cve": "PVE-2024-73530", + "id": "pyup.io-73530", + "more_info_path": "/vulnerabilities/PVE-2024-73530/73530", + "specs": [ + "<1.9.0b1" + ], + "v": "<1.9.0b1" + }, { "advisory": "Affected versions of dbt-core are vulnerable to the clear text storage of sensitive information. The vulnerability arises when the software is used to pull source code from a private repository with a Personal Access Token (PAT), resulting in the PAT being written in plain text to the package-lock.yml file. This issue threatens the security of selected versions of dbt-core, specifically when interacting with private repositories.\r\nhttps://github.com/dbt-labs/dbt-core/commit/09f5bb3dcffeda7a60ad2b22c2891f237628ecd1", "cve": "PVE-2024-99810", @@ -29245,6 +29380,18 @@ "v": "<0.8.16" } ], + "dcicutils": [ + { + "advisory": "Dcicutils 8.16.1 updates its dependency 'cryptography' to v43.0.1 to include a security fix.", + "cve": "CVE-2023-50782", + "id": "pyup.io-73682", + "more_info_path": "/vulnerabilities/CVE-2023-50782/73682", + "specs": [ + "<8.16.1" + ], + "v": "<8.16.1" + } + ], "dcnnt": [ { "advisory": "A critical vulnerability has been identified in cyanomiko dcnnt-py affecting the Notification Handler component in the function main of the file dcnnt/plugins/notifications.py. This vulnerability allows for command injection, enabling remote attackers to execute arbitrary commands on the affected system.", @@ -29334,9 +29481,9 @@ }, { "advisory": "Dds-cli 2.2.2 updates its dependency 'cryptography to v38.0.3 to include security fixes.", - "cve": "CVE-2022-3786", - "id": "pyup.io-61432", - "more_info_path": "/vulnerabilities/CVE-2022-3786/61432", + "cve": "CVE-2022-3602", + "id": "pyup.io-61417", + "more_info_path": "/vulnerabilities/CVE-2022-3602/61417", "specs": [ "<2.2.2" ], @@ -29344,9 +29491,9 @@ }, { "advisory": "Dds-cli 2.2.2 updates its dependency 'cryptography to v38.0.3 to include security fixes.", - "cve": "CVE-2022-3602", - "id": "pyup.io-61417", - "more_info_path": "/vulnerabilities/CVE-2022-3602/61417", + "cve": "CVE-2022-3786", + "id": "pyup.io-61432", + "more_info_path": "/vulnerabilities/CVE-2022-3786/61432", "specs": [ "<2.2.2" ], @@ -30474,16 +30621,6 @@ ], "v": "<0.10.0rc1" }, - { - "advisory": "Deepcell 0.10.0rc1 updates its dependency 'TensorFlow' to v2.5.1 to include security fixes.", - "cve": "CVE-2021-29544", - "id": "pyup.io-48768", - "more_info_path": "/vulnerabilities/CVE-2021-29544/48768", - "specs": [ - "<0.10.0rc1" - ], - "v": "<0.10.0rc1" - }, { "advisory": "Deepcell 0.10.0rc1 updates its dependency 'TensorFlow' to v2.5.1 to include security fixes.", "cve": "CVE-2021-29542", @@ -31344,6 +31481,16 @@ ], "v": "<0.10.0rc1" }, + { + "advisory": "Deepcell 0.10.0rc1 updates its dependency 'TensorFlow' to v2.5.1 to include security fixes.", + "cve": "CVE-2021-29544", + "id": "pyup.io-48768", + "more_info_path": "/vulnerabilities/CVE-2021-29544/48768", + "specs": [ + "<0.10.0rc1" + ], + "v": "<0.10.0rc1" + }, { "advisory": "Deepcell 0.12.0rc0 updates its dependency 'TensorFlow' to v2.8.0 to include security fixes.", "cve": "CVE-2022-23560", @@ -33065,6 +33212,18 @@ "v": "<0.6.2" } ], + "deepspeed": [ + { + "advisory": "Affected versions of DeepSpeed are vulnerable to Command Injection \u2014 CWE-78. The attack can be performed by injecting malicious input into parameters that are passed to subprocess calls with shell=True. Vulnerable functions include multiple instances where subprocess.run() and subprocess.check_output() are called with unsanitized input and shell=True. To exploit this vulnerability, an attacker would need to supply specially crafted input to these functions, which could be possible in environments where user input is processed. To mitigate this issue, users should update to the version of DeepSpeed where these subprocess calls have been secured by removing shell=True and properly handling command arguments.", + "cve": "PVE-2024-73647", + "id": "pyup.io-73647", + "more_info_path": "/vulnerabilities/PVE-2024-73647/73647", + "specs": [ + "<0.15.2" + ], + "v": "<0.15.2" + } + ], "definitions": [ { "advisory": "There is a vulnerability in load() method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution.", @@ -33458,9 +33617,9 @@ }, { "advisory": "Determined 0.17.0rc0 switches from debian:10.3-slim to ubuntu:20.04 and unattended-upgrades, to fix security issues.\r\nhttps://github.com/determined-ai/determined/pull/2914", - "cve": "CVE-2019-17543", - "id": "pyup.io-45577", - "more_info_path": "/vulnerabilities/CVE-2019-17543/45577", + "cve": "CVE-2018-12886", + "id": "pyup.io-42148", + "more_info_path": "/vulnerabilities/CVE-2018-12886/42148", "specs": [ "<0.17.0rc0" ], @@ -33468,9 +33627,9 @@ }, { "advisory": "Determined 0.17.0rc0 switches from debian:10.3-slim to ubuntu:20.04 and unattended-upgrades, to fix security issues.\r\nhttps://github.com/determined-ai/determined/pull/2914", - "cve": "CVE-2018-12886", - "id": "pyup.io-42148", - "more_info_path": "/vulnerabilities/CVE-2018-12886/42148", + "cve": "CVE-2019-17543", + "id": "pyup.io-45577", + "more_info_path": "/vulnerabilities/CVE-2019-17543/45577", "specs": [ "<0.17.0rc0" ], @@ -33486,16 +33645,6 @@ ], "v": "<0.17.4rc0" }, - { - "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41215", - "id": "pyup.io-43333", - "more_info_path": "/vulnerabilities/CVE-2021-41215/43333", - "specs": [ - "<0.17.4rc0" - ], - "v": "<0.17.4rc0" - }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", "cve": "CVE-2021-41217", @@ -33506,16 +33655,6 @@ ], "v": "<0.17.4rc0" }, - { - "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41198", - "id": "pyup.io-43344", - "more_info_path": "/vulnerabilities/CVE-2021-41198/43344", - "specs": [ - "<0.17.4rc0" - ], - "v": "<0.17.4rc0" - }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", "cve": "CVE-2021-41207", @@ -33536,26 +33675,6 @@ ], "v": "<0.17.4rc0" }, - { - "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41204", - "id": "pyup.io-43327", - "more_info_path": "/vulnerabilities/CVE-2021-41204/43327", - "specs": [ - "<0.17.4rc0" - ], - "v": "<0.17.4rc0" - }, - { - "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41206", - "id": "pyup.io-43335", - "more_info_path": "/vulnerabilities/CVE-2021-41206/43335", - "specs": [ - "<0.17.4rc0" - ], - "v": "<0.17.4rc0" - }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", "cve": "CVE-2021-41197", @@ -33588,9 +33707,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41228", - "id": "pyup.io-43328", - "more_info_path": "/vulnerabilities/CVE-2021-41228/43328", + "cve": "CVE-2021-41210", + "id": "pyup.io-43338", + "more_info_path": "/vulnerabilities/CVE-2021-41210/43338", "specs": [ "<0.17.4rc0" ], @@ -33598,9 +33717,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41218", - "id": "pyup.io-43331", - "more_info_path": "/vulnerabilities/CVE-2021-41218/43331", + "cve": "CVE-2021-41213", + "id": "pyup.io-43326", + "more_info_path": "/vulnerabilities/CVE-2021-41213/43326", "specs": [ "<0.17.4rc0" ], @@ -33608,9 +33727,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41222", - "id": "pyup.io-43329", - "more_info_path": "/vulnerabilities/CVE-2021-41222/43329", + "cve": "CVE-2021-41216", + "id": "pyup.io-43332", + "more_info_path": "/vulnerabilities/CVE-2021-41216/43332", "specs": [ "<0.17.4rc0" ], @@ -33618,9 +33737,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41203", - "id": "pyup.io-43316", - "more_info_path": "/vulnerabilities/CVE-2021-41203/43316", + "cve": "CVE-2021-41226", + "id": "pyup.io-43322", + "more_info_path": "/vulnerabilities/CVE-2021-41226/43322", "specs": [ "<0.17.4rc0" ], @@ -33628,9 +33747,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41195", - "id": "pyup.io-43343", - "more_info_path": "/vulnerabilities/CVE-2021-41195/43343", + "cve": "CVE-2021-41205", + "id": "pyup.io-43336", + "more_info_path": "/vulnerabilities/CVE-2021-41205/43336", "specs": [ "<0.17.4rc0" ], @@ -33638,9 +33757,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41213", - "id": "pyup.io-43326", - "more_info_path": "/vulnerabilities/CVE-2021-41213/43326", + "cve": "CVE-2021-41202", + "id": "pyup.io-43340", + "more_info_path": "/vulnerabilities/CVE-2021-41202/43340", "specs": [ "<0.17.4rc0" ], @@ -33648,9 +33767,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41221", - "id": "pyup.io-43324", - "more_info_path": "/vulnerabilities/CVE-2021-41221/43324", + "cve": "CVE-2021-41228", + "id": "pyup.io-43328", + "more_info_path": "/vulnerabilities/CVE-2021-41228/43328", "specs": [ "<0.17.4rc0" ], @@ -33658,9 +33777,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41216", - "id": "pyup.io-43332", - "more_info_path": "/vulnerabilities/CVE-2021-41216/43332", + "cve": "CVE-2021-41222", + "id": "pyup.io-43329", + "more_info_path": "/vulnerabilities/CVE-2021-41222/43329", "specs": [ "<0.17.4rc0" ], @@ -33668,9 +33787,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41209", - "id": "pyup.io-43325", - "more_info_path": "/vulnerabilities/CVE-2021-41209/43325", + "cve": "CVE-2021-41203", + "id": "pyup.io-43316", + "more_info_path": "/vulnerabilities/CVE-2021-41203/43316", "specs": [ "<0.17.4rc0" ], @@ -33678,9 +33797,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41210", - "id": "pyup.io-43338", - "more_info_path": "/vulnerabilities/CVE-2021-41210/43338", + "cve": "CVE-2021-41209", + "id": "pyup.io-43325", + "more_info_path": "/vulnerabilities/CVE-2021-41209/43325", "specs": [ "<0.17.4rc0" ], @@ -33688,9 +33807,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41226", - "id": "pyup.io-43322", - "more_info_path": "/vulnerabilities/CVE-2021-41226/43322", + "cve": "CVE-2021-41208", + "id": "pyup.io-43334", + "more_info_path": "/vulnerabilities/CVE-2021-41208/43334", "specs": [ "<0.17.4rc0" ], @@ -33698,9 +33817,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41205", - "id": "pyup.io-43336", - "more_info_path": "/vulnerabilities/CVE-2021-41205/43336", + "cve": "CVE-2021-41199", + "id": "pyup.io-42944", + "more_info_path": "/vulnerabilities/CVE-2021-41199/42944", "specs": [ "<0.17.4rc0" ], @@ -33718,9 +33837,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41202", - "id": "pyup.io-43340", - "more_info_path": "/vulnerabilities/CVE-2021-41202/43340", + "cve": "CVE-2021-41215", + "id": "pyup.io-43333", + "more_info_path": "/vulnerabilities/CVE-2021-41215/43333", "specs": [ "<0.17.4rc0" ], @@ -33728,9 +33847,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41224", - "id": "pyup.io-43330", - "more_info_path": "/vulnerabilities/CVE-2021-41224/43330", + "cve": "CVE-2021-41198", + "id": "pyup.io-43344", + "more_info_path": "/vulnerabilities/CVE-2021-41198/43344", "specs": [ "<0.17.4rc0" ], @@ -33738,9 +33857,49 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41208", - "id": "pyup.io-43334", - "more_info_path": "/vulnerabilities/CVE-2021-41208/43334", + "cve": "CVE-2021-41204", + "id": "pyup.io-43327", + "more_info_path": "/vulnerabilities/CVE-2021-41204/43327", + "specs": [ + "<0.17.4rc0" + ], + "v": "<0.17.4rc0" + }, + { + "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", + "cve": "CVE-2021-41206", + "id": "pyup.io-43335", + "more_info_path": "/vulnerabilities/CVE-2021-41206/43335", + "specs": [ + "<0.17.4rc0" + ], + "v": "<0.17.4rc0" + }, + { + "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", + "cve": "CVE-2021-41218", + "id": "pyup.io-43331", + "more_info_path": "/vulnerabilities/CVE-2021-41218/43331", + "specs": [ + "<0.17.4rc0" + ], + "v": "<0.17.4rc0" + }, + { + "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", + "cve": "CVE-2021-41195", + "id": "pyup.io-43343", + "more_info_path": "/vulnerabilities/CVE-2021-41195/43343", + "specs": [ + "<0.17.4rc0" + ], + "v": "<0.17.4rc0" + }, + { + "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", + "cve": "CVE-2021-41221", + "id": "pyup.io-43324", + "more_info_path": "/vulnerabilities/CVE-2021-41221/43324", "specs": [ "<0.17.4rc0" ], @@ -33758,9 +33917,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41200", - "id": "pyup.io-43317", - "more_info_path": "/vulnerabilities/CVE-2021-41200/43317", + "cve": "CVE-2021-41224", + "id": "pyup.io-43330", + "more_info_path": "/vulnerabilities/CVE-2021-41224/43330", "specs": [ "<0.17.4rc0" ], @@ -33768,9 +33927,9 @@ }, { "advisory": "Determined 0.17.4rc0 includes images updates (to Tensorflow v2.4.4, v2.5.2 and v2.6.2) to include security fixes.", - "cve": "CVE-2021-41199", - "id": "pyup.io-42944", - "more_info_path": "/vulnerabilities/CVE-2021-41199/42944", + "cve": "CVE-2021-41200", + "id": "pyup.io-43317", + "more_info_path": "/vulnerabilities/CVE-2021-41200/43317", "specs": [ "<0.17.4rc0" ], @@ -33798,9 +33957,9 @@ }, { "advisory": "Determined 0.17.6 updates env images to include security fixes.\r\nhttps://github.com/determined-ai/determined/pull/3415/commits/18fc5278cd589089dd753f687ec606499117029d", - "cve": "CVE-2019-14234", - "id": "pyup.io-54970", - "more_info_path": "/vulnerabilities/CVE-2019-14234/54970", + "cve": "CVE-2020-10108", + "id": "pyup.io-44642", + "more_info_path": "/vulnerabilities/CVE-2020-10108/44642", "specs": [ "<0.17.6" ], @@ -33808,9 +33967,9 @@ }, { "advisory": "Determined 0.17.6 updates env images to include security fixes.\r\nhttps://github.com/determined-ai/determined/pull/3415/commits/18fc5278cd589089dd753f687ec606499117029d", - "cve": "CVE-2020-7471", - "id": "pyup.io-54968", - "more_info_path": "/vulnerabilities/CVE-2020-7471/54968", + "cve": "CVE-2020-10109", + "id": "pyup.io-54967", + "more_info_path": "/vulnerabilities/CVE-2020-10109/54967", "specs": [ "<0.17.6" ], @@ -33818,9 +33977,9 @@ }, { "advisory": "Determined 0.17.6 updates env images to include security fixes.\r\nhttps://github.com/determined-ai/determined/pull/3415/commits/18fc5278cd589089dd753f687ec606499117029d", - "cve": "CVE-2020-10108", - "id": "pyup.io-44642", - "more_info_path": "/vulnerabilities/CVE-2020-10108/44642", + "cve": "CVE-2019-14234", + "id": "pyup.io-54970", + "more_info_path": "/vulnerabilities/CVE-2019-14234/54970", "specs": [ "<0.17.6" ], @@ -33828,9 +33987,9 @@ }, { "advisory": "Determined 0.17.6 updates env images to include security fixes.\r\nhttps://github.com/determined-ai/determined/pull/3415/commits/18fc5278cd589089dd753f687ec606499117029d", - "cve": "CVE-2020-10109", - "id": "pyup.io-54967", - "more_info_path": "/vulnerabilities/CVE-2020-10109/54967", + "cve": "CVE-2020-7471", + "id": "pyup.io-54968", + "more_info_path": "/vulnerabilities/CVE-2020-7471/54968", "specs": [ "<0.17.6" ], @@ -33866,16 +34025,6 @@ ], "v": "<0.18.2" }, - { - "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29216", - "id": "pyup.io-49560", - "more_info_path": "/vulnerabilities/CVE-2022-29216/49560", - "specs": [ - "<0.18.2" - ], - "v": "<0.18.2" - }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", "cve": "CVE-2022-29194", @@ -33898,9 +34047,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29209", - "id": "pyup.io-49556", - "more_info_path": "/vulnerabilities/CVE-2022-29209/49556", + "cve": "CVE-2022-29208", + "id": "pyup.io-49555", + "more_info_path": "/vulnerabilities/CVE-2022-29208/49555", "specs": [ "<0.18.2" ], @@ -33908,9 +34057,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29200", - "id": "pyup.io-49547", - "more_info_path": "/vulnerabilities/CVE-2022-29200/49547", + "cve": "CVE-2022-29212", + "id": "pyup.io-49558", + "more_info_path": "/vulnerabilities/CVE-2022-29212/49558", "specs": [ "<0.18.2" ], @@ -33918,9 +34067,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29193", - "id": "pyup.io-49540", - "more_info_path": "/vulnerabilities/CVE-2022-29193/49540", + "cve": "CVE-2022-22576", + "id": "pyup.io-49529", + "more_info_path": "/vulnerabilities/CVE-2022-22576/49529", "specs": [ "<0.18.2" ], @@ -33928,9 +34077,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29206", - "id": "pyup.io-49553", - "more_info_path": "/vulnerabilities/CVE-2022-29206/49553", + "cve": "CVE-2022-29197", + "id": "pyup.io-49544", + "more_info_path": "/vulnerabilities/CVE-2022-29197/49544", "specs": [ "<0.18.2" ], @@ -33938,9 +34087,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-27781", - "id": "pyup.io-49537", - "more_info_path": "/vulnerabilities/CVE-2022-27781/49537", + "cve": "CVE-2022-29216", + "id": "pyup.io-49560", + "more_info_path": "/vulnerabilities/CVE-2022-29216/49560", "specs": [ "<0.18.2" ], @@ -33948,9 +34097,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29212", - "id": "pyup.io-49558", - "more_info_path": "/vulnerabilities/CVE-2022-29212/49558", + "cve": "CVE-2022-29193", + "id": "pyup.io-49540", + "more_info_path": "/vulnerabilities/CVE-2022-29193/49540", "specs": [ "<0.18.2" ], @@ -33958,9 +34107,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29199", - "id": "pyup.io-49546", - "more_info_path": "/vulnerabilities/CVE-2022-29199/49546", + "cve": "CVE-2022-27776", + "id": "pyup.io-49532", + "more_info_path": "/vulnerabilities/CVE-2022-27776/49532", "specs": [ "<0.18.2" ], @@ -33968,9 +34117,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-27776", - "id": "pyup.io-49532", - "more_info_path": "/vulnerabilities/CVE-2022-27776/49532", + "cve": "CVE-2022-30115", + "id": "pyup.io-49561", + "more_info_path": "/vulnerabilities/CVE-2022-30115/49561", "specs": [ "<0.18.2" ], @@ -33978,9 +34127,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-27780", - "id": "pyup.io-49536", - "more_info_path": "/vulnerabilities/CVE-2022-27780/49536", + "cve": "CVE-2022-27774", + "id": "pyup.io-49530", + "more_info_path": "/vulnerabilities/CVE-2022-27774/49530", "specs": [ "<0.18.2" ], @@ -33988,9 +34137,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-30115", - "id": "pyup.io-49561", - "more_info_path": "/vulnerabilities/CVE-2022-30115/49561", + "cve": "CVE-2022-29202", + "id": "pyup.io-49549", + "more_info_path": "/vulnerabilities/CVE-2022-29202/49549", "specs": [ "<0.18.2" ], @@ -33998,9 +34147,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-27775", - "id": "pyup.io-49531", - "more_info_path": "/vulnerabilities/CVE-2022-27775/49531", + "cve": "CVE-2022-29192", + "id": "pyup.io-49539", + "more_info_path": "/vulnerabilities/CVE-2022-29192/49539", "specs": [ "<0.18.2" ], @@ -34008,9 +34157,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29195", - "id": "pyup.io-49542", - "more_info_path": "/vulnerabilities/CVE-2022-29195/49542", + "cve": "CVE-2022-29191", + "id": "pyup.io-49538", + "more_info_path": "/vulnerabilities/CVE-2022-29191/49538", "specs": [ "<0.18.2" ], @@ -34018,9 +34167,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-27774", - "id": "pyup.io-49530", - "more_info_path": "/vulnerabilities/CVE-2022-27774/49530", + "cve": "CVE-2022-27779", + "id": "pyup.io-49535", + "more_info_path": "/vulnerabilities/CVE-2022-27779/49535", "specs": [ "<0.18.2" ], @@ -34028,9 +34177,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2018-25032", - "id": "pyup.io-49422", - "more_info_path": "/vulnerabilities/CVE-2018-25032/49422", + "cve": "CVE-2022-29195", + "id": "pyup.io-49542", + "more_info_path": "/vulnerabilities/CVE-2022-29195/49542", "specs": [ "<0.18.2" ], @@ -34038,9 +34187,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29197", - "id": "pyup.io-49544", - "more_info_path": "/vulnerabilities/CVE-2022-29197/49544", + "cve": "CVE-2022-29203", + "id": "pyup.io-49550", + "more_info_path": "/vulnerabilities/CVE-2022-29203/49550", "specs": [ "<0.18.2" ], @@ -34048,9 +34197,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29203", - "id": "pyup.io-49550", - "more_info_path": "/vulnerabilities/CVE-2022-29203/49550", + "cve": "CVE-2022-29205", + "id": "pyup.io-49552", + "more_info_path": "/vulnerabilities/CVE-2022-29205/49552", "specs": [ "<0.18.2" ], @@ -34058,9 +34207,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29211", - "id": "pyup.io-49557", - "more_info_path": "/vulnerabilities/CVE-2022-29211/49557", + "cve": "CVE-2022-29209", + "id": "pyup.io-49556", + "more_info_path": "/vulnerabilities/CVE-2022-29209/49556", "specs": [ "<0.18.2" ], @@ -34068,9 +34217,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29205", - "id": "pyup.io-49552", - "more_info_path": "/vulnerabilities/CVE-2022-29205/49552", + "cve": "CVE-2022-29200", + "id": "pyup.io-49547", + "more_info_path": "/vulnerabilities/CVE-2022-29200/49547", "specs": [ "<0.18.2" ], @@ -34078,9 +34227,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29208", - "id": "pyup.io-49555", - "more_info_path": "/vulnerabilities/CVE-2022-29208/49555", + "cve": "CVE-2022-27781", + "id": "pyup.io-49537", + "more_info_path": "/vulnerabilities/CVE-2022-27781/49537", "specs": [ "<0.18.2" ], @@ -34088,9 +34237,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-22576", - "id": "pyup.io-49529", - "more_info_path": "/vulnerabilities/CVE-2022-22576/49529", + "cve": "CVE-2022-29199", + "id": "pyup.io-49546", + "more_info_path": "/vulnerabilities/CVE-2022-29199/49546", "specs": [ "<0.18.2" ], @@ -34098,9 +34247,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29192", - "id": "pyup.io-49539", - "more_info_path": "/vulnerabilities/CVE-2022-29192/49539", + "cve": "CVE-2022-27780", + "id": "pyup.io-49536", + "more_info_path": "/vulnerabilities/CVE-2022-27780/49536", "specs": [ "<0.18.2" ], @@ -34108,9 +34257,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29198", - "id": "pyup.io-49545", - "more_info_path": "/vulnerabilities/CVE-2022-29198/49545", + "cve": "CVE-2022-27775", + "id": "pyup.io-49531", + "more_info_path": "/vulnerabilities/CVE-2022-27775/49531", "specs": [ "<0.18.2" ], @@ -34118,9 +34267,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29191", - "id": "pyup.io-49538", - "more_info_path": "/vulnerabilities/CVE-2022-29191/49538", + "cve": "CVE-2018-25032", + "id": "pyup.io-49422", + "more_info_path": "/vulnerabilities/CVE-2018-25032/49422", "specs": [ "<0.18.2" ], @@ -34128,9 +34277,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29207", - "id": "pyup.io-49554", - "more_info_path": "/vulnerabilities/CVE-2022-29207/49554", + "cve": "CVE-2022-29211", + "id": "pyup.io-49557", + "more_info_path": "/vulnerabilities/CVE-2022-29211/49557", "specs": [ "<0.18.2" ], @@ -34138,9 +34287,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-27778", - "id": "pyup.io-49534", - "more_info_path": "/vulnerabilities/CVE-2022-27778/49534", + "cve": "CVE-2022-29206", + "id": "pyup.io-49553", + "more_info_path": "/vulnerabilities/CVE-2022-29206/49553", "specs": [ "<0.18.2" ], @@ -34158,9 +34307,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-27779", - "id": "pyup.io-49535", - "more_info_path": "/vulnerabilities/CVE-2022-27779/49535", + "cve": "CVE-2022-29198", + "id": "pyup.io-49545", + "more_info_path": "/vulnerabilities/CVE-2022-29198/49545", "specs": [ "<0.18.2" ], @@ -34168,9 +34317,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29201", - "id": "pyup.io-49548", - "more_info_path": "/vulnerabilities/CVE-2022-29201/49548", + "cve": "CVE-2022-29207", + "id": "pyup.io-49554", + "more_info_path": "/vulnerabilities/CVE-2022-29207/49554", "specs": [ "<0.18.2" ], @@ -34178,9 +34327,9 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29213", - "id": "pyup.io-49559", - "more_info_path": "/vulnerabilities/CVE-2022-29213/49559", + "cve": "CVE-2022-27778", + "id": "pyup.io-49534", + "more_info_path": "/vulnerabilities/CVE-2022-27778/49534", "specs": [ "<0.18.2" ], @@ -34188,9 +34337,19 @@ }, { "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", - "cve": "CVE-2022-29202", - "id": "pyup.io-49549", - "more_info_path": "/vulnerabilities/CVE-2022-29202/49549", + "cve": "CVE-2022-29201", + "id": "pyup.io-49548", + "more_info_path": "/vulnerabilities/CVE-2022-29201/49548", + "specs": [ + "<0.18.2" + ], + "v": "<0.18.2" + }, + { + "advisory": "Determined 0.18.2 updates its dependency 'TensorFlow' supported versions to 2.6.5, 2.7.3 and 2.8.2 to include security fixes.", + "cve": "CVE-2022-29213", + "id": "pyup.io-49559", + "more_info_path": "/vulnerabilities/CVE-2022-29213/49559", "specs": [ "<0.18.2" ], @@ -34207,50 +34366,50 @@ "v": "<0.19.3" }, { - "advisory": "Determined 0.19.3 stops using the NPM package 'trim-newlines', preventing a security issue.", - "cve": "CVE-2021-33623", - "id": "pyup.io-50978", - "more_info_path": "/vulnerabilities/CVE-2021-33623/50978", + "advisory": "Determined 0.19.3 updates its NPM dependency 'eventsource' to v1.1.2 to include a security fix.", + "cve": "CVE-2022-1650", + "id": "pyup.io-50973", + "more_info_path": "/vulnerabilities/CVE-2022-1650/50973", "specs": [ "<0.19.3" ], "v": "<0.19.3" }, { - "advisory": "Determined 0.19.3 updates its NPM dependency 'async' to v2.6.4 to include a security fix.", - "cve": "CVE-2021-43138", - "id": "pyup.io-50972", - "more_info_path": "/vulnerabilities/CVE-2021-43138/50972", + "advisory": "Determined 0.19.3 updates its NPM dependency 'ansi-regex' to v3.0.1 to include a security fix.", + "cve": "CVE-2021-3807", + "id": "pyup.io-50971", + "more_info_path": "/vulnerabilities/CVE-2021-3807/50971", "specs": [ "<0.19.3" ], "v": "<0.19.3" }, { - "advisory": "Determined 0.19.3 updates its NPM dependency 'eventsource' to v1.1.2 to include a security fix.", - "cve": "CVE-2022-1650", - "id": "pyup.io-50973", - "more_info_path": "/vulnerabilities/CVE-2022-1650/50973", + "advisory": "Determined 0.19.3 updates its NPM dependency 'terser' to v4.8.1 to include a security fix.", + "cve": "CVE-2022-25858", + "id": "pyup.io-50977", + "more_info_path": "/vulnerabilities/CVE-2022-25858/50977", "specs": [ "<0.19.3" ], "v": "<0.19.3" }, { - "advisory": "Determined 0.19.3 updates its NPM dependency 'url-parse' to v1.5.10 to include security fixes.", - "cve": "CVE-2022-0686", - "id": "pyup.io-50980", - "more_info_path": "/vulnerabilities/CVE-2022-0686/50980", + "advisory": "Determined 0.19.3 stops using the NPM package 'trim-newlines', preventing a security issue.", + "cve": "CVE-2021-33623", + "id": "pyup.io-50978", + "more_info_path": "/vulnerabilities/CVE-2021-33623/50978", "specs": [ "<0.19.3" ], "v": "<0.19.3" }, { - "advisory": "Determined 0.19.3 updates its NPM dependency 'ansi-regex' to v3.0.1 to include a security fix.", - "cve": "CVE-2021-3807", - "id": "pyup.io-50971", - "more_info_path": "/vulnerabilities/CVE-2021-3807/50971", + "advisory": "Determined 0.19.3 updates its NPM dependency 'url-parse' to v1.5.10 to include security fixes.", + "cve": "CVE-2022-0686", + "id": "pyup.io-50980", + "more_info_path": "/vulnerabilities/CVE-2022-0686/50980", "specs": [ "<0.19.3" ], @@ -34258,9 +34417,9 @@ }, { "advisory": "Determined 0.19.3 updates its NPM dependency 'url-parse' to v1.5.10 to include security fixes.", - "cve": "CVE-2022-0512", - "id": "pyup.io-50982", - "more_info_path": "/vulnerabilities/CVE-2022-0512/50982", + "cve": "CVE-2022-0691", + "id": "pyup.io-50981", + "more_info_path": "/vulnerabilities/CVE-2022-0691/50981", "specs": [ "<0.19.3" ], @@ -34268,19 +34427,19 @@ }, { "advisory": "Determined 0.19.3 updates its NPM dependency 'follow-redirects' to v1.15.1 to include security fixes.", - "cve": "CVE-2022-0155", - "id": "pyup.io-50975", - "more_info_path": "/vulnerabilities/CVE-2022-0155/50975", + "cve": "CVE-2022-0536", + "id": "pyup.io-50974", + "more_info_path": "/vulnerabilities/CVE-2022-0536/50974", "specs": [ "<0.19.3" ], "v": "<0.19.3" }, { - "advisory": "Determined 0.19.3 updates its NPM dependency 'terser' to v4.8.1 to include a security fix.", - "cve": "CVE-2022-25858", - "id": "pyup.io-50977", - "more_info_path": "/vulnerabilities/CVE-2022-25858/50977", + "advisory": "Determined 0.19.3 updates its NPM dependency 'async' to v2.6.4 to include a security fix.", + "cve": "CVE-2021-43138", + "id": "pyup.io-50972", + "more_info_path": "/vulnerabilities/CVE-2021-43138/50972", "specs": [ "<0.19.3" ], @@ -34288,9 +34447,9 @@ }, { "advisory": "Determined 0.19.3 updates its NPM dependency 'url-parse' to v1.5.10 to include security fixes.", - "cve": "CVE-2022-0691", - "id": "pyup.io-50981", - "more_info_path": "/vulnerabilities/CVE-2022-0691/50981", + "cve": "CVE-2022-0512", + "id": "pyup.io-50982", + "more_info_path": "/vulnerabilities/CVE-2022-0512/50982", "specs": [ "<0.19.3" ], @@ -34298,9 +34457,9 @@ }, { "advisory": "Determined 0.19.3 updates its NPM dependency 'follow-redirects' to v1.15.1 to include security fixes.", - "cve": "CVE-2022-0536", - "id": "pyup.io-50974", - "more_info_path": "/vulnerabilities/CVE-2022-0536/50974", + "cve": "CVE-2022-0155", + "id": "pyup.io-50975", + "more_info_path": "/vulnerabilities/CVE-2022-0155/50975", "specs": [ "<0.19.3" ], @@ -35201,6 +35360,17 @@ ], "v": "<1.2.7,>=1.3a1,<1.3.1" }, + { + "advisory": "The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 originally tests a URL's validity through a HEAD request, but then uses a GET request for the new target URL in the case of a redirect, which might allow remote attackers to trigger arbitrary GET requests with an unintended source IP address via a crafted Location header.", + "cve": "CVE-2011-4138", + "id": "pyup.io-33065", + "more_info_path": "/vulnerabilities/CVE-2011-4138/33065", + "specs": [ + "<1.2.7", + ">=1.3a1,<1.3.1" + ], + "v": "<1.2.7,>=1.3a1,<1.3.1" + }, { "advisory": "The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service (resource consumption) via a URL associated with (1) a slow response, (2) a completed TCP connection with no application data sent, or (3) a large amount of application data, a related issue to CVE-2011-1521.", "cve": "CVE-2011-4137", @@ -35223,17 +35393,6 @@ ], "v": "<1.2.7,>=1.3a1,<1.3.1" }, - { - "advisory": "The verify_exists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 originally tests a URL's validity through a HEAD request, but then uses a GET request for the new target URL in the case of a redirect, which might allow remote attackers to trigger arbitrary GET requests with an unintended source IP address via a crafted Location header.", - "cve": "CVE-2011-4138", - "id": "pyup.io-33065", - "more_info_path": "/vulnerabilities/CVE-2011-4138/33065", - "specs": [ - "<1.2.7", - ">=1.3a1,<1.3.1" - ], - "v": "<1.2.7,>=1.3a1,<1.3.1" - }, { "advisory": "django.contrib.sessions in Django before 1.2.7 and 1.3.x before 1.3.1, when session data is stored in the cache, uses the root namespace for both session identifiers and application-data keys, which allows remote attackers to modify a session by triggering use of a key that is equal to that session's identifier.", "cve": "CVE-2011-4136", @@ -35489,10 +35648,10 @@ "v": "<1.7.6,>=1.8a1,<1.8b2" }, { - "advisory": "The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\\@attacker.com.", - "cve": "CVE-2016-2512", - "id": "pyup.io-33073", - "more_info_path": "/vulnerabilities/CVE-2016-2512/33073", + "advisory": "The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests.", + "cve": "CVE-2016-2513", + "id": "pyup.io-33074", + "more_info_path": "/vulnerabilities/CVE-2016-2513/33074", "specs": [ "<1.8.10", ">=1.9a1,<1.9.3" @@ -35500,10 +35659,10 @@ "v": "<1.8.10,>=1.9a1,<1.9.3" }, { - "advisory": "The password hasher in contrib/auth/hashers.py in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to enumerate users via a timing attack involving login requests.", - "cve": "CVE-2016-2513", - "id": "pyup.io-33074", - "more_info_path": "/vulnerabilities/CVE-2016-2513/33074", + "advisory": "The utils.http.is_safe_url function in Django before 1.8.10 and 1.9.x before 1.9.3 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or possibly conduct cross-site scripting (XSS) attacks via a URL containing basic authentication, as demonstrated by http://mysite.example.com\\@attacker.com.", + "cve": "CVE-2016-2512", + "id": "pyup.io-33073", + "more_info_path": "/vulnerabilities/CVE-2016-2512/33073", "specs": [ "<1.8.10", ">=1.9a1,<1.9.3" @@ -35605,10 +35764,10 @@ "v": "<2.2.26,>=3.0a1,<3.2.11,>=4.0a1,<4.0.1" }, { - "advisory": "Django 2.2.26, 3.2.11 and 4.0.1 include a fix for CVE-2021-45115: UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.\r\nhttps://www.djangoproject.com/weblog/2022/jan/04/security-releases/", - "cve": "CVE-2021-45115", - "id": "pyup.io-44423", - "more_info_path": "/vulnerabilities/CVE-2021-45115/44423", + "advisory": "Django 2.2.26, 3.2.11 and 4.0.1 include a fix for CVE-2021-45452: Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it.\r\nhttps://www.djangoproject.com/weblog/2022/jan/04/security-releases/", + "cve": "CVE-2021-45452", + "id": "pyup.io-44426", + "more_info_path": "/vulnerabilities/CVE-2021-45452/44426", "specs": [ "<2.2.26", ">=3.0a1,<3.2.11", @@ -35617,10 +35776,10 @@ "v": "<2.2.26,>=3.0a1,<3.2.11,>=4.0a1,<4.0.1" }, { - "advisory": "Django 2.2.26, 3.2.11 and 4.0.1 include a fix for CVE-2021-45452: Storage.save in Django 2.2 before 2.2.26, 3.2 before 3.2.11, and 4.0 before 4.0.1 allows directory traversal if crafted filenames are directly passed to it.\r\nhttps://www.djangoproject.com/weblog/2022/jan/04/security-releases/", - "cve": "CVE-2021-45452", - "id": "pyup.io-44426", - "more_info_path": "/vulnerabilities/CVE-2021-45452/44426", + "advisory": "Django 2.2.26, 3.2.11 and 4.0.1 include a fix for CVE-2021-45115: UserAttributeSimilarityValidator incurred significant overhead in evaluating a submitted password that was artificially large in relation to the comparison values. In a situation where access to user registration was unrestricted, this provided a potential vector for a denial-of-service attack.\r\nhttps://www.djangoproject.com/weblog/2022/jan/04/security-releases/", + "cve": "CVE-2021-45115", + "id": "pyup.io-44423", + "more_info_path": "/vulnerabilities/CVE-2021-45115/44423", "specs": [ "<2.2.26", ">=3.0a1,<3.2.11", @@ -35653,10 +35812,10 @@ "v": "<2.2.27,>=3.0a1,<3.2.12,>=4.0a1,<4.0.2" }, { - "advisory": "Django 2.2.28, 3.2.13 and 4.0.4 include a fix for CVE-2022-28347: A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.\r\nhttps://www.djangoproject.com/weblog/2022/apr/11/security-releases", - "cve": "CVE-2022-28347", - "id": "pyup.io-48040", - "more_info_path": "/vulnerabilities/CVE-2022-28347/48040", + "advisory": "Django 2.2.28, 3.2.13 and 4.0.4 include a fix for CVE-2022-28346: An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.\r\nhttps://www.djangoproject.com/weblog/2022/apr/11/security-releases", + "cve": "CVE-2022-28346", + "id": "pyup.io-48041", + "more_info_path": "/vulnerabilities/CVE-2022-28346/48041", "specs": [ "<2.2.28", ">=3.0a1,<3.2.13", @@ -35665,10 +35824,10 @@ "v": "<2.2.28,>=3.0a1,<3.2.13,>=4.0a1,<4.0.4" }, { - "advisory": "Django 2.2.28, 3.2.13 and 4.0.4 include a fix for CVE-2022-28346: An issue was discovered in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. QuerySet.annotate(), aggregate(), and extra() methods are subject to SQL injection in column aliases via a crafted dictionary (with dictionary expansion) as the passed **kwargs.\r\nhttps://www.djangoproject.com/weblog/2022/apr/11/security-releases", - "cve": "CVE-2022-28346", - "id": "pyup.io-48041", - "more_info_path": "/vulnerabilities/CVE-2022-28346/48041", + "advisory": "Django 2.2.28, 3.2.13 and 4.0.4 include a fix for CVE-2022-28347: A SQL injection issue was discovered in QuerySet.explain() in Django 2.2 before 2.2.28, 3.2 before 3.2.13, and 4.0 before 4.0.4. This occurs by passing a crafted dictionary (with dictionary expansion) as the **options argument, and placing the injection payload in an option name.\r\nhttps://www.djangoproject.com/weblog/2022/apr/11/security-releases", + "cve": "CVE-2022-28347", + "id": "pyup.io-48040", + "more_info_path": "/vulnerabilities/CVE-2022-28347/48040", "specs": [ "<2.2.28", ">=3.0a1,<3.2.13", @@ -35806,6 +35965,17 @@ ], "v": "<3.2.25,>=4.0a1,<4.2.11,>=5.0a1,<5.0.3" }, + { + "advisory": "Affected versions of Django are potentially vulnerable to denial-of-service via the get_supported_language_variant() method. This method was susceptible to a denial-of-service attack when used with very long strings containing specific characters. Exploiting this vulnerability could cause significant delays or crashes in the affected application, potentially leading to service disruption.", + "cve": "CVE-2024-39614", + "id": "pyup.io-72111", + "more_info_path": "/vulnerabilities/CVE-2024-39614/72111", + "specs": [ + "<4.2.14", + ">=5.0a1,<5.0.7" + ], + "v": "<4.2.14,>=5.0a1,<5.0.7" + }, { "advisory": "Affected versions of Django are affected by a directory-traversal vulnerability in the Storage.save() method. Derived classes of the django.core.files.storage.Storage base class that overrides the generate_filename() method without replicating the file path validations existing in the parent class could allow for directory traversal via certain inputs when calling save(). This could enable an attacker to manipulate file paths and access unintended directories.", "cve": "CVE-2024-39330", @@ -35828,17 +35998,6 @@ ], "v": "<4.2.14,>=5.0a1,<5.0.7" }, - { - "advisory": "Affected versions of Django are potentially vulnerable to denial-of-service via the get_supported_language_variant() method. This method was susceptible to a denial-of-service attack when used with very long strings containing specific characters. Exploiting this vulnerability could cause significant delays or crashes in the affected application, potentially leading to service disruption.", - "cve": "CVE-2024-39614", - "id": "pyup.io-72111", - "more_info_path": "/vulnerabilities/CVE-2024-39614/72111", - "specs": [ - "<4.2.14", - ">=5.0a1,<5.0.7" - ], - "v": "<4.2.14,>=5.0a1,<5.0.7" - }, { "advisory": "Affected versions of Django are affected by a potential denial-of-service vulnerability in the django.utils.html.urlize() function. The urlize and urlizetrunc template filters were susceptible to a denial-of-service attack via certain inputs containing many brackets. An attacker could exploit this vulnerability to cause significant delays or crashes in the affected application.", "cve": "CVE-2024-38875", @@ -35884,10 +36043,10 @@ "v": "<4.2.15,>=5.0a1,<5.0.8" }, { - "advisory": "A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. To mitigate this risk, Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.", - "cve": "CVE-2024-45231", - "id": "pyup.io-73028", - "more_info_path": "/vulnerabilities/CVE-2024-45231/73028", + "advisory": "A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.", + "cve": "CVE-2024-45230", + "id": "pyup.io-73023", + "more_info_path": "/vulnerabilities/CVE-2024-45230/73023", "specs": [ "<4.2.16", ">=5.0a1,<5.0.9", @@ -35896,10 +36055,10 @@ "v": "<4.2.16,>=5.0a1,<5.0.9,>=5.1a1,<5.1.1" }, { - "advisory": "A potential denial-of-service vulnerability has been identified in Django's urlize() and urlizetrunc() functions in django.utils.html. This vulnerability can be triggered by inputting huge strings containing a specific sequence of characters.", - "cve": "CVE-2024-45230", - "id": "pyup.io-73023", - "more_info_path": "/vulnerabilities/CVE-2024-45230/73023", + "advisory": "A security vulnerability has been discovered in certain versions of Django, affecting the password reset functionality. The PasswordResetForm class in django.contrib.auth.forms inadvertently allowed attackers to enumerate user email addresses by exploiting unhandled exceptions during the email sending process. This could be done by issuing password reset requests and observing the responses. Django has implemented a fix where these exceptions are now caught and logged using the django.contrib.auth logger, preventing potential information leakage through error responses.", + "cve": "CVE-2024-45231", + "id": "pyup.io-73028", + "more_info_path": "/vulnerabilities/CVE-2024-45231/73028", "specs": [ "<4.2.16", ">=5.0a1,<5.0.9", @@ -36020,10 +36179,10 @@ "v": ">=1.11a1,<1.11.22,>=2.2a1,<2.2.3,>=2.1a1,<2.1.10" }, { - "advisory": "Django 1.11.23, 2.1.11, and 2.2.4 include a fix for CVE-2019-14233: Due to the behavior of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.", - "cve": "CVE-2019-14233", - "id": "pyup.io-39593", - "more_info_path": "/vulnerabilities/CVE-2019-14233/39593", + "advisory": "Django 1.11.23, 2.1.11 and 2.2.4 include a fix for CVE-2019-14234: Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.", + "cve": "CVE-2019-14234", + "id": "pyup.io-39592", + "more_info_path": "/vulnerabilities/CVE-2019-14234/39592", "specs": [ ">=1.11a1,<1.11.23", ">=2.0a1,<2.1.11", @@ -36032,10 +36191,10 @@ "v": ">=1.11a1,<1.11.23,>=2.0a1,<2.1.11,>=2.2a1,<2.2.4" }, { - "advisory": "Django 1.11.23, 2.1.11 and 2.2.4 include a fix for CVE-2019-14234: Due to an error in shallow key transformation, key and index lookups for django.contrib.postgres.fields.JSONField, and key lookups for django.contrib.postgres.fields.HStoreField, were subject to SQL injection. This could, for example, be exploited via crafted use of \"OR 1=1\" in a key or index name to return all records, using a suitably crafted dictionary, with dictionary expansion, as the **kwargs passed to the QuerySet.filter() function.", - "cve": "CVE-2019-14234", - "id": "pyup.io-39592", - "more_info_path": "/vulnerabilities/CVE-2019-14234/39592", + "advisory": "Django 1.11.23, 2.1.11, and 2.2.4 include a fix for CVE-2019-14233: Due to the behavior of the underlying HTMLParser, django.utils.html.strip_tags would be extremely slow to evaluate certain inputs containing large sequences of nested incomplete HTML entities.", + "cve": "CVE-2019-14233", + "id": "pyup.io-39593", + "more_info_path": "/vulnerabilities/CVE-2019-14233/39593", "specs": [ ">=1.11a1,<1.11.23", ">=2.0a1,<2.1.11", @@ -36311,10 +36470,10 @@ "v": ">=2.0a1,<2.0.2,==1.11.8,==1.11.9" }, { - "advisory": "Django 2.0.3, 1.8.19 and 1.11.11 include a fix for CVE-2018-7537: An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.", - "cve": "CVE-2018-7537", - "id": "pyup.io-35796", - "more_info_path": "/vulnerabilities/CVE-2018-7537/35796", + "advisory": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. See: CVE-2018-7536.", + "cve": "CVE-2018-7536", + "id": "pyup.io-35797", + "more_info_path": "/vulnerabilities/CVE-2018-7536/35797", "specs": [ ">=2.0a1,<2.0.3", ">=1.8a1,<1.8.19", @@ -36323,10 +36482,10 @@ "v": ">=2.0a1,<2.0.3,>=1.8a1,<1.8.19,>=1.11a1,<1.11.11" }, { - "advisory": "An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. See: CVE-2018-7536.", - "cve": "CVE-2018-7536", - "id": "pyup.io-35797", - "more_info_path": "/vulnerabilities/CVE-2018-7536/35797", + "advisory": "Django 2.0.3, 1.8.19 and 1.11.11 include a fix for CVE-2018-7537: An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable.", + "cve": "CVE-2018-7537", + "id": "pyup.io-35796", + "more_info_path": "/vulnerabilities/CVE-2018-7537/35796", "specs": [ ">=2.0a1,<2.0.3", ">=1.8a1,<1.8.19", @@ -37760,6 +37919,18 @@ "v": "<4.2.2" } ], + "django-gar": [ + { + "advisory": "Affected versions of django_gar are vulnerable to Cross-site Scripting (XSS): CWE-79 and XML External Entity (XXE) Injection: CWE-611. The attack vectors involve the unsafe rendering of HTML content using mark_safe and insecure XML parsing with xml.etree.ElementTree. Vulnerable methods include those in admin.py that render HTML without proper escaping and functions in middleware.py and signals/handlers.py that parse XML without disabling external entities. Attackers can exploit these vulnerabilities by injecting malicious content into fields that are rendered or parsed by the application. To mitigate these issues, users should update to the latest version of django_gar where format_html and defusedxml are used to securely handle HTML and XML content.", + "cve": "PVE-2024-73658", + "id": "pyup.io-73658", + "more_info_path": "/vulnerabilities/PVE-2024-73658/73658", + "specs": [ + "<2.12.0" + ], + "v": "<2.12.0" + } + ], "django-grappelli": [ { "advisory": "Django-grappelli 2.15.2 includes a fix for CVE-2021-46898: views/switch.py in django-grappelli before 2.15.2 attempts to prevent external redirection with startswith(\"/\") but this does not consider a protocol-relative URL (e.g., //example.com) attack.\r\nhttps://github.com/sehmaschine/django-grappelli/issues/975", @@ -39808,9 +39979,9 @@ }, { "advisory": "Django-spectator 12.0.1 updates its dependency 'pillow' to v9.0.1 to include security fixes.", - "cve": "CVE-2022-22817", - "id": "pyup.io-47776", - "more_info_path": "/vulnerabilities/CVE-2022-22817/47776", + "cve": "CVE-2022-24303", + "id": "pyup.io-47772", + "more_info_path": "/vulnerabilities/CVE-2022-24303/47772", "specs": [ "<12.0.1" ], @@ -39818,9 +39989,9 @@ }, { "advisory": "Django-spectator 12.0.1 updates its dependency 'pillow' to v9.0.1 to include security fixes.", - "cve": "CVE-2022-24303", - "id": "pyup.io-47772", - "more_info_path": "/vulnerabilities/CVE-2022-24303/47772", + "cve": "CVE-2022-22815", + "id": "pyup.io-47780", + "more_info_path": "/vulnerabilities/CVE-2022-22815/47780", "specs": [ "<12.0.1" ], @@ -39828,9 +39999,9 @@ }, { "advisory": "Django-spectator 12.0.1 updates its dependency 'pillow' to v9.0.1 to include security fixes.", - "cve": "CVE-2022-22815", - "id": "pyup.io-47780", - "more_info_path": "/vulnerabilities/CVE-2022-22815/47780", + "cve": "CVE-2022-22817", + "id": "pyup.io-47776", + "more_info_path": "/vulnerabilities/CVE-2022-22817/47776", "specs": [ "<12.0.1" ], @@ -41288,20 +41459,20 @@ "v": "<1.4.97" }, { - "advisory": "Docassemble version 1.4.97 addresses a critical security flaw, impacting versions from 1.4.53 to 1.4.96, where file contents within the filesystem could potentially be exposed. Given the high severity of this issue, users are strongly advised to update to the latest version immediately to secure their systems.", - "cve": "PVE-2024-65732", - "id": "pyup.io-65732", - "more_info_path": "/vulnerabilities/PVE-2024-65732/65732", + "advisory": "Docassemble version 1.4.97 resolves a security issue reported in versions up to 1.4.96. The vulnerability allowed for HTML or JavaScript injection, posing a risk to the application's integrity and user data security.\r\nhttps://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa", + "cve": "PVE-2024-65740", + "id": "pyup.io-65740", + "more_info_path": "/vulnerabilities/PVE-2024-65740/65740", "specs": [ "<1.4.97" ], "v": "<1.4.97" }, { - "advisory": "Docassemble version 1.4.97 resolves a security issue reported in versions up to 1.4.96. The vulnerability allowed for HTML or JavaScript injection, posing a risk to the application's integrity and user data security.\r\nhttps://github.com/jhpyle/docassemble/commit/4801ac7ff7c90df00ac09523077930cdb6dea2aa", - "cve": "PVE-2024-65740", - "id": "pyup.io-65740", - "more_info_path": "/vulnerabilities/PVE-2024-65740/65740", + "advisory": "Docassemble version 1.4.97 addresses a critical security flaw, impacting versions from 1.4.53 to 1.4.96, where file contents within the filesystem could potentially be exposed. Given the high severity of this issue, users are strongly advised to update to the latest version immediately to secure their systems.", + "cve": "PVE-2024-65732", + "id": "pyup.io-65732", + "more_info_path": "/vulnerabilities/PVE-2024-65732/65732", "specs": [ "<1.4.97" ], @@ -42554,6 +42725,18 @@ "v": "<2023.06.0" } ], + "ecutils": [ + { + "advisory": "Ecutils updates the zipp library to version 3.19.1 or higher to address CVE-2024-5569.", + "cve": "CVE-2024-5569", + "id": "pyup.io-73577", + "more_info_path": "/vulnerabilities/CVE-2024-5569/73577", + "specs": [ + "<1.1.1" + ], + "v": "<1.1.1" + } + ], "edapy": [ { "advisory": "Edapy 0.3.0 includes a security patch for the function '_read_yaml' in 'edapy/csv/init.py'. It used the unsafe yaml.load(), that allows instantiation of arbitrary objects. Consider yaml.safe_load().\r\nhttps://github.com/MartinThoma/edapy/commit/47b958781a702e176ea72fe59ab8596ad93aabdc#diff-150063df356bdd6b5d718194a9ccb7750d86f8608959d31cef59012a8471709f", @@ -43735,20 +43918,20 @@ "v": "<2.15.1" }, { - "advisory": "Ethyca's Fides 2.22.1 patches a high-severity SSRF vulnerability (CVE-2023-46124) affecting versions before 2.22.1. This vulnerability allowed attackers with certain API access to make internal system requests that could lead to data breaches. The update is crucial for users with CONNECTOR_TEMPLATE_REGISTER scope and should be applied immediately to secure systems.\r\nhttps://github.com/ethyca/fides/security/advisories/GHSA-jq3w-9mgf-43m4", - "cve": "CVE-2023-46124", - "id": "pyup.io-63347", - "more_info_path": "/vulnerabilities/CVE-2023-46124/63347", + "advisory": "Ethyca-fides 2.22.1 fixes a vulnerability identified as CVE-2023-46125. The issue was found with the GET api/v1/config endpoint. It allowed Admin UI users with roles lower than the owner role, such as the viewer role, to retrieve the configuration information using the API. Even though the configuration data was filtered to suppress most sensitive information, it still contained details about the internals and backend infrastructure like server addresses, ports, and database usernames. \r\nhttps://github.com/ethyca/fides/security/advisories/GHSA-rjxg-rpg3-9r89", + "cve": "CVE-2023-46125", + "id": "pyup.io-63521", + "more_info_path": "/vulnerabilities/CVE-2023-46125/63521", "specs": [ "<2.22.1" ], "v": "<2.22.1" }, { - "advisory": "Ethyca-fides 2.22.1 fixes a vulnerability identified as CVE-2023-46125. The issue was found with the GET api/v1/config endpoint. It allowed Admin UI users with roles lower than the owner role, such as the viewer role, to retrieve the configuration information using the API. Even though the configuration data was filtered to suppress most sensitive information, it still contained details about the internals and backend infrastructure like server addresses, ports, and database usernames. \r\nhttps://github.com/ethyca/fides/security/advisories/GHSA-rjxg-rpg3-9r89", - "cve": "CVE-2023-46125", - "id": "pyup.io-63521", - "more_info_path": "/vulnerabilities/CVE-2023-46125/63521", + "advisory": "Ethyca's Fides 2.22.1 patches a high-severity SSRF vulnerability (CVE-2023-46124) affecting versions before 2.22.1. This vulnerability allowed attackers with certain API access to make internal system requests that could lead to data breaches. The update is crucial for users with CONNECTOR_TEMPLATE_REGISTER scope and should be applied immediately to secure systems.\r\nhttps://github.com/ethyca/fides/security/advisories/GHSA-jq3w-9mgf-43m4", + "cve": "CVE-2023-46124", + "id": "pyup.io-63347", + "more_info_path": "/vulnerabilities/CVE-2023-46124/63347", "specs": [ "<2.22.1" ], @@ -43804,16 +43987,6 @@ ], "v": "<2.39.1" }, - { - "advisory": "In ethyca-fides affected versions, a timing-based username enumeration vulnerability exists in the Fides Webserver authentication process. This security flaw enables an unauthenticated attacker to discern the existence of valid usernames by analyzing the server's response times to login requests. The discernible difference in response times between valid and invalid usernames can be exploited to systematically enumerate users on the system, potentially compromising user privacy and serving as a stepping stone for further attacks.", - "cve": "CVE-2024-45052", - "id": "pyup.io-73131", - "more_info_path": "/vulnerabilities/CVE-2024-45052/73131", - "specs": [ - "<2.44.0" - ], - "v": "<2.44.0" - }, { "advisory": "In ethyca-fides affected versions, the Email Templating feature implements Jinja2 without adequate input sanitization or rendering environment restrictions. This oversight creates a vulnerability to Server-Side Template Injection, potentially allowing Remote Code Execution by privileged users. In this context, a privileged user is defined as an Admin UI user with either the default 'Owner' or 'Contributor' role. Such users can exploit this vulnerability to escalate their access and execute arbitrary code on the underlying Fides Webserver container where the Jinja template rendering function operates.", "cve": "CVE-2024-45053", @@ -43825,14 +43998,14 @@ "v": "<2.44.0" }, { - "advisory": "The Fides webserver is vulnerable to a type of Denial of Service (DoS) attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb file, resulting in resource exhaustion and service unavailability for all users of the Fides webserver. This vulnerability affects Fides versions `2.11.0` through `2.15.1`. Exploitation is limited to users with elevated privileges with the `CONNECTOR_TEMPLATE_REGISTER` scope, which includes root users and users with the owner role. The vulnerability has been patched in Fides version `2.16.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There is no known workaround to remediate this vulnerability without upgrading. If an attack occurs, the impact can be mitigated by manually or automatically restarting the affected container.", - "cve": "CVE-2023-37480", - "id": "pyup.io-65025", - "more_info_path": "/vulnerabilities/CVE-2023-37480/65025", + "advisory": "In ethyca-fides affected versions, a timing-based username enumeration vulnerability exists in the Fides Webserver authentication process. This security flaw enables an unauthenticated attacker to discern the existence of valid usernames by analyzing the server's response times to login requests. The discernible difference in response times between valid and invalid usernames can be exploited to systematically enumerate users on the system, potentially compromising user privacy and serving as a stepping stone for further attacks.", + "cve": "CVE-2024-45052", + "id": "pyup.io-73131", + "more_info_path": "/vulnerabilities/CVE-2024-45052/73131", "specs": [ - ">=2.11.0,<2.16.0" + "<2.44.0" ], - "v": ">=2.11.0,<2.16.0" + "v": "<2.44.0" }, { "advisory": "Fides is an open-source privacy engineering platform for managing data privacy requests and privacy regulations. The Fides webserver is vulnerable to a type of Denial of Service (DoS) attack. Attackers can exploit this vulnerability to upload zip files containing malicious SVG bombs (similar to a billion laughs attack), causing resource exhaustion in Admin UI browser tabs and creating a persistent denial of service of the 'new connector' page (`datastore-connection/new`). This vulnerability affects Fides versions `2.11.0` through `2.15.1`. Exploitation is limited to users with elevated privileges with the `CONNECTOR_TEMPLATE_REGISTER` scope, which includes root users and users with the owner role. The vulnerability has been patched in Fides version `2.16.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There is no known workaround to remediate this vulnerability without upgrading.", @@ -43844,6 +44017,16 @@ ], "v": ">=2.11.0,<2.16.0" }, + { + "advisory": "The Fides webserver is vulnerable to a type of Denial of Service (DoS) attack. Attackers can exploit a weakness in the connector template upload feature to upload a malicious zip bomb file, resulting in resource exhaustion and service unavailability for all users of the Fides webserver. This vulnerability affects Fides versions `2.11.0` through `2.15.1`. Exploitation is limited to users with elevated privileges with the `CONNECTOR_TEMPLATE_REGISTER` scope, which includes root users and users with the owner role. The vulnerability has been patched in Fides version `2.16.0`. Users are advised to upgrade to this version or later to secure their systems against this threat. There is no known workaround to remediate this vulnerability without upgrading. If an attack occurs, the impact can be mitigated by manually or automatically restarting the affected container.", + "cve": "CVE-2023-37480", + "id": "pyup.io-65025", + "more_info_path": "/vulnerabilities/CVE-2023-37480/65025", + "specs": [ + ">=2.11.0,<2.16.0" + ], + "v": ">=2.11.0,<2.16.0" + }, { "advisory": "Ethyca-fides 2.19.0 includes a fix for CVE-2023-41319: Remote Code Execution in Custom Integration Upload.\r\nhttps://github.com/ethyca/fides/security/advisories/GHSA-p6p2-qq95-vq5h", "cve": "CVE-2023-41319", @@ -44074,19 +44257,19 @@ }, { "advisory": "Evennia 0.8 updates its dependency 'pillow' to v5.2.0 to include security fixes.\r\nhttps://github.com/evennia/evennia/commit/6b7766d2956ae7be19f2cf7be0d43056c0accbb0", - "cve": "CVE-2016-9189", - "id": "pyup.io-52037", - "more_info_path": "/vulnerabilities/CVE-2016-9189/52037", + "cve": "CVE-2016-3076", + "id": "pyup.io-52038", + "more_info_path": "/vulnerabilities/CVE-2016-3076/52038", "specs": [ "<0.8" ], "v": "<0.8" }, { - "advisory": "Evennia 0.8 updates its dependency 'Django' minimum requirement to v1.11 to include security fixes.\r\nhttps://github.com/evennia/evennia/commit/6b7766d2956ae7be19f2cf7be0d43056c0accbb0", - "cve": "CVE-2016-9013", - "id": "pyup.io-52035", - "more_info_path": "/vulnerabilities/CVE-2016-9013/52035", + "advisory": "Evennia 0.8 updates its dependency 'pillow' to v5.2.0 to include security fixes.\r\nhttps://github.com/evennia/evennia/commit/6b7766d2956ae7be19f2cf7be0d43056c0accbb0", + "cve": "CVE-2016-9189", + "id": "pyup.io-52037", + "more_info_path": "/vulnerabilities/CVE-2016-9189/52037", "specs": [ "<0.8" ], @@ -44102,31 +44285,11 @@ ], "v": "<0.8" }, - { - "advisory": "Evennia 0.8 updates its dependency 'pillow' to v5.2.0 to include security fixes.\r\nhttps://github.com/evennia/evennia/commit/6b7766d2956ae7be19f2cf7be0d43056c0accbb0", - "cve": "CVE-2016-4009", - "id": "pyup.io-52036", - "more_info_path": "/vulnerabilities/CVE-2016-4009/52036", - "specs": [ - "<0.8" - ], - "v": "<0.8" - }, - { - "advisory": "Evennia 0.8 updates its dependency 'pillow' to v5.2.0 to include security fixes.\r\nhttps://github.com/evennia/evennia/commit/6b7766d2956ae7be19f2cf7be0d43056c0accbb0", - "cve": "CVE-2016-3076", - "id": "pyup.io-52038", - "more_info_path": "/vulnerabilities/CVE-2016-3076/52038", - "specs": [ - "<0.8" - ], - "v": "<0.8" - }, { "advisory": "Evennia 0.8 updates its dependency 'Django' minimum requirement to v1.11 to include security fixes.\r\nhttps://github.com/evennia/evennia/commit/6b7766d2956ae7be19f2cf7be0d43056c0accbb0", - "cve": "CVE-2016-9014", - "id": "pyup.io-52034", - "more_info_path": "/vulnerabilities/CVE-2016-9014/52034", + "cve": "CVE-2016-9013", + "id": "pyup.io-52035", + "more_info_path": "/vulnerabilities/CVE-2016-9013/52035", "specs": [ "<0.8" ], @@ -44172,6 +44335,26 @@ ], "v": "<0.8" }, + { + "advisory": "Evennia 0.8 updates its dependency 'Django' minimum requirement to v1.11 to include security fixes.\r\nhttps://github.com/evennia/evennia/commit/6b7766d2956ae7be19f2cf7be0d43056c0accbb0", + "cve": "CVE-2016-9014", + "id": "pyup.io-52034", + "more_info_path": "/vulnerabilities/CVE-2016-9014/52034", + "specs": [ + "<0.8" + ], + "v": "<0.8" + }, + { + "advisory": "Evennia 0.8 updates its dependency 'pillow' to v5.2.0 to include security fixes.\r\nhttps://github.com/evennia/evennia/commit/6b7766d2956ae7be19f2cf7be0d43056c0accbb0", + "cve": "CVE-2016-4009", + "id": "pyup.io-52036", + "more_info_path": "/vulnerabilities/CVE-2016-4009/52036", + "specs": [ + "<0.8" + ], + "v": "<0.8" + }, { "advisory": "Evennia 0.9.5 updates its dependency 'twisted' minimum requirement to \">=20.3.0\" to include security fixes.", "cve": "CVE-2019-12855", @@ -45243,6 +45426,18 @@ "v": "<0.2.2" } ], + "fastagency": [ + { + "advisory": "Affected versions of the fastagency package are vulnerable to Server-Side Request Forgery (SSRF) (CWE-918). This vulnerability may lead to unauthorized requests being made to internal or external services, potentially exposing sensitive data or enabling further attacks. The issue exists in the OAuth2PasswordBearer class's get_token method, where the token_url is constructed from unvalidated OpenAPI schema parameters. Attackers can exploit this by supplying malicious OpenAPI schemas with crafted token_url values, causing the application to send requests to unintended endpoints.", + "cve": "PVE-2024-73616", + "id": "pyup.io-73616", + "more_info_path": "/vulnerabilities/PVE-2024-73616/73616", + "specs": [ + "<0.2.4" + ], + "v": "<0.2.4" + } + ], "fastapi": [ { "advisory": "FastAPI 0.109.1 addresses a critical security issue by upgrading its dependency python-multipart to version >=0.0.7. The upgrade mitigates a Regular Expression Denial of Service (ReDoS) vulnerability, which occurs when parsing form data. \r\nhttps://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389", @@ -45325,20 +45520,20 @@ "v": "<0.75.2" }, { - "advisory": "Fastapi 0.75.2 updates its NPM dependency 'swagger-ui' to include security fixes.", - "cve": "CVE-2018-25031", - "id": "pyup.io-48160", - "more_info_path": "/vulnerabilities/CVE-2018-25031/48160", + "advisory": "Fastapi 0.75.2 updates its dependency 'ujson' ranges to include a security fix.", + "cve": "CVE-2021-45958", + "id": "pyup.io-48159", + "more_info_path": "/vulnerabilities/CVE-2021-45958/48159", "specs": [ "<0.75.2" ], "v": "<0.75.2" }, { - "advisory": "Fastapi 0.75.2 updates its dependency 'ujson' ranges to include a security fix.", - "cve": "CVE-2021-45958", - "id": "pyup.io-48159", - "more_info_path": "/vulnerabilities/CVE-2021-45958/48159", + "advisory": "Fastapi 0.75.2 updates its NPM dependency 'swagger-ui' to include security fixes.", + "cve": "CVE-2018-25031", + "id": "pyup.io-48160", + "more_info_path": "/vulnerabilities/CVE-2018-25031/48160", "specs": [ "<0.75.2" ], @@ -45637,7 +45832,7 @@ "v": "<2.0.0" }, { - "advisory": "Fastapi-opa has updated `cryptography` to versions 42.0.4 and 42.0.8 to address vulnerabilities such as CVE-2024-4603.", + "advisory": "Fastapi-opa updates its dependency 'cryptography' to version 42.0.8 to include a security fix for CVE-2024-4603.", "cve": "CVE-2024-4603", "id": "pyup.io-72179", "more_info_path": "/vulnerabilities/CVE-2024-4603/72179", @@ -45921,6 +46116,16 @@ "<0.1.2" ], "v": "<0.1.2" + }, + { + "advisory": "Feast is potentially vulnerable to XSS in Jinja2 Environment().", + "cve": "PVE-2024-73884", + "id": "pyup.io-73884", + "more_info_path": "/vulnerabilities/PVE-2024-73884/73884", + "specs": [ + ">0" + ], + "v": ">0" } ], "featurebyte": [ @@ -46715,6 +46920,31 @@ "v": "<0.0.5" } ], + "flag-leak-r": [ + { + "advisory": "The OpenSSF Package Analysis project identified 'flag-leak-r' @ 0.1.0 (pypi) as malicious.", + "cve": "PVE-2024-73972", + "id": "pyup.io-73972", + "more_info_path": "/vulnerabilities/PVE-2024-73972/73972", + "specs": [ + "<=0", + ">=0" + ], + "v": "<=0,>=0" + } + ], + "flair": [ + { + "advisory": "Affected versions of flairNLP are vulnerable to Remote Code Execution (CWE-94) through Code Injection. An attacker can execute arbitrary code by manipulating model files loaded by ClusteringModel in flair/models/clustering.py. An attacker can craft malicious model files that, when loaded by the target application, execute arbitrary code. While exploitability requires specific conditions and is considered difficult, working exploits are publicly available. To remediate, upgrade beyond version 0.14.0 or implement strict model file validation.", + "cve": "CVE-2024-10073", + "id": "pyup.io-73973", + "more_info_path": "/vulnerabilities/CVE-2024-10073/73973", + "specs": [ + ">=0" + ], + "v": ">=0" + } + ], "flambe": [ { "advisory": "Flambe 0.4.16 fixes a vulnerability with PyYAML < 5.3.1.", @@ -46850,20 +47080,20 @@ "v": "<0.2.0" }, { - "advisory": "Flask-appbuilder 0.7.8 has better security than previous versions. No details are given.", - "cve": "PVE-2021-37064", - "id": "pyup.io-37064", - "more_info_path": "/vulnerabilities/PVE-2021-37064/37064", + "advisory": "flask-appbuilder 0.7.8 adds new, added optional parameter \"label\" and \"category_label\" for menu items, better security and i18n", + "cve": "PVE-2021-37905", + "id": "pyup.io-37905", + "more_info_path": "/vulnerabilities/PVE-2021-37905/37905", "specs": [ "<0.7.8" ], "v": "<0.7.8" }, { - "advisory": "flask-appbuilder 0.7.8 adds new, added optional parameter \"label\" and \"category_label\" for menu items, better security and i18n", - "cve": "PVE-2021-37905", - "id": "pyup.io-37905", - "more_info_path": "/vulnerabilities/PVE-2021-37905/37905", + "advisory": "Flask-appbuilder 0.7.8 has better security than previous versions. No details are given.", + "cve": "PVE-2021-37064", + "id": "pyup.io-37064", + "more_info_path": "/vulnerabilities/PVE-2021-37064/37064", "specs": [ "<0.7.8" ], @@ -47000,20 +47230,20 @@ "v": "<4.3.2" }, { - "advisory": "Flask-appbuilder's update from dnspython 2.4.2 to 2.6.1 addresses CVE-2023-29483.", - "cve": "CVE-2023-29483", - "id": "pyup.io-73008", - "more_info_path": "/vulnerabilities/CVE-2023-29483/73008", + "advisory": "In flask-appbuilder affected versions, the authentication database login form's default cache directives allow browsers to locally store sensitive data. This poses a security risk, particularly in environments where computer resources are shared. The latest release contains a patch addressing this issue. If upgrading is not feasible, users can mitigate the vulnerability by configuring their web server to send specific HTTP headers for the /login endpoint, following the instructions provided in the GitHub Security Advisory.", + "cve": "CVE-2024-45314", + "id": "pyup.io-73129", + "more_info_path": "/vulnerabilities/CVE-2024-45314/73129", "specs": [ "<4.5.1" ], "v": "<4.5.1" }, { - "advisory": "In flask-appbuilder affected versions, the authentication database login form's default cache directives allow browsers to locally store sensitive data. This poses a security risk, particularly in environments where computer resources are shared. The latest release contains a patch addressing this issue. If upgrading is not feasible, users can mitigate the vulnerability by configuring their web server to send specific HTTP headers for the /login endpoint, following the instructions provided in the GitHub Security Advisory.", - "cve": "CVE-2024-45314", - "id": "pyup.io-73129", - "more_info_path": "/vulnerabilities/CVE-2024-45314/73129", + "advisory": "Flask-appbuilder's update from dnspython 2.4.2 to 2.6.1 addresses CVE-2023-29483.", + "cve": "CVE-2023-29483", + "id": "pyup.io-73008", + "more_info_path": "/vulnerabilities/CVE-2023-29483/73008", "specs": [ "<4.5.1" ], @@ -47708,6 +47938,18 @@ "v": "<6.12.0" } ], + "flexeval": [ + { + "advisory": "Affected versions of the flexeval package are vulnerable to Code Injection (CWE-94). This vulnerability permits attackers to execute arbitrary code by exploiting unsandboxed Jinja2 template rendering. The attack vector involves crafting malicious templates that, when processed, can access and execute unsafe code on the host system. The vulnerability exists in the use of jinja2.Environment without sandboxing mechanisms. To mitigate this issue, developers updated their code to use jinja2.sandbox.ImmutableSandboxedEnvironment, which restricts the execution of unsafe operations during template rendering.", + "cve": "PVE-2024-73613", + "id": "pyup.io-73613", + "more_info_path": "/vulnerabilities/PVE-2024-73613/73613", + "specs": [ + "<0.7.1" + ], + "v": "<0.7.1" + } + ], "flexmeasures": [ { "advisory": "Flexmeasures 0.17 upgrades the Pillow dependency to versions >=10.0.1 due to vulnerabilities present in earlier versions.\r\nhttps://github.com/FlexMeasures/flexmeasures/pull/872/commits/843b9f1f385b016323242bbea3f464c86525c975", @@ -47846,50 +48088,50 @@ "v": "<1.1.0" }, { - "advisory": "Flytekit 1.2.0 updates its dependency 'mistune' to v2.0.3 to include a security fix.", - "cve": "CVE-2022-34749", - "id": "pyup.io-51329", - "more_info_path": "/vulnerabilities/CVE-2022-34749/51329", + "advisory": "Flytekit 1.2.0 updates its dependency 'notebook' to v6.4.12 to include a security fix.", + "cve": "CVE-2022-29238", + "id": "pyup.io-51330", + "more_info_path": "/vulnerabilities/CVE-2022-29238/51330", "specs": [ "<1.2.0" ], "v": "<1.2.0" }, { - "advisory": "Flytekit 1.2.0 updates its dependency 'pyspark' to v3.3.0 to include a security fix.", - "cve": "CVE-2022-33891", - "id": "pyup.io-51332", - "more_info_path": "/vulnerabilities/CVE-2022-33891/51332", + "advisory": "Flytekit 1.2.0 updates its dependency 'cookiecutter' to v2.1.1 to include a security fix.", + "cve": "CVE-2022-24065", + "id": "pyup.io-51331", + "more_info_path": "/vulnerabilities/CVE-2022-24065/51331", "specs": [ "<1.2.0" ], "v": "<1.2.0" }, { - "advisory": "Flytekit 1.2.0 updates its dependency 'oauthlib' to v3.2.1 to include a security fix.", - "cve": "CVE-2022-36087", - "id": "pyup.io-51333", - "more_info_path": "/vulnerabilities/CVE-2022-36087/51333", + "advisory": "Flytekit 1.2.0 updates its dependency 'lxml' to v4.9.1 to include a security fix.", + "cve": "CVE-2022-2309", + "id": "pyup.io-51327", + "more_info_path": "/vulnerabilities/CVE-2022-2309/51327", "specs": [ "<1.2.0" ], "v": "<1.2.0" }, { - "advisory": "Flytekit 1.2.0 updates its dependency 'notebook' to v6.4.12 to include a security fix.", - "cve": "CVE-2022-29238", - "id": "pyup.io-51330", - "more_info_path": "/vulnerabilities/CVE-2022-29238/51330", + "advisory": "Flytekit 1.2.0 updates its dependency 'oauthlib' to v3.2.1 to include a security fix.", + "cve": "CVE-2022-36087", + "id": "pyup.io-51333", + "more_info_path": "/vulnerabilities/CVE-2022-36087/51333", "specs": [ "<1.2.0" ], "v": "<1.2.0" }, { - "advisory": "Flytekit 1.2.0 updates its dependency 'lxml' to v4.9.1 to include a security fix.", - "cve": "CVE-2022-2309", - "id": "pyup.io-51327", - "more_info_path": "/vulnerabilities/CVE-2022-2309/51327", + "advisory": "Flytekit 1.2.0 updates its dependency 'pyspark' to v3.3.0 to include a security fix.", + "cve": "CVE-2022-33891", + "id": "pyup.io-51332", + "more_info_path": "/vulnerabilities/CVE-2022-33891/51332", "specs": [ "<1.2.0" ], @@ -47906,10 +48148,10 @@ "v": "<1.2.0" }, { - "advisory": "Flytekit 1.2.0 updates its dependency 'cookiecutter' to v2.1.1 to include a security fix.", - "cve": "CVE-2022-24065", - "id": "pyup.io-51331", - "more_info_path": "/vulnerabilities/CVE-2022-24065/51331", + "advisory": "Flytekit 1.2.0 updates its dependency 'mistune' to v2.0.3 to include a security fix.", + "cve": "CVE-2022-34749", + "id": "pyup.io-51329", + "more_info_path": "/vulnerabilities/CVE-2022-34749/51329", "specs": [ "<1.2.0" ], @@ -48188,20 +48430,20 @@ "v": "<1.3.0a3" }, { - "advisory": "Fractal-server 1.3.0a3 updates its dependency 'cryptography' to version '41.0.1' to include a security fix.\r\nhttps://github.com/fractal-analytics-platform/fractal-server/pull/739/commits/ec5bbd57acabf5a1fc357cfb96c21e059c619475", - "cve": "CVE-2023-2650", - "id": "pyup.io-59002", - "more_info_path": "/vulnerabilities/CVE-2023-2650/59002", + "advisory": "Fractal-server 1.3.0a3 updates its dependency 'requests' to version '2.31.0' to include a security fix.\r\nhttps://github.com/fractal-analytics-platform/fractal-server/pull/723", + "cve": "CVE-2023-32681", + "id": "pyup.io-59000", + "more_info_path": "/vulnerabilities/CVE-2023-32681/59000", "specs": [ "<1.3.0a3" ], "v": "<1.3.0a3" }, { - "advisory": "Fractal-server 1.3.0a3 updates its dependency 'requests' to version '2.31.0' to include a security fix.\r\nhttps://github.com/fractal-analytics-platform/fractal-server/pull/723", - "cve": "CVE-2023-32681", - "id": "pyup.io-59000", - "more_info_path": "/vulnerabilities/CVE-2023-32681/59000", + "advisory": "Fractal-server 1.3.0a3 updates its dependency 'cryptography' to version '41.0.1' to include a security fix.\r\nhttps://github.com/fractal-analytics-platform/fractal-server/pull/739/commits/ec5bbd57acabf5a1fc357cfb96c21e059c619475", + "cve": "CVE-2023-2650", + "id": "pyup.io-59002", + "more_info_path": "/vulnerabilities/CVE-2023-2650/59002", "specs": [ "<1.3.0a3" ], @@ -48834,16 +49076,6 @@ } ], "fundaml": [ - { - "advisory": "Fundaml 0.1.32 updates its dependency 'setuptools' to version '65.5.1' to include a fix for a ReDoS vulnerability.\r\nhttps://github.com/tzoght/fundaml/commit/95aeda8943821f08e322cf77b4411047afba861e", - "cve": "CVE-2022-40897", - "id": "pyup.io-59397", - "more_info_path": "/vulnerabilities/CVE-2022-40897/59397", - "specs": [ - "<0.1.32" - ], - "v": "<0.1.32" - }, { "advisory": "Fundaml 0.1.32 updates its dependency 'ipython' to version '8.10.0' to include a fix for a Remote Code Execution vulnerability.\r\nhttps://github.com/tzoght/fundaml/commit/02e60c4d8474aa673f02a65556fef2382fe4cf16", "cve": "CVE-2023-24816", @@ -48863,6 +49095,16 @@ "<0.1.32" ], "v": "<0.1.32" + }, + { + "advisory": "Fundaml 0.1.32 updates its dependency 'setuptools' to version '65.5.1' to include a fix for a ReDoS vulnerability.\r\nhttps://github.com/tzoght/fundaml/commit/95aeda8943821f08e322cf77b4411047afba861e", + "cve": "CVE-2022-40897", + "id": "pyup.io-59397", + "more_info_path": "/vulnerabilities/CVE-2022-40897/59397", + "specs": [ + "<0.1.32" + ], + "v": "<0.1.32" } ], "fundnsf": [ @@ -49412,20 +49654,20 @@ ], "geonode": [ { - "advisory": "Geonode 2.10 updates 'urllib3' to v1.24.2 to include security fixes.", - "cve": "CVE-2018-20060", - "id": "pyup.io-42969", - "more_info_path": "/vulnerabilities/CVE-2018-20060/42969", + "advisory": "Geonode 2.10 updates 'twisted' to v19.2.1 to include security fixes.", + "cve": "PVE-2021-37040", + "id": "pyup.io-42971", + "more_info_path": "/vulnerabilities/PVE-2021-37040/42971", "specs": [ "<2.10" ], "v": "<2.10" }, { - "advisory": "Geonode 2.10 updates 'twisted' to v19.2.1 to include security fixes.", - "cve": "CVE-2019-12387", - "id": "pyup.io-42970", - "more_info_path": "/vulnerabilities/CVE-2019-12387/42970", + "advisory": "Geonode 2.10 updates 'urllib3' to v1.24.2 to include security fixes.", + "cve": "CVE-2019-11324", + "id": "pyup.io-42968", + "more_info_path": "/vulnerabilities/CVE-2019-11324/42968", "specs": [ "<2.10" ], @@ -49442,20 +49684,20 @@ "v": "<2.10" }, { - "advisory": "Geonode 2.10 updates 'urllib3' to v1.24.2 to include security fixes.", - "cve": "CVE-2019-11324", - "id": "pyup.io-42968", - "more_info_path": "/vulnerabilities/CVE-2019-11324/42968", + "advisory": "Geonode 2.10 updates 'twisted' to v19.2.1 to include security fixes.", + "cve": "CVE-2019-12387", + "id": "pyup.io-42970", + "more_info_path": "/vulnerabilities/CVE-2019-12387/42970", "specs": [ "<2.10" ], "v": "<2.10" }, { - "advisory": "Geonode 2.10 updates 'twisted' to v19.2.1 to include security fixes.", - "cve": "PVE-2021-37040", - "id": "pyup.io-42971", - "more_info_path": "/vulnerabilities/PVE-2021-37040/42971", + "advisory": "Geonode 2.10 updates 'urllib3' to v1.24.2 to include security fixes.", + "cve": "CVE-2018-20060", + "id": "pyup.io-42969", + "more_info_path": "/vulnerabilities/CVE-2018-20060/42969", "specs": [ "<2.10" ], @@ -49713,6 +49955,16 @@ "<23.9.0" ], "v": "<23.9.0" + }, + { + "advisory": "Affected versions of gevent are vulnerable to a Race Condition leading to Unauthorized Access \u2014 CWE-362. The attack can be carried out when the fallback socketpair implementation is used on platforms that lack native support, and the vulnerable function does not properly authenticate the connected sockets. To exploit this vulnerability, an attacker must be able to predict the address and port used by the fallback socketpair and establish a connection before the legitimate client. Users are advised to update to the version of gevent where this issue is fixed by introducing authentication steps in the fallback socketpair implementation to ensure the sockets are correctly connected.", + "cve": "PVE-2024-73655", + "id": "pyup.io-73655", + "more_info_path": "/vulnerabilities/PVE-2024-73655/73655", + "specs": [ + "<24.10.1" + ], + "v": "<24.10.1" } ], "geventhttpclient": [ @@ -49729,10 +49981,10 @@ ], "ggshield": [ { - "advisory": "Ggshield 1.18.0 updates its dependency 'cryptography' to version '41.0.3' to include a fix for a Denial of Service vulnerability.\r\nhttps://github.com/GitGuardian/ggshield/commit/3c67771a4d66accede14fa23dfce9ea51571e082", - "cve": "CVE-2023-3817", - "id": "pyup.io-60443", - "more_info_path": "/vulnerabilities/CVE-2023-3817/60443", + "advisory": "Ggshield 1.18.0 updates its dependency 'cryptography' to version '41.0.3' to include a fix for an Insufficient Verification of Data Authenticity vulnerability.\r\nhttps://github.com/GitGuardian/ggshield/commit/3c67771a4d66accede14fa23dfce9ea51571e082", + "cve": "CVE-2023-3446", + "id": "pyup.io-60487", + "more_info_path": "/vulnerabilities/CVE-2023-3446/60487", "specs": [ "<1.18.0" ], @@ -49749,10 +50001,10 @@ "v": "<1.18.0" }, { - "advisory": "Ggshield 1.18.0 updates its dependency 'cryptography' to version '41.0.3' to include a fix for an Insufficient Verification of Data Authenticity vulnerability.\r\nhttps://github.com/GitGuardian/ggshield/commit/3c67771a4d66accede14fa23dfce9ea51571e082", - "cve": "CVE-2023-3446", - "id": "pyup.io-60487", - "more_info_path": "/vulnerabilities/CVE-2023-3446/60487", + "advisory": "Ggshield 1.18.0 updates its dependency 'cryptography' to version '41.0.3' to include a fix for a Denial of Service vulnerability.\r\nhttps://github.com/GitGuardian/ggshield/commit/3c67771a4d66accede14fa23dfce9ea51571e082", + "cve": "CVE-2023-3817", + "id": "pyup.io-60443", + "more_info_path": "/vulnerabilities/CVE-2023-3817/60443", "specs": [ "<1.18.0" ], @@ -50114,9 +50366,9 @@ "githubkit": [ { "advisory": "Githubkit 0.9.4 updates its dependency 'cryptography' to v38.0.3 to include security fixes.", - "cve": "CVE-2022-3602", - "id": "pyup.io-52515", - "more_info_path": "/vulnerabilities/CVE-2022-3602/52515", + "cve": "CVE-2022-3786", + "id": "pyup.io-52470", + "more_info_path": "/vulnerabilities/CVE-2022-3786/52470", "specs": [ "<0.9.4" ], @@ -50124,9 +50376,9 @@ }, { "advisory": "Githubkit 0.9.4 updates its dependency 'cryptography' to v38.0.3 to include security fixes.", - "cve": "CVE-2022-3786", - "id": "pyup.io-52470", - "more_info_path": "/vulnerabilities/CVE-2022-3786/52470", + "cve": "CVE-2022-3602", + "id": "pyup.io-52515", + "more_info_path": "/vulnerabilities/CVE-2022-3602/52515", "specs": [ "<0.9.4" ], @@ -51082,6 +51334,26 @@ ], "v": "<0.67.0" }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-21735", + "id": "pyup.io-51190", + "more_info_path": "/vulnerabilities/CVE-2022-21735/51190", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-23573", + "id": "pyup.io-51214", + "more_info_path": "/vulnerabilities/CVE-2022-23573/51214", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", "cve": "CVE-2022-21736", @@ -51104,9 +51376,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21734", - "id": "pyup.io-51189", - "more_info_path": "/vulnerabilities/CVE-2022-21734/51189", + "cve": "CVE-2022-23582", + "id": "pyup.io-51222", + "more_info_path": "/vulnerabilities/CVE-2022-23582/51222", "specs": [ "<1.12.0" ], @@ -51114,9 +51386,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23565", - "id": "pyup.io-51206", - "more_info_path": "/vulnerabilities/CVE-2022-23565/51206", + "cve": "CVE-2018-25032", + "id": "pyup.io-51177", + "more_info_path": "/vulnerabilities/CVE-2018-25032/51177", "specs": [ "<1.12.0" ], @@ -51124,9 +51396,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23585", - "id": "pyup.io-51225", - "more_info_path": "/vulnerabilities/CVE-2022-23585/51225", + "cve": "CVE-2022-21733", + "id": "pyup.io-51188", + "more_info_path": "/vulnerabilities/CVE-2022-21733/51188", "specs": [ "<1.12.0" ], @@ -51134,9 +51406,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21740", - "id": "pyup.io-51195", - "more_info_path": "/vulnerabilities/CVE-2022-21740/51195", + "cve": "CVE-2022-21728", + "id": "pyup.io-51183", + "more_info_path": "/vulnerabilities/CVE-2022-21728/51183", "specs": [ "<1.12.0" ], @@ -51144,9 +51416,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23582", - "id": "pyup.io-51222", - "more_info_path": "/vulnerabilities/CVE-2022-23582/51222", + "cve": "CVE-2022-23562", + "id": "pyup.io-51203", + "more_info_path": "/vulnerabilities/CVE-2022-23562/51203", "specs": [ "<1.12.0" ], @@ -51154,9 +51426,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2018-25032", - "id": "pyup.io-51177", - "more_info_path": "/vulnerabilities/CVE-2018-25032/51177", + "cve": "CVE-2022-23595", + "id": "pyup.io-51231", + "more_info_path": "/vulnerabilities/CVE-2022-23595/51231", "specs": [ "<1.12.0" ], @@ -51164,9 +51436,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21737", - "id": "pyup.io-51192", - "more_info_path": "/vulnerabilities/CVE-2022-21737/51192", + "cve": "CVE-2022-21726", + "id": "pyup.io-51181", + "more_info_path": "/vulnerabilities/CVE-2022-21726/51181", "specs": [ "<1.12.0" ], @@ -51174,9 +51446,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23568", - "id": "pyup.io-51209", - "more_info_path": "/vulnerabilities/CVE-2022-23568/51209", + "cve": "CVE-2022-21731", + "id": "pyup.io-51186", + "more_info_path": "/vulnerabilities/CVE-2022-21731/51186", "specs": [ "<1.12.0" ], @@ -51184,9 +51456,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23583", - "id": "pyup.io-51223", - "more_info_path": "/vulnerabilities/CVE-2022-23583/51223", + "cve": "CVE-2022-23570", + "id": "pyup.io-51211", + "more_info_path": "/vulnerabilities/CVE-2022-23570/51211", "specs": [ "<1.12.0" ], @@ -51194,9 +51466,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21733", - "id": "pyup.io-51188", - "more_info_path": "/vulnerabilities/CVE-2022-21733/51188", + "cve": "CVE-2022-23577", + "id": "pyup.io-51218", + "more_info_path": "/vulnerabilities/CVE-2022-23577/51218", "specs": [ "<1.12.0" ], @@ -51204,9 +51476,19 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21741", - "id": "pyup.io-51196", - "more_info_path": "/vulnerabilities/CVE-2022-21741/51196", + "cve": "CVE-2022-23559", + "id": "pyup.io-51200", + "more_info_path": "/vulnerabilities/CVE-2022-23559/51200", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"numpy\" to v1.21.0 to include a security fix.", + "cve": "CVE-2021-33430", + "id": "pyup.io-51152", + "more_info_path": "/vulnerabilities/CVE-2021-33430/51152", "specs": [ "<1.12.0" ], @@ -51214,9 +51496,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23560", - "id": "pyup.io-51201", - "more_info_path": "/vulnerabilities/CVE-2022-23560/51201", + "cve": "CVE-2022-23581", + "id": "pyup.io-51221", + "more_info_path": "/vulnerabilities/CVE-2022-23581/51221", "specs": [ "<1.12.0" ], @@ -51224,9 +51506,69 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21727", - "id": "pyup.io-51182", - "more_info_path": "/vulnerabilities/CVE-2022-21727/51182", + "cve": "CVE-2022-21732", + "id": "pyup.io-51187", + "more_info_path": "/vulnerabilities/CVE-2022-21732/51187", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-23591", + "id": "pyup.io-51230", + "more_info_path": "/vulnerabilities/CVE-2022-23591/51230", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-21734", + "id": "pyup.io-51189", + "more_info_path": "/vulnerabilities/CVE-2022-21734/51189", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-23565", + "id": "pyup.io-51206", + "more_info_path": "/vulnerabilities/CVE-2022-23565/51206", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-21729", + "id": "pyup.io-51184", + "more_info_path": "/vulnerabilities/CVE-2022-21729/51184", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-23568", + "id": "pyup.io-51209", + "more_info_path": "/vulnerabilities/CVE-2022-23568/51209", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-23583", + "id": "pyup.io-51223", + "more_info_path": "/vulnerabilities/CVE-2022-23583/51223", "specs": [ "<1.12.0" ], @@ -51244,9 +51586,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23577", - "id": "pyup.io-51218", - "more_info_path": "/vulnerabilities/CVE-2022-23577/51218", + "cve": "CVE-2022-22576", + "id": "pyup.io-51197", + "more_info_path": "/vulnerabilities/CVE-2022-22576/51197", "specs": [ "<1.12.0" ], @@ -51254,9 +51596,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21728", - "id": "pyup.io-51183", - "more_info_path": "/vulnerabilities/CVE-2022-21728/51183", + "cve": "CVE-2022-21738", + "id": "pyup.io-51193", + "more_info_path": "/vulnerabilities/CVE-2022-21738/51193", "specs": [ "<1.12.0" ], @@ -51264,9 +51606,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23559", - "id": "pyup.io-51200", - "more_info_path": "/vulnerabilities/CVE-2022-23559/51200", + "cve": "CVE-2022-23574", + "id": "pyup.io-51215", + "more_info_path": "/vulnerabilities/CVE-2022-23574/51215", "specs": [ "<1.12.0" ], @@ -51274,9 +51616,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21735", - "id": "pyup.io-51190", - "more_info_path": "/vulnerabilities/CVE-2022-21735/51190", + "cve": "CVE-2022-21725", + "id": "pyup.io-51180", + "more_info_path": "/vulnerabilities/CVE-2022-21725/51180", "specs": [ "<1.12.0" ], @@ -51284,9 +51626,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23573", - "id": "pyup.io-51214", - "more_info_path": "/vulnerabilities/CVE-2022-23573/51214", + "cve": "CVE-2022-21730", + "id": "pyup.io-51185", + "more_info_path": "/vulnerabilities/CVE-2022-21730/51185", "specs": [ "<1.12.0" ], @@ -51294,9 +51636,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23562", - "id": "pyup.io-51203", - "more_info_path": "/vulnerabilities/CVE-2022-23562/51203", + "cve": "CVE-2022-23569", + "id": "pyup.io-51210", + "more_info_path": "/vulnerabilities/CVE-2022-23569/51210", "specs": [ "<1.12.0" ], @@ -51304,9 +51646,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23564", - "id": "pyup.io-51205", - "more_info_path": "/vulnerabilities/CVE-2022-23564/51205", + "cve": "CVE-2022-23589", + "id": "pyup.io-51229", + "more_info_path": "/vulnerabilities/CVE-2022-23589/51229", "specs": [ "<1.12.0" ], @@ -51314,9 +51656,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23595", - "id": "pyup.io-51231", - "more_info_path": "/vulnerabilities/CVE-2022-23595/51231", + "cve": "CVE-2022-23587", + "id": "pyup.io-51227", + "more_info_path": "/vulnerabilities/CVE-2022-23587/51227", "specs": [ "<1.12.0" ], @@ -51324,9 +51666,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23557", - "id": "pyup.io-51198", - "more_info_path": "/vulnerabilities/CVE-2022-23557/51198", + "cve": "CVE-2022-23585", + "id": "pyup.io-51225", + "more_info_path": "/vulnerabilities/CVE-2022-23585/51225", "specs": [ "<1.12.0" ], @@ -51334,9 +51676,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-22576", - "id": "pyup.io-51197", - "more_info_path": "/vulnerabilities/CVE-2022-22576/51197", + "cve": "CVE-2022-21740", + "id": "pyup.io-51195", + "more_info_path": "/vulnerabilities/CVE-2022-21740/51195", "specs": [ "<1.12.0" ], @@ -51344,9 +51686,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23584", - "id": "pyup.io-51224", - "more_info_path": "/vulnerabilities/CVE-2022-23584/51224", + "cve": "CVE-2022-21737", + "id": "pyup.io-51192", + "more_info_path": "/vulnerabilities/CVE-2022-21737/51192", "specs": [ "<1.12.0" ], @@ -51354,9 +51696,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21738", - "id": "pyup.io-51193", - "more_info_path": "/vulnerabilities/CVE-2022-21738/51193", + "cve": "CVE-2022-21741", + "id": "pyup.io-51196", + "more_info_path": "/vulnerabilities/CVE-2022-21741/51196", "specs": [ "<1.12.0" ], @@ -51364,9 +51706,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23574", - "id": "pyup.io-51215", - "more_info_path": "/vulnerabilities/CVE-2022-23574/51215", + "cve": "CVE-2022-23560", + "id": "pyup.io-51201", + "more_info_path": "/vulnerabilities/CVE-2022-23560/51201", "specs": [ "<1.12.0" ], @@ -51374,9 +51716,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23566", - "id": "pyup.io-51207", - "more_info_path": "/vulnerabilities/CVE-2022-23566/51207", + "cve": "CVE-2022-21727", + "id": "pyup.io-51182", + "more_info_path": "/vulnerabilities/CVE-2022-21727/51182", "specs": [ "<1.12.0" ], @@ -51384,9 +51726,39 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21725", - "id": "pyup.io-51180", - "more_info_path": "/vulnerabilities/CVE-2022-21725/51180", + "cve": "CVE-2022-23564", + "id": "pyup.io-51205", + "more_info_path": "/vulnerabilities/CVE-2022-23564/51205", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-23557", + "id": "pyup.io-51198", + "more_info_path": "/vulnerabilities/CVE-2022-23557/51198", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-23584", + "id": "pyup.io-51224", + "more_info_path": "/vulnerabilities/CVE-2022-23584/51224", + "specs": [ + "<1.12.0" + ], + "v": "<1.12.0" + }, + { + "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", + "cve": "CVE-2022-23566", + "id": "pyup.io-51207", + "more_info_path": "/vulnerabilities/CVE-2022-23566/51207", "specs": [ "<1.12.0" ], @@ -51412,16 +51784,6 @@ ], "v": "<1.12.0" }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21726", - "id": "pyup.io-51181", - "more_info_path": "/vulnerabilities/CVE-2022-21726/51181", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", "cve": "CVE-2022-23575", @@ -51432,26 +51794,6 @@ ], "v": "<1.12.0" }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"numpy\" to v1.21.0 to include a security fix.", - "cve": "CVE-2021-33430", - "id": "pyup.io-51152", - "more_info_path": "/vulnerabilities/CVE-2021-33430/51152", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21730", - "id": "pyup.io-51185", - "more_info_path": "/vulnerabilities/CVE-2022-21730/51185", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", "cve": "CVE-2022-21739", @@ -51462,36 +51804,6 @@ ], "v": "<1.12.0" }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21731", - "id": "pyup.io-51186", - "more_info_path": "/vulnerabilities/CVE-2022-21731/51186", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23569", - "id": "pyup.io-51210", - "more_info_path": "/vulnerabilities/CVE-2022-23569/51210", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23570", - "id": "pyup.io-51211", - "more_info_path": "/vulnerabilities/CVE-2022-23570/51211", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", "cve": "CVE-2022-23578", @@ -51504,19 +51816,9 @@ }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23589", - "id": "pyup.io-51229", - "more_info_path": "/vulnerabilities/CVE-2022-23589/51229", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23587", - "id": "pyup.io-51227", - "more_info_path": "/vulnerabilities/CVE-2022-23587/51227", + "cve": "CVE-2022-23571", + "id": "pyup.io-51212", + "more_info_path": "/vulnerabilities/CVE-2022-23571/51212", "specs": [ "<1.12.0" ], @@ -51532,46 +51834,6 @@ ], "v": "<1.12.0" }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23581", - "id": "pyup.io-51221", - "more_info_path": "/vulnerabilities/CVE-2022-23581/51221", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23591", - "id": "pyup.io-51230", - "more_info_path": "/vulnerabilities/CVE-2022-23591/51230", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21732", - "id": "pyup.io-51187", - "more_info_path": "/vulnerabilities/CVE-2022-21732/51187", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-21729", - "id": "pyup.io-51184", - "more_info_path": "/vulnerabilities/CVE-2022-21729/51184", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", "cve": "CVE-2022-23563", @@ -51602,16 +51864,6 @@ ], "v": "<1.12.0" }, - { - "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", - "cve": "CVE-2022-23571", - "id": "pyup.io-51212", - "more_info_path": "/vulnerabilities/CVE-2022-23571/51212", - "specs": [ - "<1.12.0" - ], - "v": "<1.12.0" - }, { "advisory": "Gordo 1.12.0 updates its dependency \"TensorFlow\" requirement to \"~=2.7.0\" to include security fixes.", "cve": "CVE-2022-23567", @@ -51643,20 +51895,20 @@ "v": "<5.1.3" }, { - "advisory": "Gordo 5.1.4 updates its dependency 'cryptography' to version '41.0.2' to fix an Improper Certificate Validation vulnerability.\r\nhttps://github.com/equinor/gordo/pull/1329", - "cve": "CVE-2023-38325", - "id": "pyup.io-59599", - "more_info_path": "/vulnerabilities/CVE-2023-38325/59599", + "advisory": "Gordo 5.1.4 updates its dependency 'mlflow' to version '2.5.0' to fix a Directory Traversal vulnerability.\r\nhttps://github.com/equinor/gordo/pull/1329", + "cve": "CVE-2023-3765", + "id": "pyup.io-59679", + "more_info_path": "/vulnerabilities/CVE-2023-3765/59679", "specs": [ "<5.1.4" ], "v": "<5.1.4" }, { - "advisory": "Gordo 5.1.4 updates its dependency 'mlflow' to version '2.5.0' to fix a Directory Traversal vulnerability.\r\nhttps://github.com/equinor/gordo/pull/1329", - "cve": "CVE-2023-3765", - "id": "pyup.io-59679", - "more_info_path": "/vulnerabilities/CVE-2023-3765/59679", + "advisory": "Gordo 5.1.4 updates its dependency 'cryptography' to version '41.0.2' to fix an Improper Certificate Validation vulnerability.\r\nhttps://github.com/equinor/gordo/pull/1329", + "cve": "CVE-2023-38325", + "id": "pyup.io-59599", + "more_info_path": "/vulnerabilities/CVE-2023-38325/59599", "specs": [ "<5.1.4" ], @@ -51941,20 +52193,20 @@ "v": "<4.18.0" }, { - "advisory": "A timing attack vulnerability exists in the gradio-app/gradio repository, specifically within the login function in routes.py. The vulnerability arises from the use of a direct comparison operation (`app.auth[username] == password`) to validate user credentials, which can be exploited to guess passwords based on response times. Successful exploitation of this vulnerability could allow an attacker to bypass authentication mechanisms and gain unauthorized access.", - "cve": "CVE-2024-1729", - "id": "pyup.io-71659", - "more_info_path": "/vulnerabilities/CVE-2024-1729/71659", + "advisory": "Gradio version 4.19.1 introduces security enhancements to protect against timing attacks that could potentially guess Gradio passwords.\r\nhttps://github.com/gradio-app/gradio/commit/e329f1fd38935213fe0e73962e8cbd5d3af6e87b", + "cve": "PVE-2024-65402", + "id": "pyup.io-65402", + "more_info_path": "/vulnerabilities/PVE-2024-65402/65402", "specs": [ "<4.19.1" ], "v": "<4.19.1" }, { - "advisory": "Gradio version 4.19.1 introduces security enhancements to protect against timing attacks that could potentially guess Gradio passwords.\r\nhttps://github.com/gradio-app/gradio/commit/e329f1fd38935213fe0e73962e8cbd5d3af6e87b", - "cve": "PVE-2024-65402", - "id": "pyup.io-65402", - "more_info_path": "/vulnerabilities/PVE-2024-65402/65402", + "advisory": "A timing attack vulnerability exists in the gradio-app/gradio repository, specifically within the login function in routes.py. The vulnerability arises from the use of a direct comparison operation (`app.auth[username] == password`) to validate user credentials, which can be exploited to guess passwords based on response times. Successful exploitation of this vulnerability could allow an attacker to bypass authentication mechanisms and gain unauthorized access.", + "cve": "CVE-2024-1729", + "id": "pyup.io-71659", + "more_info_path": "/vulnerabilities/CVE-2024-1729/71659", "specs": [ "<4.19.1" ], @@ -52021,7 +52273,7 @@ "v": "<4.22.0" }, { - "advisory": "A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio version 4.25. The vulnerability arises from improper input validation in the `postprocess()` function within `gradio/components/json_component.py`, where a user-controlled string is parsed as JSON. If the parsed JSON object contains a `path` key, the specified file is moved to a temporary directory, making it possible to retrieve it later via the `/file=..` endpoint. This issue is due to the `processing_utils.move_files_to_cache()` function traversing any object passed to it, looking for a dictionary with a `path` key, and then copying the specified file to a temporary directory. The vulnerability can be exploited by an attacker to read files on the remote system, posing a significant security risk.", + "advisory": "A local file inclusion vulnerability exists in the JSON component of gradio-app/gradio. The vulnerability arises from improper input validation in the `postprocess()` function within `gradio/components/json_component.py`, where a user-controlled string is parsed as JSON. If the parsed JSON object contains a `path` key, the specified file is moved to a temporary directory, making it possible to retrieve it later via the `/file=..` endpoint. This issue is due to the `processing_utils.move_files_to_cache()` function traversing any object passed to it, looking for a dictionary with a `path` key, and then copying the specified file to a temporary directory. The vulnerability can be exploited by an attacker to read files on the remote system, posing a significant security risk.", "cve": "CVE-2024-4941", "id": "pyup.io-71658", "more_info_path": "/vulnerabilities/CVE-2024-4941/71658", @@ -52040,6 +52292,26 @@ ], "v": "<4.9.0" }, + { + "advisory": "A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio, specifically within the `/queue/join` endpoint and the `save_url_to_cache` function. The vulnerability arises when the `path` value, obtained from the user and expected to be a URL, is used to make an HTTP request without sufficient validation checks. This flaw allows an attacker to send crafted requests that could lead to unauthorized access to the local network or the AWS metadata endpoint, thereby compromising the security of internal servers.", + "cve": "CVE-2024-4325", + "id": "pyup.io-71888", + "more_info_path": "/vulnerabilities/CVE-2024-4325/71888", + "specs": [ + "<5.0.0b1" + ], + "v": "<5.0.0b1" + }, + { + "advisory": "Affected versions of the Gradio package are vulnerable to a Race Condition (CWE-362). This vulnerability allows attackers to manipulate the shared configuration object, leading to the modification of the root URL in other users' configurations. Attackers can exploit this by sending requests with malicious headers, such as X-Forwarded-Host, to inject a fake root URL into the application's configuration. The vulnerable functions are update_root_in_config and route handlers that access and modify blocks.config without proper isolation. To mitigate this issue, update to the version of Gradio where each request operates on a deep copy of the configuration, ensuring that modifications in one request do not affect others.", + "cve": "PVE-2024-73631", + "id": "pyup.io-73631", + "more_info_path": "/vulnerabilities/PVE-2024-73631/73631", + "specs": [ + "<5.0.0beta.2" + ], + "v": "<5.0.0beta.2" + }, { "advisory": "Gradio 3.34.0 includes a fix for a path traversal vulnerability.\r\nhttps://github.com/gradio-app/gradio/pull/4370\r\nhttps://github.com/gradio-app/gradio/security/advisories/GHSA-3qqg-pgqq-3695", "cve": "CVE-2023-34239", @@ -52050,16 +52322,6 @@ ], "v": "<=3.33.1" }, - { - "advisory": "A Server-Side Request Forgery (SSRF) vulnerability exists in the gradio-app/gradio version 4.21.0, specifically within the `/queue/join` endpoint and the `save_url_to_cache` function. The vulnerability arises when the `path` value, obtained from the user and expected to be a URL, is used to make an HTTP request without sufficient validation checks. This flaw allows an attacker to send crafted requests that could lead to unauthorized access to the local network or the AWS metadata endpoint, thereby compromising the security of internal servers.", - "cve": "CVE-2024-4325", - "id": "pyup.io-71888", - "more_info_path": "/vulnerabilities/CVE-2024-4325/71888", - "specs": [ - "<=4.36.0" - ], - "v": "<=4.36.0" - }, { "advisory": "An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting (XSS), Server-Side Request Forgery (SSRF), amongst others. This issue is due to improper validation of user-supplied input in the handling of URLs. Attackers can exploit this vulnerability by crafting a malicious URL that, when processed by the application, redirects the user to an attacker-controlled web page.", "cve": "CVE-2024-4940", @@ -52393,20 +52655,20 @@ ], "grpcio": [ { - "advisory": "Grpcio 1.2.0 includes a fix for CVE-2017-7861: Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.\r\nhttps://github.com/grpc/grpc/pull/9833/commits/bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31", - "cve": "CVE-2017-7861", - "id": "pyup.io-47262", - "more_info_path": "/vulnerabilities/CVE-2017-7861/47262", + "advisory": "Grpcio 1.2.0 includes a fix for CVE-2017-7860: Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.\r\nhttps://github.com/grpc/grpc/pull/9833/commits/bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31", + "cve": "CVE-2017-7860", + "id": "pyup.io-47265", + "more_info_path": "/vulnerabilities/CVE-2017-7860/47265", "specs": [ "<1.2.0" ], "v": "<1.2.0" }, { - "advisory": "Grpcio 1.2.0 includes a fix for CVE-2017-7860: Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parse_unix function in core/ext/client_channel/parse_address.c.\r\nhttps://github.com/grpc/grpc/pull/9833/commits/bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31", - "cve": "CVE-2017-7860", - "id": "pyup.io-47265", - "more_info_path": "/vulnerabilities/CVE-2017-7860/47265", + "advisory": "Grpcio 1.2.0 includes a fix for CVE-2017-7861: Google gRPC before 2017-02-22 has an out-of-bounds write related to the gpr_free function in core/lib/support/alloc.c.\r\nhttps://github.com/grpc/grpc/pull/9833/commits/bcd5f12e4bca2ed2c00cddb5ffd046aef6f4fb31", + "cve": "CVE-2017-7861", + "id": "pyup.io-47262", + "more_info_path": "/vulnerabilities/CVE-2017-7861/47262", "specs": [ "<1.2.0" ], @@ -52432,6 +52694,16 @@ ], "v": "<1.3.0" }, + { + "advisory": "Grpcio 1.53.0 includes a fix for a Connection Confusion vulnerability. When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration.\r\nhttps://github.com/advisories/GHSA-cfgp-2977-2fmm", + "cve": "CVE-2023-32731", + "id": "pyup.io-59869", + "more_info_path": "/vulnerabilities/CVE-2023-32731/59869", + "specs": [ + "<1.53.0" + ], + "v": "<1.53.0" + }, { "advisory": "Grpcio 1.53.0 includes a fix for a Connection Termination vulnerability. The prior versions contain a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies.\r\nhttps://github.com/advisories/GHSA-9hxf-ppjv-w6rq", "cve": "CVE-2023-32732", @@ -52482,16 +52754,6 @@ ], "v": "<1.53.0" }, - { - "advisory": "Grpcio 1.53.0 includes a fix for a Connection Confusion vulnerability. When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration.\r\nhttps://github.com/advisories/GHSA-cfgp-2977-2fmm", - "cve": "CVE-2023-32731", - "id": "pyup.io-59869", - "more_info_path": "/vulnerabilities/CVE-2023-32731/59869", - "specs": [ - "<1.53.0" - ], - "v": "<1.53.0" - }, { "advisory": "gRPC has a vulnerability linked to hpack table accounting errors, causing potential unwanted disconnects between clients and servers. Identified vectors include unbounded memory buffering and CPU consumption within the HPACK parser, leading to denial-of-service (DOS) attacks. The CPU issue stems from excessive copying, resulting in inefficient parsing. Memory issues arise from delayed header size checks, allowing large strings to be buffered, and a quirk in HPACK's integer encoding, permitting infinite zero-padding. Additionally, metadata overflow checks per frame could enable infinite buffering, compromising gRPC's stability and security.", "cve": "CVE-2023-33953", @@ -52856,20 +53118,20 @@ "v": "<2.8.3" }, { - "advisory": "Gyver 2.8.4 updates its dependency 'cryptography' to v41.0.4 to include a security fix.", - "cve": "CVE-2023-4807", - "id": "pyup.io-61510", - "more_info_path": "/vulnerabilities/CVE-2023-4807/61510", + "advisory": "Gyver 2.8.4 updates its dependency 'pydantic' to v2.4.1 to include a security fix.", + "cve": "PVE-2023-61416", + "id": "pyup.io-61501", + "more_info_path": "/vulnerabilities/PVE-2023-61416/61501", "specs": [ "<2.8.4" ], "v": "<2.8.4" }, { - "advisory": "Gyver 2.8.4 updates its dependency 'pydantic' to v2.4.1 to include a security fix.", - "cve": "PVE-2023-61416", - "id": "pyup.io-61501", - "more_info_path": "/vulnerabilities/PVE-2023-61416/61501", + "advisory": "Gyver 2.8.4 updates its dependency 'cryptography' to v41.0.4 to include a security fix.", + "cve": "CVE-2023-4807", + "id": "pyup.io-61510", + "more_info_path": "/vulnerabilities/CVE-2023-4807/61510", "specs": [ "<2.8.4" ], @@ -53121,9 +53383,9 @@ }, { "advisory": "Hail 0.2.80 updates dependencies related to 'log4j' to fix critical and severe vulnerabilities.\r\nhttps://github.com/hail-is/hail/commit/1ad3b9822d4f2d77442d6da93ea4d9ca87796d22", - "cve": "CVE-2021-45046", - "id": "pyup.io-43598", - "more_info_path": "/vulnerabilities/CVE-2021-45046/43598", + "cve": "CVE-2021-44228", + "id": "pyup.io-43597", + "more_info_path": "/vulnerabilities/CVE-2021-44228/43597", "specs": [ "<0.2.80" ], @@ -53131,9 +53393,9 @@ }, { "advisory": "Hail 0.2.80 updates dependencies related to 'log4j' to fix critical and severe vulnerabilities.\r\nhttps://github.com/hail-is/hail/commit/1ad3b9822d4f2d77442d6da93ea4d9ca87796d22", - "cve": "CVE-2021-44228", - "id": "pyup.io-43597", - "more_info_path": "/vulnerabilities/CVE-2021-44228/43597", + "cve": "CVE-2021-45046", + "id": "pyup.io-43598", + "more_info_path": "/vulnerabilities/CVE-2021-45046/43598", "specs": [ "<0.2.80" ], @@ -53821,6 +54083,16 @@ ], "v": "<2023.8.1" }, + { + "advisory": "Home assistant is an open source home automation. The Home Assistant login page allows users to use their local Home Assistant credentials and log in to another website that specifies the `redirect_uri` and `client_id` parameters. Although the `redirect_uri` validation typically ensures that it matches the `client_id` and the scheme represents either `http` or `https`, Home Assistant will fetch the `client_id` and check for `` HTML tags on the page. These URLs are not subjected to the same scheme validation and thus allow for arbitrary JavaScript execution on the Home Assistant administration page via usage of `javascript:` scheme URIs. This Cross-site Scripting (XSS) vulnerability can be executed on the Home Assistant frontend domain, which may be used for a full takeover of the Home Assistant account and installation. This issue has been addressed in version 2023.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "cve": "CVE-2023-41895", + "id": "pyup.io-70402", + "more_info_path": "/vulnerabilities/CVE-2023-41895/70402", + "specs": [ + "<2023.9.0" + ], + "v": "<2023.9.0" + }, { "advisory": "Homeassistant 2023.9.0 includes a fix for CVE-2023-41899: In affected versions the 'hassio.addon_stdin' is vulnerable to a partial Server-Side Request Forgery where an attacker capable of calling this service (e.g.: through GHSA-h2jp-7grc-9xpp) may be able to invoke any Supervisor REST API endpoints with a POST request. An attacker able to exploit will be able to control the data dictionary, including its addon and input key/values.\r\nhttps://github.com/home-assistant/core/pull/99232", "cve": "CVE-2023-41899", @@ -53841,16 +54113,6 @@ ], "v": "<2023.9.0" }, - { - "advisory": "Home assistant is an open source home automation. The audit team\u2019s analyses confirmed that the `redirect_uri` and `client_id` are alterable when logging in. Consequently, the code parameter utilized to fetch the `access_token` post-authentication will be sent to the URL specified in the aforementioned parameters. Since an arbitrary URL is permitted and `homeassistant.local` represents the preferred, default domain likely used and trusted by many users, an attacker could leverage this weakness to manipulate a user and retrieve account access. Notably, this attack strategy is plausible if the victim has exposed their Home Assistant to the Internet, since after acquiring the victim\u2019s `access_token` the adversary would need to utilize it directly towards the instance to achieve any pertinent malicious actions. To achieve this compromise attempt, the attacker must send a link with a `redirect_uri` that they control to the victim\u2019s own Home Assistant instance. In the eventuality the victim authenticates via said link, the attacker would obtain code sent to the specified URL in `redirect_uri`, which can then be leveraged to fetch an `access_token`. Pertinently, an attacker could increase the efficacy of this strategy by registering a near identical domain to `homeassistant.local`, which at first glance may appear legitimate and thereby obfuscate any malicious intentions. This issue has been addressed in version 2023.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", - "cve": "CVE-2023-41893", - "id": "pyup.io-65361", - "more_info_path": "/vulnerabilities/CVE-2023-41893/65361", - "specs": [ - "<2023.9.0" - ], - "v": "<2023.9.0" - }, { "advisory": "Home assistant is an open source home automation. The assessment verified that webhooks available in the webhook component are triggerable via the `*.ui.nabu.casa` URL without authentication, even when the webhook is marked as Only accessible from the local network. This issue is facilitated by the SniTun proxy, which sets the source address to 127.0.0.1 on all requests sent to the public URL and forwarded to the local Home Assistant. This issue has been addressed in version 2023.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", "cve": "CVE-2023-41894", @@ -53862,10 +54124,10 @@ "v": "<2023.9.0" }, { - "advisory": "Home assistant is an open source home automation. The Home Assistant login page allows users to use their local Home Assistant credentials and log in to another website that specifies the `redirect_uri` and `client_id` parameters. Although the `redirect_uri` validation typically ensures that it matches the `client_id` and the scheme represents either `http` or `https`, Home Assistant will fetch the `client_id` and check for `` HTML tags on the page. These URLs are not subjected to the same scheme validation and thus allow for arbitrary JavaScript execution on the Home Assistant administration page via usage of `javascript:` scheme URIs. This Cross-site Scripting (XSS) vulnerability can be executed on the Home Assistant frontend domain, which may be used for a full takeover of the Home Assistant account and installation. This issue has been addressed in version 2023.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", - "cve": "CVE-2023-41895", - "id": "pyup.io-70402", - "more_info_path": "/vulnerabilities/CVE-2023-41895/70402", + "advisory": "Home assistant is an open source home automation. The audit team\u2019s analyses confirmed that the `redirect_uri` and `client_id` are alterable when logging in. Consequently, the code parameter utilized to fetch the `access_token` post-authentication will be sent to the URL specified in the aforementioned parameters. Since an arbitrary URL is permitted and `homeassistant.local` represents the preferred, default domain likely used and trusted by many users, an attacker could leverage this weakness to manipulate a user and retrieve account access. Notably, this attack strategy is plausible if the victim has exposed their Home Assistant to the Internet, since after acquiring the victim\u2019s `access_token` the adversary would need to utilize it directly towards the instance to achieve any pertinent malicious actions. To achieve this compromise attempt, the attacker must send a link with a `redirect_uri` that they control to the victim\u2019s own Home Assistant instance. In the eventuality the victim authenticates via said link, the attacker would obtain code sent to the specified URL in `redirect_uri`, which can then be leveraged to fetch an `access_token`. Pertinently, an attacker could increase the efficacy of this strategy by registering a near identical domain to `homeassistant.local`, which at first glance may appear legitimate and thereby obfuscate any malicious intentions. This issue has been addressed in version 2023.9.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability.", + "cve": "CVE-2023-41893", + "id": "pyup.io-65361", + "more_info_path": "/vulnerabilities/CVE-2023-41893/65361", "specs": [ "<2023.9.0" ], @@ -53936,20 +54198,20 @@ ], "honeybee-radiance": [ { - "advisory": "Honeybee-radiance 1.64.132 updates its dev dependency 'wheel' to v0.38.1 to include a security fix.", - "cve": "CVE-2022-40898", - "id": "pyup.io-52981", - "more_info_path": "/vulnerabilities/CVE-2022-40898/52981", + "advisory": "Honeybee-radiance 1.64.132 updates its dev dependency 'setuptools' to v65.5.1 to include a security fix.", + "cve": "CVE-2022-40897", + "id": "pyup.io-52982", + "more_info_path": "/vulnerabilities/CVE-2022-40897/52982", "specs": [ "<1.64.132" ], "v": "<1.64.132" }, { - "advisory": "Honeybee-radiance 1.64.132 updates its dev dependency 'setuptools' to v65.5.1 to include a security fix.", - "cve": "CVE-2022-40897", - "id": "pyup.io-52982", - "more_info_path": "/vulnerabilities/CVE-2022-40897/52982", + "advisory": "Honeybee-radiance 1.64.132 updates its dev dependency 'wheel' to v0.38.1 to include a security fix.", + "cve": "CVE-2022-40898", + "id": "pyup.io-52981", + "more_info_path": "/vulnerabilities/CVE-2022-40898/52981", "specs": [ "<1.64.132" ], @@ -55326,16 +55588,6 @@ ], "v": "<3.4.0" }, - { - "advisory": "Hotaru 3.4.0 updates its dependency 'Tensorflow' minimum requirement to v2.6.1 to include security fixes.", - "cve": "CVE-2021-29544", - "id": "pyup.io-45907", - "more_info_path": "/vulnerabilities/CVE-2021-29544/45907", - "specs": [ - "<3.4.0" - ], - "v": "<3.4.0" - }, { "advisory": "Hotaru 3.4.0 updates its dependency 'Tensorflow' minimum requirement to v2.6.1 to include security fixes.", "cve": "CVE-2021-29545", @@ -56306,6 +56558,16 @@ ], "v": "<3.4.0" }, + { + "advisory": "Hotaru 3.4.0 updates its dependency 'Tensorflow' minimum requirement to v2.6.1 to include security fixes.", + "cve": "CVE-2021-29544", + "id": "pyup.io-45907", + "more_info_path": "/vulnerabilities/CVE-2021-29544/45907", + "specs": [ + "<3.4.0" + ], + "v": "<3.4.0" + }, { "advisory": "Hotaru 3.4.1 updates its dependency 'TensorFlow' minimum requirement to v2.8.0 to include security fixes.", "cve": "CVE-2022-21738", @@ -59808,20 +60070,20 @@ "v": "<2.12.1,>=2.13.0rc0,<2.13.0" }, { - "advisory": "Intel-tensorflow updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", - "cve": "CVE-2023-38545", - "id": "pyup.io-73085", - "more_info_path": "/vulnerabilities/CVE-2023-38545/73085", + "advisory": "intel-tensorflow updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", + "cve": "CVE-2023-38546", + "id": "pyup.io-73086", + "more_info_path": "/vulnerabilities/CVE-2023-38546/73086", "specs": [ "<2.14.0" ], "v": "<2.14.0" }, { - "advisory": "intel-tensorflow updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", - "cve": "CVE-2023-38546", - "id": "pyup.io-73086", - "more_info_path": "/vulnerabilities/CVE-2023-38546/73086", + "advisory": "Intel-tensorflow 2.14.0 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", + "cve": "CVE-2023-38545", + "id": "pyup.io-73085", + "more_info_path": "/vulnerabilities/CVE-2023-38545/73085", "specs": [ "<2.14.0" ], @@ -63368,10 +63630,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Intel-tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29544: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.QuantizeAndDequantizeV4Grad'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the 'input_*' tensors. In turn, this results in the tensors being passes as they are to 'QuantizeAndDequantizePerChannelGradientImpl' (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the 'vec' method, requires the rank to 1 and triggers a 'CHECK' failure otherwise.", - "cve": "CVE-2021-29544", - "id": "pyup.io-56959", - "more_info_path": "/vulnerabilities/CVE-2021-29544/56959", + "advisory": "Intel-tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29543: An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.", + "cve": "CVE-2021-29543", + "id": "pyup.io-56958", + "more_info_path": "/vulnerabilities/CVE-2021-29543/56958", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -63382,10 +63644,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3" }, { - "advisory": "Intel-tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29543: An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.", - "cve": "CVE-2021-29543", - "id": "pyup.io-56958", - "more_info_path": "/vulnerabilities/CVE-2021-29543/56958", + "advisory": "Intel-tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29544: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.QuantizeAndDequantizeV4Grad'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the 'input_*' tensors. In turn, this results in the tensors being passes as they are to 'QuantizeAndDequantizePerChannelGradientImpl' (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the 'vec' method, requires the rank to 1 and triggers a 'CHECK' failure otherwise.", + "cve": "CVE-2021-29544", + "id": "pyup.io-56959", + "more_info_path": "/vulnerabilities/CVE-2021-29544/56959", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -65728,7 +65990,7 @@ "v": "<2.14.0" }, { - "advisory": "Intel-tensorflow-avx512 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", + "advisory": "Intel-tensorflow-avx512 2.14.0 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", "cve": "CVE-2023-38545", "id": "pyup.io-73087", "more_info_path": "/vulnerabilities/CVE-2023-38545/73087", @@ -69202,10 +69464,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Intel-tensorflow-avx512 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29544: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.QuantizeAndDequantizeV4Grad'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the 'input_*' tensors. In turn, this results in the tensors being passes as they are to 'QuantizeAndDequantizePerChannelGradientImpl' (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the 'vec' method, requires the rank to 1 and triggers a 'CHECK' failure otherwise.", - "cve": "CVE-2021-29544", - "id": "pyup.io-57436", - "more_info_path": "/vulnerabilities/CVE-2021-29544/57436", + "advisory": "Intel-tensorflow-avx512 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29543: An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.", + "cve": "CVE-2021-29543", + "id": "pyup.io-57435", + "more_info_path": "/vulnerabilities/CVE-2021-29543/57435", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -69216,10 +69478,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3" }, { - "advisory": "Intel-tensorflow-avx512 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29543: An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.", - "cve": "CVE-2021-29543", - "id": "pyup.io-57435", - "more_info_path": "/vulnerabilities/CVE-2021-29543/57435", + "advisory": "Intel-tensorflow-avx512 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29544: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.QuantizeAndDequantizeV4Grad'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the 'input_*' tensors. In turn, this results in the tensors being passes as they are to 'QuantizeAndDequantizePerChannelGradientImpl' (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the 'vec' method, requires the rank to 1 and triggers a 'CHECK' failure otherwise.", + "cve": "CVE-2021-29544", + "id": "pyup.io-57436", + "more_info_path": "/vulnerabilities/CVE-2021-29544/57436", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -71855,20 +72117,20 @@ "v": "<0.0.85" }, { - "advisory": "Ipyflow 0.0.85 updates its NPM dependency 'nanoid' to v3.2.0 to include a security fix.", - "cve": "CVE-2021-23566", - "id": "pyup.io-51711", - "more_info_path": "/vulnerabilities/CVE-2021-23566/51711", + "advisory": "Ipyflow 0.0.85 updates its NPM dependency 'url-parse' to v1.5.10 to include security fixes.", + "cve": "CVE-2022-0686", + "id": "pyup.io-51775", + "more_info_path": "/vulnerabilities/CVE-2022-0686/51775", "specs": [ "<0.0.85" ], "v": "<0.0.85" }, { - "advisory": "Ipyflow 0.0.85 updates its NPM dependency 'url-parse' to v1.5.10 to include security fixes.", - "cve": "CVE-2022-0686", - "id": "pyup.io-51775", - "more_info_path": "/vulnerabilities/CVE-2022-0686/51775", + "advisory": "Ipyflow 0.0.85 updates its NPM dependency 'nanoid' to v3.2.0 to include a security fix.", + "cve": "CVE-2021-23566", + "id": "pyup.io-51711", + "more_info_path": "/vulnerabilities/CVE-2021-23566/51711", "specs": [ "<0.0.85" ], @@ -72829,9 +73091,9 @@ "jina": [ { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29536", - "id": "pyup.io-44092", - "more_info_path": "/vulnerabilities/CVE-2021-29536/44092", + "cve": "CVE-2021-29521", + "id": "pyup.io-44067", + "more_info_path": "/vulnerabilities/CVE-2021-29521/44067", "specs": [ "<2.0.0" ], @@ -72857,36 +73119,6 @@ ], "v": "<2.0.0" }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29521", - "id": "pyup.io-44067", - "more_info_path": "/vulnerabilities/CVE-2021-29521/44067", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2020-8169", - "id": "pyup.io-44069", - "more_info_path": "/vulnerabilities/CVE-2020-8169/44069", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29567", - "id": "pyup.io-44086", - "more_info_path": "/vulnerabilities/CVE-2021-29567/44086", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29549", @@ -72919,9 +73151,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29586", - "id": "pyup.io-44107", - "more_info_path": "/vulnerabilities/CVE-2021-29586/44107", + "cve": "CVE-2021-29579", + "id": "pyup.io-44101", + "more_info_path": "/vulnerabilities/CVE-2021-29579/44101", "specs": [ "<2.0.0" ], @@ -72929,9 +73161,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29579", - "id": "pyup.io-44101", - "more_info_path": "/vulnerabilities/CVE-2021-29579/44101", + "cve": "CVE-2021-29586", + "id": "pyup.io-44107", + "more_info_path": "/vulnerabilities/CVE-2021-29586/44107", "specs": [ "<2.0.0" ], @@ -72949,9 +73181,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29598", - "id": "pyup.io-44122", - "more_info_path": "/vulnerabilities/CVE-2021-29598/44122", + "cve": "CVE-2021-29543", + "id": "pyup.io-44072", + "more_info_path": "/vulnerabilities/CVE-2021-29543/44072", "specs": [ "<2.0.0" ], @@ -72967,6 +73199,16 @@ ], "v": "<2.0.0" }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2021-29598", + "id": "pyup.io-44122", + "more_info_path": "/vulnerabilities/CVE-2021-29598/44122", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29541", @@ -72979,9 +73221,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29543", - "id": "pyup.io-44072", - "more_info_path": "/vulnerabilities/CVE-2021-29543/44072", + "cve": "CVE-2021-29553", + "id": "pyup.io-44141", + "more_info_path": "/vulnerabilities/CVE-2021-29553/44141", "specs": [ "<2.0.0" ], @@ -73007,16 +73249,6 @@ ], "v": "<2.0.0" }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29553", - "id": "pyup.io-44141", - "more_info_path": "/vulnerabilities/CVE-2021-29553/44141", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29597", @@ -73079,9 +73311,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29574", - "id": "pyup.io-44168", - "more_info_path": "/vulnerabilities/CVE-2021-29574/44168", + "cve": "CVE-2021-29583", + "id": "pyup.io-44104", + "more_info_path": "/vulnerabilities/CVE-2021-29583/44104", "specs": [ "<2.0.0" ], @@ -73089,9 +73321,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29583", - "id": "pyup.io-44104", - "more_info_path": "/vulnerabilities/CVE-2021-29583/44104", + "cve": "CVE-2021-29574", + "id": "pyup.io-44168", + "more_info_path": "/vulnerabilities/CVE-2021-29574/44168", "specs": [ "<2.0.0" ], @@ -73127,16 +73359,6 @@ ], "v": "<2.0.0" }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29559", - "id": "pyup.io-44153", - "more_info_path": "/vulnerabilities/CVE-2021-29559/44153", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29539", @@ -73149,9 +73371,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29561", - "id": "pyup.io-44162", - "more_info_path": "/vulnerabilities/CVE-2021-29561/44162", + "cve": "CVE-2021-29559", + "id": "pyup.io-44153", + "more_info_path": "/vulnerabilities/CVE-2021-29559/44153", "specs": [ "<2.0.0" ], @@ -73177,6 +73399,16 @@ ], "v": "<2.0.0" }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2021-29561", + "id": "pyup.io-44162", + "more_info_path": "/vulnerabilities/CVE-2021-29561/44162", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29570", @@ -73227,16 +73459,6 @@ ], "v": "<2.0.0" }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29572", - "id": "pyup.io-44098", - "more_info_path": "/vulnerabilities/CVE-2021-29572/44098", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29545", @@ -73259,9 +73481,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29531", - "id": "pyup.io-44121", - "more_info_path": "/vulnerabilities/CVE-2021-29531/44121", + "cve": "CVE-2021-29516", + "id": "pyup.io-44158", + "more_info_path": "/vulnerabilities/CVE-2021-29516/44158", "specs": [ "<2.0.0" ], @@ -73269,9 +73491,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29516", - "id": "pyup.io-44158", - "more_info_path": "/vulnerabilities/CVE-2021-29516/44158", + "cve": "CVE-2021-29584", + "id": "pyup.io-44105", + "more_info_path": "/vulnerabilities/CVE-2021-29584/44105", "specs": [ "<2.0.0" ], @@ -73309,9 +73531,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29584", - "id": "pyup.io-44105", - "more_info_path": "/vulnerabilities/CVE-2021-29584/44105", + "cve": "CVE-2021-29532", + "id": "pyup.io-44070", + "more_info_path": "/vulnerabilities/CVE-2021-29532/44070", "specs": [ "<2.0.0" ], @@ -73337,16 +73559,6 @@ ], "v": "<2.0.0" }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29532", - "id": "pyup.io-44070", - "more_info_path": "/vulnerabilities/CVE-2021-29532/44070", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29619", @@ -73359,9 +73571,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29544", - "id": "pyup.io-44074", - "more_info_path": "/vulnerabilities/CVE-2021-29544/44074", + "cve": "CVE-2021-29616", + "id": "pyup.io-44071", + "more_info_path": "/vulnerabilities/CVE-2021-29616/44071", "specs": [ "<2.0.0" ], @@ -73369,9 +73581,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29616", - "id": "pyup.io-44071", - "more_info_path": "/vulnerabilities/CVE-2021-29616/44071", + "cve": "CVE-2021-29557", + "id": "pyup.io-44149", + "more_info_path": "/vulnerabilities/CVE-2021-29557/44149", "specs": [ "<2.0.0" ], @@ -73397,16 +73609,6 @@ ], "v": "<2.0.0" }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29557", - "id": "pyup.io-44149", - "more_info_path": "/vulnerabilities/CVE-2021-29557/44149", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29577", @@ -73439,9 +73641,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29605", - "id": "pyup.io-44127", - "more_info_path": "/vulnerabilities/CVE-2021-29605/44127", + "cve": "CVE-2021-29578", + "id": "pyup.io-44100", + "more_info_path": "/vulnerabilities/CVE-2021-29578/44100", "specs": [ "<2.0.0" ], @@ -73449,9 +73651,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29578", - "id": "pyup.io-44100", - "more_info_path": "/vulnerabilities/CVE-2021-29578/44100", + "cve": "CVE-2021-29517", + "id": "pyup.io-44160", + "more_info_path": "/vulnerabilities/CVE-2021-29517/44160", "specs": [ "<2.0.0" ], @@ -73459,9 +73661,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29517", - "id": "pyup.io-44160", - "more_info_path": "/vulnerabilities/CVE-2021-29517/44160", + "cve": "CVE-2021-29605", + "id": "pyup.io-44127", + "more_info_path": "/vulnerabilities/CVE-2021-29605/44127", "specs": [ "<2.0.0" ], @@ -73469,9 +73671,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29576", - "id": "pyup.io-44169", - "more_info_path": "/vulnerabilities/CVE-2021-29576/44169", + "cve": "CVE-2021-29601", + "id": "pyup.io-44125", + "more_info_path": "/vulnerabilities/CVE-2021-29601/44125", "specs": [ "<2.0.0" ], @@ -73489,9 +73691,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29601", - "id": "pyup.io-44125", - "more_info_path": "/vulnerabilities/CVE-2021-29601/44125", + "cve": "CVE-2021-29576", + "id": "pyup.io-44169", + "more_info_path": "/vulnerabilities/CVE-2021-29576/44169", "specs": [ "<2.0.0" ], @@ -73509,9 +73711,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29526", - "id": "pyup.io-44157", - "more_info_path": "/vulnerabilities/CVE-2021-29526/44157", + "cve": "CVE-2021-29522", + "id": "pyup.io-44063", + "more_info_path": "/vulnerabilities/CVE-2021-29522/44063", "specs": [ "<2.0.0" ], @@ -73519,9 +73721,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29587", - "id": "pyup.io-44077", - "more_info_path": "/vulnerabilities/CVE-2021-29587/44077", + "cve": "CVE-2021-29596", + "id": "pyup.io-44115", + "more_info_path": "/vulnerabilities/CVE-2021-29596/44115", "specs": [ "<2.0.0" ], @@ -73529,9 +73731,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2020-8285", - "id": "pyup.io-44172", - "more_info_path": "/vulnerabilities/CVE-2020-8285/44172", + "cve": "CVE-2021-29573", + "id": "pyup.io-44167", + "more_info_path": "/vulnerabilities/CVE-2021-29573/44167", "specs": [ "<2.0.0" ], @@ -73539,9 +73741,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29522", - "id": "pyup.io-44063", - "more_info_path": "/vulnerabilities/CVE-2021-29522/44063", + "cve": "CVE-2021-29526", + "id": "pyup.io-44157", + "more_info_path": "/vulnerabilities/CVE-2021-29526/44157", "specs": [ "<2.0.0" ], @@ -73549,9 +73751,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29585", - "id": "pyup.io-44106", - "more_info_path": "/vulnerabilities/CVE-2021-29585/44106", + "cve": "CVE-2021-29587", + "id": "pyup.io-44077", + "more_info_path": "/vulnerabilities/CVE-2021-29587/44077", "specs": [ "<2.0.0" ], @@ -73559,9 +73761,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29573", - "id": "pyup.io-44167", - "more_info_path": "/vulnerabilities/CVE-2021-29573/44167", + "cve": "CVE-2021-29613", + "id": "pyup.io-44137", + "more_info_path": "/vulnerabilities/CVE-2021-29613/44137", "specs": [ "<2.0.0" ], @@ -73569,9 +73771,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29596", - "id": "pyup.io-44115", - "more_info_path": "/vulnerabilities/CVE-2021-29596/44115", + "cve": "CVE-2021-29555", + "id": "pyup.io-44147", + "more_info_path": "/vulnerabilities/CVE-2021-29555/44147", "specs": [ "<2.0.0" ], @@ -73579,9 +73781,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29613", - "id": "pyup.io-44137", - "more_info_path": "/vulnerabilities/CVE-2021-29613/44137", + "cve": "CVE-2020-8286", + "id": "pyup.io-44155", + "more_info_path": "/vulnerabilities/CVE-2020-8286/44155", "specs": [ "<2.0.0" ], @@ -73589,9 +73791,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29555", - "id": "pyup.io-44147", - "more_info_path": "/vulnerabilities/CVE-2021-29555/44147", + "cve": "CVE-2021-29611", + "id": "pyup.io-44133", + "more_info_path": "/vulnerabilities/CVE-2021-29611/44133", "specs": [ "<2.0.0" ], @@ -73599,9 +73801,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29571", - "id": "pyup.io-44170", - "more_info_path": "/vulnerabilities/CVE-2021-29571/44170", + "cve": "CVE-2021-29599", + "id": "pyup.io-44123", + "more_info_path": "/vulnerabilities/CVE-2021-29599/44123", "specs": [ "<2.0.0" ], @@ -73609,9 +73811,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29565", - "id": "pyup.io-44154", - "more_info_path": "/vulnerabilities/CVE-2021-29565/44154", + "cve": "CVE-2021-29590", + "id": "pyup.io-44109", + "more_info_path": "/vulnerabilities/CVE-2021-29590/44109", "specs": [ "<2.0.0" ], @@ -73619,9 +73821,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29581", - "id": "pyup.io-44102", - "more_info_path": "/vulnerabilities/CVE-2021-29581/44102", + "cve": "CVE-2021-29548", + "id": "pyup.io-44091", + "more_info_path": "/vulnerabilities/CVE-2021-29548/44091", "specs": [ "<2.0.0" ], @@ -73629,9 +73831,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2020-8286", - "id": "pyup.io-44155", - "more_info_path": "/vulnerabilities/CVE-2020-8286/44155", + "cve": "CVE-2021-29607", + "id": "pyup.io-44131", + "more_info_path": "/vulnerabilities/CVE-2021-29607/44131", "specs": [ "<2.0.0" ], @@ -73639,9 +73841,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29611", - "id": "pyup.io-44133", - "more_info_path": "/vulnerabilities/CVE-2021-29611/44133", + "cve": "CVE-2021-29591", + "id": "pyup.io-44110", + "more_info_path": "/vulnerabilities/CVE-2021-29591/44110", "specs": [ "<2.0.0" ], @@ -73649,9 +73851,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29607", - "id": "pyup.io-44131", - "more_info_path": "/vulnerabilities/CVE-2021-29607/44131", + "cve": "CVE-2021-29536", + "id": "pyup.io-44092", + "more_info_path": "/vulnerabilities/CVE-2021-29536/44092", "specs": [ "<2.0.0" ], @@ -73659,9 +73861,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29599", - "id": "pyup.io-44123", - "more_info_path": "/vulnerabilities/CVE-2021-29599/44123", + "cve": "CVE-2021-29531", + "id": "pyup.io-44121", + "more_info_path": "/vulnerabilities/CVE-2021-29531/44121", "specs": [ "<2.0.0" ], @@ -73669,9 +73871,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29590", - "id": "pyup.io-44109", - "more_info_path": "/vulnerabilities/CVE-2021-29590/44109", + "cve": "CVE-2021-29585", + "id": "pyup.io-44106", + "more_info_path": "/vulnerabilities/CVE-2021-29585/44106", "specs": [ "<2.0.0" ], @@ -73679,9 +73881,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29548", - "id": "pyup.io-44091", - "more_info_path": "/vulnerabilities/CVE-2021-29548/44091", + "cve": "CVE-2021-29571", + "id": "pyup.io-44170", + "more_info_path": "/vulnerabilities/CVE-2021-29571/44170", "specs": [ "<2.0.0" ], @@ -73689,9 +73891,19 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29591", - "id": "pyup.io-44110", - "more_info_path": "/vulnerabilities/CVE-2021-29591/44110", + "cve": "CVE-2021-29581", + "id": "pyup.io-44102", + "more_info_path": "/vulnerabilities/CVE-2021-29581/44102", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2020-8285", + "id": "pyup.io-44172", + "more_info_path": "/vulnerabilities/CVE-2020-8285/44172", "specs": [ "<2.0.0" ], @@ -73739,9 +73951,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29515", - "id": "pyup.io-44166", - "more_info_path": "/vulnerabilities/CVE-2021-29515/44166", + "cve": "CVE-2021-29547", + "id": "pyup.io-44073", + "more_info_path": "/vulnerabilities/CVE-2021-29547/44073", "specs": [ "<2.0.0" ], @@ -73749,9 +73961,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2020-8231", - "id": "pyup.io-44148", - "more_info_path": "/vulnerabilities/CVE-2020-8231/44148", + "cve": "CVE-2021-29525", + "id": "pyup.io-44061", + "more_info_path": "/vulnerabilities/CVE-2021-29525/44061", "specs": [ "<2.0.0" ], @@ -73759,9 +73971,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29547", - "id": "pyup.io-44073", - "more_info_path": "/vulnerabilities/CVE-2021-29547/44073", + "cve": "CVE-2021-29515", + "id": "pyup.io-44166", + "more_info_path": "/vulnerabilities/CVE-2021-29515/44166", "specs": [ "<2.0.0" ], @@ -73769,9 +73981,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29562", - "id": "pyup.io-44163", - "more_info_path": "/vulnerabilities/CVE-2021-29562/44163", + "cve": "CVE-2020-8231", + "id": "pyup.io-44148", + "more_info_path": "/vulnerabilities/CVE-2020-8231/44148", "specs": [ "<2.0.0" ], @@ -73779,9 +73991,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29525", - "id": "pyup.io-44061", - "more_info_path": "/vulnerabilities/CVE-2021-29525/44061", + "cve": "CVE-2021-29569", + "id": "pyup.io-44161", + "more_info_path": "/vulnerabilities/CVE-2021-29569/44161", "specs": [ "<2.0.0" ], @@ -73797,16 +74009,6 @@ ], "v": "<2.0.0" }, - { - "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29569", - "id": "pyup.io-44161", - "more_info_path": "/vulnerabilities/CVE-2021-29569/44161", - "specs": [ - "<2.0.0" - ], - "v": "<2.0.0" - }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", "cve": "CVE-2021-29519", @@ -73859,9 +74061,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29588", - "id": "pyup.io-44108", - "more_info_path": "/vulnerabilities/CVE-2021-29588/44108", + "cve": "CVE-2021-29564", + "id": "pyup.io-44066", + "more_info_path": "/vulnerabilities/CVE-2021-29564/44066", "specs": [ "<2.0.0" ], @@ -73869,9 +74071,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29564", - "id": "pyup.io-44066", - "more_info_path": "/vulnerabilities/CVE-2021-29564/44066", + "cve": "CVE-2021-29516", + "id": "pyup.io-44159", + "more_info_path": "/vulnerabilities/CVE-2021-29516/44159", "specs": [ "<2.0.0" ], @@ -73879,9 +74081,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29516", - "id": "pyup.io-44159", - "more_info_path": "/vulnerabilities/CVE-2021-29516/44159", + "cve": "CVE-2021-29588", + "id": "pyup.io-44108", + "more_info_path": "/vulnerabilities/CVE-2021-29588/44108", "specs": [ "<2.0.0" ], @@ -73919,9 +74121,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29563", - "id": "pyup.io-44080", - "more_info_path": "/vulnerabilities/CVE-2021-29563/44080", + "cve": "CVE-2021-29567", + "id": "pyup.io-44086", + "more_info_path": "/vulnerabilities/CVE-2021-29567/44086", "specs": [ "<2.0.0" ], @@ -73929,9 +74131,9 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29513", - "id": "pyup.io-44097", - "more_info_path": "/vulnerabilities/CVE-2021-29513/44097", + "cve": "CVE-2020-8169", + "id": "pyup.io-44069", + "more_info_path": "/vulnerabilities/CVE-2020-8169/44069", "specs": [ "<2.0.0" ], @@ -73939,9 +74141,49 @@ }, { "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", - "cve": "CVE-2021-29550", - "id": "pyup.io-44082", - "more_info_path": "/vulnerabilities/CVE-2021-29550/44082", + "cve": "CVE-2021-29572", + "id": "pyup.io-44098", + "more_info_path": "/vulnerabilities/CVE-2021-29572/44098", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2021-29565", + "id": "pyup.io-44154", + "more_info_path": "/vulnerabilities/CVE-2021-29565/44154", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2021-29562", + "id": "pyup.io-44163", + "more_info_path": "/vulnerabilities/CVE-2021-29562/44163", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2021-29563", + "id": "pyup.io-44080", + "more_info_path": "/vulnerabilities/CVE-2021-29563/44080", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2021-29513", + "id": "pyup.io-44097", + "more_info_path": "/vulnerabilities/CVE-2021-29513/44097", "specs": [ "<2.0.0" ], @@ -73967,6 +74209,26 @@ ], "v": "<2.0.0" }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2021-29550", + "id": "pyup.io-44082", + "more_info_path": "/vulnerabilities/CVE-2021-29550/44082", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, + { + "advisory": "Jina version 2.0.0 updates its dependency \"Tensorflow\" to v2.4.2 to include security fixes.", + "cve": "CVE-2021-29544", + "id": "pyup.io-44074", + "more_info_path": "/vulnerabilities/CVE-2021-29544/44074", + "specs": [ + "<2.0.0" + ], + "v": "<2.0.0" + }, { "advisory": "Jina version 2.0.24 updates its dependency \"pillow\" to v8.3.2 to include security fixes.", "cve": "CVE-2021-23437", @@ -74568,9 +74830,9 @@ "juntagrico": [ { "advisory": "Juntagrico 1.5.5 updates its dependency 'django' requirement to \"~=4.0.8\" to include security fixes.", - "cve": "CVE-2022-41323", - "id": "pyup.io-51984", - "more_info_path": "/vulnerabilities/CVE-2022-41323/51984", + "cve": "CVE-2022-34265", + "id": "pyup.io-51982", + "more_info_path": "/vulnerabilities/CVE-2022-34265/51982", "specs": [ "<1.5.5" ], @@ -74578,9 +74840,9 @@ }, { "advisory": "Juntagrico 1.5.5 updates its dependency 'django' requirement to \"~=4.0.8\" to include security fixes.", - "cve": "CVE-2022-28347", - "id": "pyup.io-51967", - "more_info_path": "/vulnerabilities/CVE-2022-28347/51967", + "cve": "CVE-2022-36359", + "id": "pyup.io-51983", + "more_info_path": "/vulnerabilities/CVE-2022-36359/51983", "specs": [ "<1.5.5" ], @@ -74588,9 +74850,9 @@ }, { "advisory": "Juntagrico 1.5.5 updates its dependency 'django' requirement to \"~=4.0.8\" to include security fixes.", - "cve": "CVE-2022-36359", - "id": "pyup.io-51983", - "more_info_path": "/vulnerabilities/CVE-2022-36359/51983", + "cve": "CVE-2022-28347", + "id": "pyup.io-51967", + "more_info_path": "/vulnerabilities/CVE-2022-28347/51967", "specs": [ "<1.5.5" ], @@ -74598,9 +74860,9 @@ }, { "advisory": "Juntagrico 1.5.5 updates its dependency 'django' requirement to \"~=4.0.8\" to include security fixes.", - "cve": "CVE-2022-34265", - "id": "pyup.io-51982", - "more_info_path": "/vulnerabilities/CVE-2022-34265/51982", + "cve": "CVE-2022-41323", + "id": "pyup.io-51984", + "more_info_path": "/vulnerabilities/CVE-2022-41323/51984", "specs": [ "<1.5.5" ], @@ -75071,7 +75333,7 @@ "v": "<2.11.2" }, { - "advisory": "The Jupyter Server provides the backend for Jupyter web applications. Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows machine hosting the Jupyter server, or access other network-accessible machines or 3rd party services using that credential. Or an attacker perform an NTLM relay attack without cracking the credential to gain access to other network-accessible machines. \r\n# This only affects Windows users", + "advisory": "Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows machine hosting the Jupyter server, or access other network-accessible machines or 3rd party services using that credential. Or an attacker perform an NTLM relay attack without cracking the credential to gain access to other network-accessible machines. \r\nThis only affects Windows users", "cve": "CVE-2024-35178", "id": "pyup.io-71628", "more_info_path": "/vulnerabilities/CVE-2024-35178/71628", @@ -75737,20 +75999,20 @@ "v": "<1.4.0" }, { - "advisory": "A vulnerability was found in JWCrypto versions before 1.5.1. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive.", - "cve": "CVE-2023-6681", - "id": "pyup.io-66713", - "more_info_path": "/vulnerabilities/CVE-2023-6681/66713", + "advisory": "Jwcrypto version 1.5.1 addresses a potential DoS issue with p2c headers, limiting the default maximum to 16384 to prevent excessive resource usage. For applications requiring more iterations, the jwa default max needs to be adjusted manually.\r\nhttps://github.com/latchset/jwcrypto/commit/d2655d370586cb830e49acfb450f87598da60be8", + "cve": "PVE-2023-63154", + "id": "pyup.io-63154", + "more_info_path": "/vulnerabilities/PVE-2023-63154/63154", "specs": [ "<1.5.1" ], "v": "<1.5.1" }, { - "advisory": "Jwcrypto version 1.5.1 addresses a potential DoS issue with p2c headers, limiting the default maximum to 16384 to prevent excessive resource usage. For applications requiring more iterations, the jwa default max needs to be adjusted manually.\r\nhttps://github.com/latchset/jwcrypto/commit/d2655d370586cb830e49acfb450f87598da60be8", - "cve": "PVE-2023-63154", - "id": "pyup.io-63154", - "more_info_path": "/vulnerabilities/PVE-2023-63154/63154", + "advisory": "A vulnerability was found in JWCrypto versions before 1.5.1. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive.", + "cve": "CVE-2023-6681", + "id": "pyup.io-66713", + "more_info_path": "/vulnerabilities/CVE-2023-6681/66713", "specs": [ "<1.5.1" ], @@ -76125,6 +76387,16 @@ "<0.19.3" ], "v": "<0.19.3" + }, + { + "advisory": "Affected versions of Kedro are vulnerable to Deserialization of Untrusted Data (CWE-502). This vulnerability allows attackers to execute arbitrary code during the deserialization process when loading session data using the ShelveStore class. The attack can be carried out if an attacker gains the ability to modify or replace the shelve files used for session storage, leading to the execution of malicious code upon deserialization. The vulnerable component is the ShelveStore class in the kedro.framework.session.shelvestore module, which uses shelve (and thus pickle) without validating or sanitizing the input data. To exploit this vulnerability, an attacker would need write access to the session store files. Users should mitigate this issue by updating to the version where ShelveStore has been removed, and by using secure alternatives for session storage that do not rely on untrusted deserialization.", + "cve": "PVE-2024-73671", + "id": "pyup.io-73671", + "more_info_path": "/vulnerabilities/PVE-2024-73671/73671", + "specs": [ + "<0.19.9" + ], + "v": "<0.19.9" } ], "kedro-viz": [ @@ -76461,6 +76733,17 @@ ], "v": "<15.0.1,>=16.0.0.0rc1,<=16.0.0" }, + { + "advisory": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access. See: CVE-2020-12690.", + "cve": "CVE-2020-12690", + "id": "pyup.io-38583", + "more_info_path": "/vulnerabilities/CVE-2020-12690/38583", + "specs": [ + "<15.0.1", + ">=16.0.0.0rc1,<=16.0.0" + ], + "v": "<15.0.1,>=16.0.0.0rc1,<=16.0.0" + }, { "advisory": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.", "cve": "CVE-2020-12689", @@ -76483,17 +76766,6 @@ ], "v": "<15.0.1,>=16.0.0.0rc1,<=16.0.0" }, - { - "advisory": "An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access. See: CVE-2020-12690.", - "cve": "CVE-2020-12690", - "id": "pyup.io-38583", - "more_info_path": "/vulnerabilities/CVE-2020-12690/38583", - "specs": [ - "<15.0.1", - ">=16.0.0.0rc1,<=16.0.0" - ], - "v": "<15.0.1,>=16.0.0.0rc1,<=16.0.0" - }, { "advisory": "OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs.", "cve": "CVE-2015-3646", @@ -76626,16 +76898,6 @@ ], "v": ">2010,<2014.2" }, - { - "advisory": "OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request.", - "cve": "CVE-2014-3520", - "id": "pyup.io-70447", - "more_info_path": "/vulnerabilities/CVE-2014-3520/70447", - "specs": [ - ">2010,<2014.2" - ], - "v": ">2010,<2014.2" - }, { "advisory": "OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with impersonation enabled to create a new token with additional roles.", "cve": "CVE-2014-3476", @@ -76656,6 +76918,16 @@ ], "v": ">2010,<2014.2" }, + { + "advisory": "OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request.", + "cve": "CVE-2014-3520", + "id": "pyup.io-70447", + "more_info_path": "/vulnerabilities/CVE-2014-3520/70447", + "specs": [ + ">2010,<2014.2" + ], + "v": ">2010,<2014.2" + }, { "advisory": "Keystone versions 16.0.2, 17.0.1, 18.0.1 and 19.0.1 include a fix for CVE-2021-38155: OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account's corresponding UUID, which might be leveraged for other unrelated attacks. All deployments enabling security_compliance.lockout_failure_attempts are affected.\r\nhttps://security.openstack.org/ossa/OSSA-2021-003.html", "cve": "CVE-2021-38155", @@ -76802,20 +77074,20 @@ "v": ">=2011.3.1,<2013.1" }, { - "advisory": "OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.", - "cve": "CVE-2013-4222", - "id": "pyup.io-68010", - "more_info_path": "/vulnerabilities/CVE-2013-4222/68010", + "advisory": "OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password.", + "cve": "CVE-2013-2157", + "id": "pyup.io-67998", + "more_info_path": "/vulnerabilities/CVE-2013-2157/67998", "specs": [ ">=2011.3.1,<2013.1.3" ], "v": ">=2011.3.1,<2013.1.3" }, { - "advisory": "OpenStack Keystone Folsom, Grizzly before 2013.1.3, and Havana, when using LDAP with Anonymous binding, allows remote attackers to bypass authentication via an empty password.", - "cve": "CVE-2013-2157", - "id": "pyup.io-67998", - "more_info_path": "/vulnerabilities/CVE-2013-2157/67998", + "advisory": "OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token.", + "cve": "CVE-2013-4222", + "id": "pyup.io-68010", + "more_info_path": "/vulnerabilities/CVE-2013-4222/68010", "specs": [ ">=2011.3.1,<2013.1.3" ], @@ -77268,20 +77540,20 @@ "v": "<5.3.5" }, { - "advisory": "Kinto 6.1.0 addresses a race condition that could have led to unexpected behavior during the replacement of permissions of an object in a PostgreSQL backend. This problem arose when two separate queries, one deleting old permissions and another inserting new ones, executed simultaneously.\r\nhttps://github.com/Kinto/kinto/pull/1214/commits/293f5777dcdfb18521805ee3165a30560f854fd9", - "cve": "PVE-2024-64272", - "id": "pyup.io-64272", - "more_info_path": "/vulnerabilities/PVE-2024-64272/64272", + "advisory": "Kinto 6.1.0 fixes a race condition that occurred during concurrent delete/update operations. The issue was resolved by implementing an upsert operation in the storage.update() method, which ensures that the correct operation (insert or update) is performed even when a deletion occurs concurrently.\r\nhttps://github.com/Kinto/kinto/pull/1207/commits/7676dfe39d320830f13ff99d5d3e6c9db6a709e8", + "cve": "PVE-2024-64147", + "id": "pyup.io-64147", + "more_info_path": "/vulnerabilities/PVE-2024-64147/64147", "specs": [ "<6.1.0" ], "v": "<6.1.0" }, { - "advisory": "Kinto 6.1.0 fixes a race condition that occurred during concurrent delete/update operations. The issue was resolved by implementing an upsert operation in the storage.update() method, which ensures that the correct operation (insert or update) is performed even when a deletion occurs concurrently.\r\nhttps://github.com/Kinto/kinto/pull/1207/commits/7676dfe39d320830f13ff99d5d3e6c9db6a709e8", - "cve": "PVE-2024-64147", - "id": "pyup.io-64147", - "more_info_path": "/vulnerabilities/PVE-2024-64147/64147", + "advisory": "Kinto 6.1.0 addresses a race condition that could have led to unexpected behavior during the replacement of permissions of an object in a PostgreSQL backend. This problem arose when two separate queries, one deleting old permissions and another inserting new ones, executed simultaneously.\r\nhttps://github.com/Kinto/kinto/pull/1214/commits/293f5777dcdfb18521805ee3165a30560f854fd9", + "cve": "PVE-2024-64272", + "id": "pyup.io-64272", + "more_info_path": "/vulnerabilities/PVE-2024-64272/64272", "specs": [ "<6.1.0" ], @@ -77310,20 +77582,20 @@ ], "kinto-attachment": [ { - "advisory": "Kinto-attachment 6.4.0 addresses a high-severity vulnerability, CVE-2024-1314. This issue allowed the replacement of attachment files on read-only records if the attacker had \"read\" permission on a parent entity.\r\nhttps://github.com/Kinto/kinto-attachment/security/advisories/GHSA-hvp4-vrv2-8wrq", - "cve": "PVE-2024-65061", - "id": "pyup.io-65061", - "more_info_path": "/vulnerabilities/PVE-2024-65061/65061", + "advisory": "kinto-attachment versions above 6.4.0 are susceptible to a vulnerability where an attachment file on an existing record can be replaced by users who possess \"read\" permission on any of the parent entities, such as a collection or bucket. Should this \"read\" permission be granted to \"system.Everyone\" on one of the parents, it enables the replacement of an attachment on a record through an anonymous request. Importantly, should the parent entities not have explicit \"read\" permission assigned, the attachments on records remain secure against such unauthorized replacements.", + "cve": "CVE-2024-1314", + "id": "pyup.io-66714", + "more_info_path": "/vulnerabilities/CVE-2024-1314/66714", "specs": [ "<6.4.0" ], "v": "<6.4.0" }, { - "advisory": "kinto-attachment versions above 6.4.0 are susceptible to a vulnerability where an attachment file on an existing record can be replaced by users who possess \"read\" permission on any of the parent entities, such as a collection or bucket. Should this \"read\" permission be granted to \"system.Everyone\" on one of the parents, it enables the replacement of an attachment on a record through an anonymous request. Importantly, should the parent entities not have explicit \"read\" permission assigned, the attachments on records remain secure against such unauthorized replacements.", - "cve": "CVE-2024-1314", - "id": "pyup.io-66714", - "more_info_path": "/vulnerabilities/CVE-2024-1314/66714", + "advisory": "Kinto-attachment 6.4.0 addresses a high-severity vulnerability, CVE-2024-1314. This issue allowed the replacement of attachment files on read-only records if the attacker had \"read\" permission on a parent entity.\r\nhttps://github.com/Kinto/kinto-attachment/security/advisories/GHSA-hvp4-vrv2-8wrq", + "cve": "PVE-2024-65061", + "id": "pyup.io-65061", + "more_info_path": "/vulnerabilities/PVE-2024-65061/65061", "specs": [ "<6.4.0" ], @@ -78157,9 +78429,9 @@ }, { "advisory": "Kserve 0.9.0rc0 updates its dependency 'ray' to v1.9.2 to include security fixes.", - "cve": "CVE-2021-44228", - "id": "pyup.io-49405", - "more_info_path": "/vulnerabilities/CVE-2021-44228/49405", + "cve": "CVE-2021-45046", + "id": "pyup.io-49420", + "more_info_path": "/vulnerabilities/CVE-2021-45046/49420", "specs": [ "<0.9.0rc0" ], @@ -78167,9 +78439,9 @@ }, { "advisory": "Kserve 0.9.0rc0 updates its dependency 'ray' to v1.9.2 to include security fixes.", - "cve": "CVE-2021-45046", - "id": "pyup.io-49420", - "more_info_path": "/vulnerabilities/CVE-2021-45046/49420", + "cve": "CVE-2021-44228", + "id": "pyup.io-49405", + "more_info_path": "/vulnerabilities/CVE-2021-44228/49405", "specs": [ "<0.9.0rc0" ], @@ -78178,20 +78450,20 @@ ], "kube-copilot": [ { - "advisory": "Kube-copilot 0.1.21 updates its dependency 'langchain' to v0.0.278 to include a security fix.\r\nhttps://github.com/feiskyer/kube-copilot/pull/43", - "cve": "CVE-2023-36189", - "id": "pyup.io-61672", - "more_info_path": "/vulnerabilities/CVE-2023-36189/61672", + "advisory": "Kube-copilot 0.1.21 updates its dependency 'langchain' to v0.0.278 to include a security fix.", + "cve": "CVE-2023-36095", + "id": "pyup.io-61673", + "more_info_path": "/vulnerabilities/CVE-2023-36095/61673", "specs": [ "<0.1.21" ], "v": "<0.1.21" }, { - "advisory": "Kube-copilot 0.1.21 updates its dependency 'langchain' to v0.0.278 to include a security fix.", - "cve": "CVE-2023-36095", - "id": "pyup.io-61673", - "more_info_path": "/vulnerabilities/CVE-2023-36095/61673", + "advisory": "Kube-copilot 0.1.21 updates its dependency 'langchain' to v0.0.278 to include a security fix.\r\nhttps://github.com/feiskyer/kube-copilot/pull/43", + "cve": "CVE-2023-36189", + "id": "pyup.io-61672", + "more_info_path": "/vulnerabilities/CVE-2023-36189/61672", "specs": [ "<0.1.21" ], @@ -78777,30 +79049,30 @@ "v": "<4.2" }, { - "advisory": "Ladok3 4.2 updates its dependency 'requests' to version '2.31.0' to include a fix for an Information Exposure vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/685f2fca6d38960a650060b1bdd13ca88f30b13f", - "cve": "CVE-2023-32681", - "id": "pyup.io-60158", - "more_info_path": "/vulnerabilities/CVE-2023-32681/60158", + "advisory": "Ladok3 4.2 updates its dependency 'cryptography' to version '38.0.4' to include a fix for a Buffer Overflow vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/685f2fca6d38960a650060b1bdd13ca88f30b13f", + "cve": "CVE-2022-3786", + "id": "pyup.io-60137", + "more_info_path": "/vulnerabilities/CVE-2022-3786/60137", "specs": [ "<4.2" ], "v": "<4.2" }, { - "advisory": "Ladok3 4.2 updates its dependency 'cryptography' to version '38.0.4' to include a fix for a Buffer Overflow vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/685f2fca6d38960a650060b1bdd13ca88f30b13f", - "cve": "CVE-2022-3602", - "id": "pyup.io-60157", - "more_info_path": "/vulnerabilities/CVE-2022-3602/60157", + "advisory": "Ladok3 4.2 updates its dependency 'requests' to version '2.31.0' to include a fix for an Information Exposure vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/685f2fca6d38960a650060b1bdd13ca88f30b13f", + "cve": "CVE-2023-32681", + "id": "pyup.io-60158", + "more_info_path": "/vulnerabilities/CVE-2023-32681/60158", "specs": [ "<4.2" ], "v": "<4.2" }, { - "advisory": "Ladok3 4.2 updates its dependency 'cryptography' to version '38.0.4' to include a fix for a Buffer Overflow vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/685f2fca6d38960a650060b1bdd13ca88f30b13f", - "cve": "CVE-2022-3786", - "id": "pyup.io-60137", - "more_info_path": "/vulnerabilities/CVE-2022-3786/60137", + "advisory": "Ladok3 4.2 updates its dependency 'certifi' to version '2023.7.22' to include a fix for a vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/685f2fca6d38960a650060b1bdd13ca88f30b13f", + "cve": "CVE-2022-23491", + "id": "pyup.io-60160", + "more_info_path": "/vulnerabilities/CVE-2022-23491/60160", "specs": [ "<4.2" ], @@ -78817,30 +79089,30 @@ "v": "<4.2" }, { - "advisory": "Ladok3 4.2 updates its dependency 'certifi' to version '2023.7.22' to include a fix for a vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/685f2fca6d38960a650060b1bdd13ca88f30b13f", - "cve": "CVE-2022-23491", - "id": "pyup.io-60160", - "more_info_path": "/vulnerabilities/CVE-2022-23491/60160", + "advisory": "Ladok3 4.2 updates its dependency 'cryptography' to version '38.0.4' to include a fix for a Buffer Overflow vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/685f2fca6d38960a650060b1bdd13ca88f30b13f", + "cve": "CVE-2022-3602", + "id": "pyup.io-60157", + "more_info_path": "/vulnerabilities/CVE-2022-3602/60157", "specs": [ "<4.2" ], "v": "<4.2" }, { - "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a DoS vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", - "cve": "CVE-2022-4450", - "id": "pyup.io-60565", - "more_info_path": "/vulnerabilities/CVE-2022-4450/60565", + "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for an Expected Behavior Violation vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", + "cve": "CVE-2023-23931", + "id": "pyup.io-60566", + "more_info_path": "/vulnerabilities/CVE-2023-23931/60566", "specs": [ "<4.3" ], "v": "<4.3" }, { - "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a Use After Free vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", - "cve": "CVE-2023-0215", - "id": "pyup.io-60560", - "more_info_path": "/vulnerabilities/CVE-2023-0215/60560", + "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a Timing Attack vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", + "cve": "CVE-2022-4304", + "id": "pyup.io-60562", + "more_info_path": "/vulnerabilities/CVE-2022-4304/60562", "specs": [ "<4.3" ], @@ -78848,9 +79120,9 @@ }, { "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a DoS vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", - "cve": "CVE-2022-4203", - "id": "pyup.io-60564", - "more_info_path": "/vulnerabilities/CVE-2022-4203/60564", + "cve": "CVE-2023-0217", + "id": "pyup.io-60559", + "more_info_path": "/vulnerabilities/CVE-2023-0217/60559", "specs": [ "<4.3" ], @@ -78858,9 +79130,9 @@ }, { "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a DoS vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", - "cve": "CVE-2023-0216", - "id": "pyup.io-60563", - "more_info_path": "/vulnerabilities/CVE-2023-0216/60563", + "cve": "CVE-2023-0401", + "id": "pyup.io-60528", + "more_info_path": "/vulnerabilities/CVE-2023-0401/60528", "specs": [ "<4.3" ], @@ -78878,9 +79150,9 @@ }, { "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a DoS vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", - "cve": "CVE-2023-0401", - "id": "pyup.io-60528", - "more_info_path": "/vulnerabilities/CVE-2023-0401/60528", + "cve": "CVE-2023-0216", + "id": "pyup.io-60563", + "more_info_path": "/vulnerabilities/CVE-2023-0216/60563", "specs": [ "<4.3" ], @@ -78888,29 +79160,29 @@ }, { "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a DoS vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", - "cve": "CVE-2023-0217", - "id": "pyup.io-60559", - "more_info_path": "/vulnerabilities/CVE-2023-0217/60559", + "cve": "CVE-2022-4203", + "id": "pyup.io-60564", + "more_info_path": "/vulnerabilities/CVE-2022-4203/60564", "specs": [ "<4.3" ], "v": "<4.3" }, { - "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a Timing Attack vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", - "cve": "CVE-2022-4304", - "id": "pyup.io-60562", - "more_info_path": "/vulnerabilities/CVE-2022-4304/60562", + "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a Use After Free vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", + "cve": "CVE-2023-0215", + "id": "pyup.io-60560", + "more_info_path": "/vulnerabilities/CVE-2023-0215/60560", "specs": [ "<4.3" ], "v": "<4.3" }, { - "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for an Expected Behavior Violation vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", - "cve": "CVE-2023-23931", - "id": "pyup.io-60566", - "more_info_path": "/vulnerabilities/CVE-2023-23931/60566", + "advisory": "Ladok3 4.3 updates its dependency 'cryptography' to version '39.0.1' to include a fix for a DoS vulnerability.\r\nhttps://github.com/dbosk/ladok3/commit/33acab13bd48e3efdcf65493364eb06bf63decd6", + "cve": "CVE-2022-4450", + "id": "pyup.io-60565", + "more_info_path": "/vulnerabilities/CVE-2022-4450/60565", "specs": [ "<4.3" ], @@ -79054,6 +79326,16 @@ ], "v": "<0.0.236" }, + { + "advisory": "Langchain 0.0.236 includes a fix for an Arbitrary Code Execution vulnerability. The vulnerability allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method.\r\nhttps://github.com/langchain-ai/langchain/commit/e294ba475a355feb95003ed8f1a2b99942509a9e", + "cve": "CVE-2023-36188", + "id": "pyup.io-59363", + "more_info_path": "/vulnerabilities/CVE-2023-36188/59363", + "specs": [ + "<0.0.236" + ], + "v": "<0.0.236" + }, { "advisory": "Langchain 0.0.236 includes a fix for an Arbitrary Code Execution vulnerability. In affected versions, the vulnerability allows an attacker to execute arbitrary code via the Python exec calls in the PALChain.\r\nhttps://github.com/langchain-ai/langchain/commit/8ba9835b925473655914f63822775679e03ea137\r\nhttps://github.com/langchain-ai/langchain/commit/e294ba475a355feb95003ed8f1a2b99942509a9e", "cve": "CVE-2023-36095", @@ -79065,14 +79347,14 @@ "v": "<0.0.236" }, { - "advisory": "Langchain 0.0.236 includes a fix for an Arbitrary Code Execution vulnerability. The vulnerability allows a remote attacker to execute arbitrary code via the PALChain parameter in the Python exec method.\r\nhttps://github.com/langchain-ai/langchain/commit/e294ba475a355feb95003ed8f1a2b99942509a9e", - "cve": "CVE-2023-36188", - "id": "pyup.io-59363", - "more_info_path": "/vulnerabilities/CVE-2023-36188/59363", + "advisory": "Affected versions of Langchain allow an attacker to execute arbitrary code via the PALChain in the python exec method. The PALChain class requires unique security considerations so it was moved langchain-experimental package and removed from langchain on version 0.0.247. The issue was attempted to be resolved several times in langchain-experimental but the fixes were found incomplete. See CVE-2023-44467, CVE-2024-27444, and CVE-2024-38459.", + "cve": "CVE-2023-36258", + "id": "pyup.io-59294", + "more_info_path": "/vulnerabilities/CVE-2023-36258/59294", "specs": [ - "<0.0.236" + "<0.0.247" ], - "v": "<0.0.236" + "v": "<0.0.247" }, { "advisory": "Langchain 0.0.247 includes a fix for CVE-2023-36189: SQL injection vulnerability allows a remote attacker to obtain sensitive information via the SQLDatabaseChain component.\r\nhttps://github.com/langchain-ai/langchain/issues/5923", @@ -79094,16 +79376,6 @@ ], "v": "<0.0.247" }, - { - "advisory": "Affected versions of Langchain allow an attacker to execute arbitrary code via the PALChain in the python exec method. The PALChain class requires unique security considerations so it was moved langchain-experimental package and removed from langchain on version 0.0.247. The issue was attempted to be resolved several times in langchain-experimental but the fixes were found incomplete. See CVE-2023-44467, CVE-2024-27444, and CVE-2024-38459.", - "cve": "CVE-2023-36258", - "id": "pyup.io-59294", - "more_info_path": "/vulnerabilities/CVE-2023-36258/59294", - "specs": [ - "<0.0.247" - ], - "v": "<0.0.247" - }, { "advisory": "Langchain 0.0.306 includes a fix for a code injection vulnerability.\r\nhttps://github.com/langchain-ai/langchain/pull/11233", "cve": "PVE-2023-61536", @@ -79264,16 +79536,6 @@ ], "v": "==0.0.64" }, - { - "advisory": "A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of langchain-ai/langchain affected versions. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This flaw enables attackers to execute port scans, access local services, and in some scenarios, read instance metadata from cloud environments. The vulnerability is particularly concerning as it can be exploited to abuse the Web Explorer server as a proxy for web attacks on third parties and interact with servers in the local network, including reading their response data. This could potentially lead to arbitrary code execution, depending on the nature of the local services. The vulnerability is limited to GET requests, as POST requests are not possible, but the impact on confidentiality, integrity, and availability is significant due to the potential for stolen credentials and state-changing interactions with internal APIs.", - "cve": "CVE-2024-3095", - "id": "pyup.io-71924", - "more_info_path": "/vulnerabilities/CVE-2024-3095/71924", - "specs": [ - ">=0" - ], - "v": ">=0" - }, { "advisory": "Langchains 0.1.14 updates its dependency 'langchain-core' in poetry.lock to version 0.1.37 to include a fix for a XML Entity Expansion vulnerability.", "cve": "CVE-2024-1455", @@ -79305,6 +79567,26 @@ "<0.2.5" ], "v": "<0.2.5" + }, + { + "advisory": "A Server-Side Request Forgery (SSRF) vulnerability exists in the Web Research Retriever component of affected versions of langchain-ai/langchain. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This flaw enables attackers to execute port scans, access local services, and in some scenarios, read instance metadata from cloud environments. The vulnerability is particularly concerning as it can be exploited to abuse the Web Explorer server as a proxy for web attacks on third parties and interact with servers in the local network, including reading their response data. This could potentially lead to arbitrary code execution, depending on the nature of the local services. The vulnerability is limited to GET requests, as POST requests are not possible, but the impact on confidentiality, integrity, and availability is significant due to the potential for stolen credentials and state-changing interactions with internal APIs.", + "cve": "CVE-2024-3095", + "id": "pyup.io-71924", + "more_info_path": "/vulnerabilities/CVE-2024-3095/71924", + "specs": [ + "<0.2.9" + ], + "v": "<0.2.9" + }, + { + "advisory": "Affected versions of langchain-ai/langchain are vulnerable to SQL injection through GraphCypherQAChain class. This vulnerability allows attackers to manipulate database queries via malicious input in prompts, potentially leading to unauthorized data access, manipulation, and cross-tenant data breaches. The vulnerability exists in the query processing logic of GraphCypherQAChain where user input is not properly sanitized. Successfully exploiting this requires access to the API endpoint. Users should upgrade to version 0.2.6 or later which includes input sanitization fixes.", + "cve": "CVE-2024-8309", + "id": "pyup.io-73959", + "more_info_path": "/vulnerabilities/CVE-2024-8309/73959", + "specs": [ + "<0.3.0" + ], + "v": "<0.3.0" } ], "langchain-core": [ @@ -79402,6 +79684,16 @@ ], "v": "<1.0.0a37" }, + { + "advisory": "Affected versions of Langflow are vulnerable to Missing Authorization (CWE-862). The attack can be carried out by sending file upload requests to the /api/v1/files/upload endpoint with a flow_id parameter corresponding to another user's flow. The vulnerable function is upload_file in files.py, which lacked proper authorization checks to verify flow ownership. To exploit this vulnerability, an attacker needs valid authentication credentials but does not require elevated privileges. Users should update to the version of Langflow, where this issue is fixed by adding authorization checks to ensure that only flow owners can upload files to their flows.", + "cve": "PVE-2024-73674", + "id": "pyup.io-73674", + "more_info_path": "/vulnerabilities/PVE-2024-73674/73674", + "specs": [ + "<1.0.19" + ], + "v": "<1.0.19" + }, { "advisory": "Langflow 1.0.6 updates its langchain-experimental dependency to version 0.0.61 or later to address a security vulnerability identified as CVE-2024-38459.", "cve": "CVE-2024-38459", @@ -79433,6 +79725,16 @@ "<2.1.0" ], "v": "<2.1.0" + }, + { + "advisory": "Langfuse affected versions are vulnerable to Open Redirect (CWE-601). This vulnerability allows attackers to craft malicious URLs that can redirect users to arbitrary external websites after authentication. The impact includes potential phishing attacks and unauthorized data exposure. The attack vector involves manipulating the targetPath query parameter in the sign-in URL. The vulnerable function is the redirect logic in the Layout component. Exploitability is high as it requires minimal user interaction. The commit mitigates this by implementing strict checks to allow only relative URLs for redirection. Users should update to the latest version containing this fix.", + "cve": "PVE-2024-73564", + "id": "pyup.io-73564", + "more_info_path": "/vulnerabilities/PVE-2024-73564/73564", + "specs": [ + "<2.81.1" + ], + "v": "<2.81.1" } ], "langsmith": [ @@ -80097,6 +80399,18 @@ "v": ">0,<0" } ], + "libcoveweb": [ + { + "advisory": "Affected versions of Libcoveweb are vulnerable to Denial of Service (DoS) attacks. The impact includes potential server resource exhaustion due to long-running requests. The attack vector involves submitting URLs that take an excessive amount of time to respond. The vulnerable function is the download method in SuppliedData model. Exploitability is moderate, requiring an attacker to supply a slow-responding URL. The commit mitigates this by implementing a configurable timeout for URL requests. Users should update to the latest version containing this fix. This vulnerability is specific to web applications and has a CWE identifier of CWE-400: Uncontrolled Resource Consumption.", + "cve": "PVE-2024-73572", + "id": "pyup.io-73572", + "more_info_path": "/vulnerabilities/PVE-2024-73572/73572", + "specs": [ + "<0.30.5" + ], + "v": "<0.30.5" + } + ], "libgenesis": [ { "advisory": "Libgenesis 0.1.8 updates its dependency 'lxml' minimum version to v4.6.5 to include security fixes.", @@ -80227,6 +80541,16 @@ } ], "libretranslate": [ + { + "advisory": "Libretranslate 1.5.4 updates its Requests dependency from 2.28.1 to 2.31.0. This upgrade addresses the vulnerability identified as CVE-2023-32681.\r\nhttps://github.com/LibreTranslate/LibreTranslate/pull/570/commits/51341d92ade55e47d94ac2f6dd095fcc226e62d0", + "cve": "CVE-2023-32681", + "id": "pyup.io-64073", + "more_info_path": "/vulnerabilities/CVE-2023-32681/64073", + "specs": [ + "<1.5.4" + ], + "v": "<1.5.4" + }, { "advisory": "Libretranslate 1.5.4 updates its Werkzeug dependency from 2.2.2 to 2.3.8. This upgrade addresses the vulnerability identified as CVE-2023-25577.\r\nhttps://github.com/LibreTranslate/LibreTranslate/pull/570/commits/51341d92ade55e47d94ac2f6dd095fcc226e62d0", "cve": "CVE-2023-25577", @@ -80246,16 +80570,6 @@ "<1.5.4" ], "v": "<1.5.4" - }, - { - "advisory": "Libretranslate 1.5.4 updates its Requests dependency from 2.28.1 to 2.31.0. This upgrade addresses the vulnerability identified as CVE-2023-32681.\r\nhttps://github.com/LibreTranslate/LibreTranslate/pull/570/commits/51341d92ade55e47d94ac2f6dd095fcc226e62d0", - "cve": "CVE-2023-32681", - "id": "pyup.io-64073", - "more_info_path": "/vulnerabilities/CVE-2023-32681/64073", - "specs": [ - "<1.5.4" - ], - "v": "<1.5.4" } ], "libtaxii": [ @@ -80610,10 +80924,20 @@ ], "lightning": [ { - "advisory": "Lightning 2.0.4 updates its dependency 'vite' to version '2.9.16' to include a security fix.\r\nhttps://github.com/Lightning-AI/lightning/commit/7d2a46efa9834c3bb0bc1069df0a2e3a6e855d01", - "cve": "CVE-2023-34092", - "id": "pyup.io-59184", - "more_info_path": "/vulnerabilities/CVE-2023-34092/59184", + "advisory": "Lightning 2.0.4 updates its dependency 'redis' to version '4.5.5' to include a security fix.\r\nhttps://github.com/Lightning-AI/lightning/commit/0831e138c02e492bdd384be99079d949c93b1e8e", + "cve": "CVE-2023-28858", + "id": "pyup.io-59186", + "more_info_path": "/vulnerabilities/CVE-2023-28858/59186", + "specs": [ + "<2.0.4" + ], + "v": "<2.0.4" + }, + { + "advisory": "Lightning 2.0.4 updates its dependency 'ipython' to version '8.14.0' to include a security fix.\r\nhttps://github.com/Lightning-AI/lightning/commit/98e1aabd0c711e508d33f599265de011ca5dfba8", + "cve": "CVE-2023-24816", + "id": "pyup.io-59170", + "more_info_path": "/vulnerabilities/CVE-2023-24816/59170", "specs": [ "<2.0.4" ], @@ -80640,27 +80964,17 @@ "v": "<2.0.4" }, { - "advisory": "Lightning 2.0.4 updates its dependency 'redis' to version '4.5.5' to include a security fix.\r\nhttps://github.com/Lightning-AI/lightning/commit/0831e138c02e492bdd384be99079d949c93b1e8e", - "cve": "CVE-2023-28858", - "id": "pyup.io-59186", - "more_info_path": "/vulnerabilities/CVE-2023-28858/59186", - "specs": [ - "<2.0.4" - ], - "v": "<2.0.4" - }, - { - "advisory": "Lightning 2.0.4 updates its dependency 'ipython' to version '8.14.0' to include a security fix.\r\nhttps://github.com/Lightning-AI/lightning/commit/98e1aabd0c711e508d33f599265de011ca5dfba8", - "cve": "CVE-2023-24816", - "id": "pyup.io-59170", - "more_info_path": "/vulnerabilities/CVE-2023-24816/59170", + "advisory": "Lightning 2.0.4 updates its dependency 'vite' to version '2.9.16' to include a security fix.\r\nhttps://github.com/Lightning-AI/lightning/commit/7d2a46efa9834c3bb0bc1069df0a2e3a6e855d01", + "cve": "CVE-2023-34092", + "id": "pyup.io-59184", + "more_info_path": "/vulnerabilities/CVE-2023-34092/59184", "specs": [ "<2.0.4" ], "v": "<2.0.4" }, { - "advisory": "A remote code execution (RCE) vulnerability exists in the lightning-ai/pytorch-lightning library affected versions due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state based on frontend actions. However, it is possible to bypass the intended restrictions on modifying dunder attributes, allowing an attacker to construct a serialized delta that passes the deserializer whitelist and contains dunder attributes. When processed, this can be exploited to access other modules, classes, and instances, leading to arbitrary attribute write and total RCE on any self-hosted pytorch-lightning application in its default configuration, as the delta endpoint is enabled by default.", + "advisory": "Affected versions of Lighting are vulnerable to remote code execution (RCE) due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state based on frontend actions. However, it is possible to bypass the intended restrictions on modifying dunder attributes, allowing an attacker to construct a serialized delta that passes the deserializer whitelist and contains dunder attributes. When processed, this can be exploited to access other modules, classes, and instances, leading to arbitrary attribute write and total RCE on any self-hosted pytorch-lightning application in its default configuration, as the delta endpoint is enabled by default.", "cve": "CVE-2024-5452", "id": "pyup.io-71939", "more_info_path": "/vulnerabilities/CVE-2024-5452/71939", @@ -80975,6 +81289,16 @@ ], "v": "<1.35.1.dev1" }, + { + "advisory": "Affected versions of BerriAI's litellm are vulnerable to arbitrary file deletion due to improper input validation on the `/audio/transcriptions` endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes the specified file without proper authorization or validation. This vulnerability is present in the code where `os.remove(file.filename)` is used to delete a file, allowing any user to delete critical files on the server such as SSH keys, SQLite databases, or configuration files.", + "cve": "CVE-2024-4888", + "id": "pyup.io-71651", + "more_info_path": "/vulnerabilities/CVE-2024-4888/71651", + "specs": [ + "<1.35.18" + ], + "v": "<1.35.18" + }, { "advisory": "Affected versions of Litellm are vulnerable to improper authorization. Users could remove files from litellm proxy server when calling /audio/transcriptions.", "cve": "PVE-2024-68072", @@ -80995,16 +81319,6 @@ ], "v": "<1.35.20.dev2" }, - { - "advisory": "BerriAI's litellm, in its latest version, is vulnerable to arbitrary file deletion due to improper input validation on the `/audio/transcriptions` endpoint. An attacker can exploit this vulnerability by sending a specially crafted request that includes a file path to the server, which then deletes the specified file without proper authorization or validation. This vulnerability is present in the code where `os.remove(file.filename)` is used to delete a file, allowing any user to delete critical files on the server such as SSH keys, SQLite databases, or configuration files.", - "cve": "CVE-2024-4888", - "id": "pyup.io-71651", - "more_info_path": "/vulnerabilities/CVE-2024-4888/71651", - "specs": [ - "<1.35.36" - ], - "v": "<1.35.36" - }, { "advisory": "An SQL Injection vulnerability exists in the berriai/litellm repository, specifically within the `/global/spend/logs` endpoint. The vulnerability arises due to improper neutralization of special elements used in an SQL command. The affected code constructs an SQL query by concatenating an unvalidated `api_key` parameter directly into the query, making it susceptible to SQL Injection if the `api_key` contains malicious data. This issue affects the latest version of the repository. Successful exploitation of this vulnerability could lead to unauthorized access, data manipulation, exposure of confidential information, and denial of service (DoS).", "cve": "CVE-2024-5225", @@ -81056,7 +81370,7 @@ "v": "<1.44.16" }, { - "advisory": "Affected versions of litellm vulnerable to SQL Injection (CWE-89). This vulnerability in the '/team/update' endpoint allows attackers to inject malicious SQL commands through the 'user_id' parameter, potentially leading to unauthorized access to sensitive data including API keys, user information, and tokens. The flaw stems from improper handling of user input in raw SQL queries. The patch replaces vulnerable raw SQL queries with parameterized queries using Prisma ORM, effectively preventing SQL injection attacks.", + "advisory": "Affected versions of Litellm are vulnerable to blind SQL Injection. This vulnerability in the '/team/update' endpoint allows attackers to inject malicious SQL commands through the 'user_id' parameter, potentially leading to unauthorized access to sensitive data including API keys, user information, and tokens. The flaw stems from improper handling of user input in raw SQL queries. The patch replaces vulnerable raw SQL queries with parameterized queries using Prisma ORM, effectively preventing SQL injection attacks.", "cve": "CVE-2024-4890", "id": "pyup.io-71721", "more_info_path": "/vulnerabilities/CVE-2024-4890/71721", @@ -81330,20 +81644,20 @@ ], "lnbits": [ { - "advisory": "Lnbits version 0.12.5 updates its `black` dependency from version 24.2.0 to 24.3.0 to address the security vulnerability identified as CVE-2024-21503.", - "cve": "CVE-2024-21503", - "id": "pyup.io-71111", - "more_info_path": "/vulnerabilities/CVE-2024-21503/71111", + "advisory": "Lnbits version 0.12.5 addresses a security issue in the `pycryptodomex` library. The dependency is updated from version 3.19.0 to 3.19.1 to resolve the vulnerability identified as CVE-2023-52323. This update ensures that the package remains secure by incorporating the necessary fixes from the updated library version.", + "cve": "CVE-2023-52323", + "id": "pyup.io-71115", + "more_info_path": "/vulnerabilities/CVE-2023-52323/71115", "specs": [ "<0.12.5" ], "v": "<0.12.5" }, { - "advisory": "Lnbits version 0.12.5 addresses a security issue in the `pycryptodomex` library. The dependency is updated from version 3.19.0 to 3.19.1 to resolve the vulnerability identified as CVE-2023-52323. This update ensures that the package remains secure by incorporating the necessary fixes from the updated library version.", - "cve": "CVE-2023-52323", - "id": "pyup.io-71115", - "more_info_path": "/vulnerabilities/CVE-2023-52323/71115", + "advisory": "Lnbits version 0.12.5 updates its `black` dependency from version 24.2.0 to 24.3.0 to address the security vulnerability identified as CVE-2024-21503.", + "cve": "CVE-2024-21503", + "id": "pyup.io-71111", + "more_info_path": "/vulnerabilities/CVE-2024-21503/71111", "specs": [ "<0.12.5" ], @@ -81360,6 +81674,18 @@ "v": "<0.12.6" } ], + "loadero-python": [ + { + "advisory": "Loadero-python 1.3.0 updates its dependency 'jinja2' to v3.1.4 to include a security fix.", + "cve": "CVE-2024-34064", + "id": "pyup.io-73766", + "more_info_path": "/vulnerabilities/CVE-2024-34064/73766", + "specs": [ + "<1.3.0" + ], + "v": "<1.3.0" + } + ], "localstack": [ { "advisory": "Localstack is vulnerable to CVE-2021-32090: The dashboard component of StackLift LocalStack 0.12.6 allows attackers to inject arbitrary shell commands via the functionName parameter. After disclosure, vendor said that these threats \"are not considered a key concern since LocalStack is executed on a local machine\". There's no information about patches for these vulnerabilities.\r\nhttps://blog.sonarsource.com/hack-the-stack-with-localstack", @@ -81956,20 +82282,20 @@ ], "logprep": [ { - "advisory": "Logprep 7.0.0 updates its dependency 'certifi' to include a security fix.", - "cve": "CVE-2023-37920", - "id": "pyup.io-61802", - "more_info_path": "/vulnerabilities/CVE-2023-37920/61802", + "advisory": "Logprep 7.0.0 updates its dependency 'aiohttp' to include a security fix.", + "cve": "CVE-2023-37276", + "id": "pyup.io-61805", + "more_info_path": "/vulnerabilities/CVE-2023-37276/61805", "specs": [ "<7.0.0" ], "v": "<7.0.0" }, { - "advisory": "Logprep 7.0.0 updates its dependency 'aiohttp' to include a security fix.", - "cve": "CVE-2023-37276", - "id": "pyup.io-61805", - "more_info_path": "/vulnerabilities/CVE-2023-37276/61805", + "advisory": "Logprep 7.0.0 updates its dependency 'certifi' to include a security fix.", + "cve": "CVE-2023-37920", + "id": "pyup.io-61802", + "more_info_path": "/vulnerabilities/CVE-2023-37920/61802", "specs": [ "<7.0.0" ], @@ -82698,6 +83024,18 @@ "v": ">0" } ], + "mailchecker": [ + { + "advisory": "Mailchecker requires lodash to be updated to version >4.17.5 to include the security fix for CVE-2018-3721.", + "cve": "CVE-2018-3721", + "id": "pyup.io-73552", + "more_info_path": "/vulnerabilities/CVE-2018-3721/73552", + "specs": [ + "<3.2.16" + ], + "v": "<3.2.16" + } + ], "mailman": [ { "advisory": "Mailman 2.1.14 includes a fix for CVE-2011-0707: Three XSS flaws due improper escaping of the full name of the member.", @@ -82970,10 +83308,10 @@ "v": "<=2.1.5" }, { - "advisory": "Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving \"standards-breaking RFC 2231 formatted headers\".", - "cve": "CVE-2006-2941", - "id": "pyup.io-61165", - "more_info_path": "/vulnerabilities/CVE-2006-2941/61165", + "advisory": "CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.", + "cve": "CVE-2006-4624", + "id": "pyup.io-61167", + "more_info_path": "/vulnerabilities/CVE-2006-4624/61167", "specs": [ "<=2.1.8" ], @@ -82990,10 +83328,10 @@ "v": "<=2.1.8" }, { - "advisory": "CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to spoof messages in the error log and possibly trick the administrator into visiting malicious URLs via CRLF sequences in the URI.", - "cve": "CVE-2006-4624", - "id": "pyup.io-61167", - "more_info_path": "/vulnerabilities/CVE-2006-4624/61167", + "advisory": "Mailman before 2.1.9rc1 allows remote attackers to cause a denial of service via unspecified vectors involving \"standards-breaking RFC 2231 formatted headers\".", + "cve": "CVE-2006-2941", + "id": "pyup.io-61165", + "more_info_path": "/vulnerabilities/CVE-2006-2941/61165", "specs": [ "<=2.1.8" ], @@ -83329,8 +83667,8 @@ { "advisory": "Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows local users to cause a denial of service via vectors involving names of temporary files.", "cve": "CVE-2010-2539", - "id": "pyup.io-61704", - "more_info_path": "/vulnerabilities/CVE-2010-2539/61704", + "id": "pyup.io-61364", + "more_info_path": "/vulnerabilities/CVE-2010-2539/61364", "specs": [ "<4.10.6", ">5.0,<5.6.4" @@ -83338,10 +83676,10 @@ "v": "<4.10.6,>5.0,<5.6.4" }, { - "advisory": "mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments.", - "cve": "CVE-2010-2540", - "id": "pyup.io-61363", - "more_info_path": "/vulnerabilities/CVE-2010-2540/61363", + "advisory": "Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows local users to cause a denial of service via vectors involving names of temporary files.", + "cve": "CVE-2010-2539", + "id": "pyup.io-61704", + "more_info_path": "/vulnerabilities/CVE-2010-2539/61704", "specs": [ "<4.10.6", ">5.0,<5.6.4" @@ -83349,10 +83687,10 @@ "v": "<4.10.6,>5.0,<5.6.4" }, { - "advisory": "Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 allows local users to cause a denial of service via vectors involving names of temporary files.", - "cve": "CVE-2010-2539", - "id": "pyup.io-61364", - "more_info_path": "/vulnerabilities/CVE-2010-2539/61364", + "advisory": "mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the use of CGI command-line arguments that were intended for debugging, which allows remote attackers to have an unspecified impact via crafted arguments.", + "cve": "CVE-2010-2540", + "id": "pyup.io-61363", + "more_info_path": "/vulnerabilities/CVE-2010-2540/61363", "specs": [ "<4.10.6", ">5.0,<5.6.4" @@ -83479,9 +83817,9 @@ }, { "advisory": "Maptasker 1.3.3 uses 'defusedxml' to prevent XXE vulnerabilities.\r\nhttps://github.com/mctinker/Map-Tasker/commit/748dc69ed16053fff0b8bb54fb1a3b589300355c", - "cve": "CVE-2013-1664", - "id": "pyup.io-55050", - "more_info_path": "/vulnerabilities/CVE-2013-1664/55050", + "cve": "CVE-2013-1665", + "id": "pyup.io-55045", + "more_info_path": "/vulnerabilities/CVE-2013-1665/55045", "specs": [ "<1.3.3" ], @@ -83489,9 +83827,9 @@ }, { "advisory": "Maptasker 1.3.3 uses 'defusedxml' to prevent XXE vulnerabilities.\r\nhttps://github.com/mctinker/Map-Tasker/commit/748dc69ed16053fff0b8bb54fb1a3b589300355c", - "cve": "CVE-2013-1665", - "id": "pyup.io-55045", - "more_info_path": "/vulnerabilities/CVE-2013-1665/55045", + "cve": "CVE-2013-1664", + "id": "pyup.io-55050", + "more_info_path": "/vulnerabilities/CVE-2013-1664/55050", "specs": [ "<1.3.3" ], @@ -83683,6 +84021,16 @@ ], "v": "<2.4.3" }, + { + "advisory": "Markdown2 2.4.4 includes a fix for an XSS vulnerability.\r\nhttps://github.com/trentm/python-markdown2/pull/473", + "cve": "PVE-2023-59183", + "id": "pyup.io-59183", + "more_info_path": "/vulnerabilities/PVE-2023-59183/59183", + "specs": [ + "<2.4.4" + ], + "v": "<2.4.4" + }, { "advisory": "Markdown2 2.4.4 includes a fix for an XSS vulnerability.\r\nhttps://github.com/trentm/python-markdown2/pull/434", "cve": "PVE-2023-59182", @@ -83694,14 +84042,24 @@ "v": "<2.4.4" }, { - "advisory": "Markdown2 2.4.4 includes a fix for an XSS vulnerability.\r\nhttps://github.com/trentm/python-markdown2/pull/473", - "cve": "PVE-2023-59183", - "id": "pyup.io-59183", - "more_info_path": "/vulnerabilities/PVE-2023-59183/59183", + "advisory": "Affected versions of markdown2 are vulnerable to Cross-Site Scripting (XSS): CWE-79. This vulnerability allows attackers to inject malicious scripts into rendered markdown content, even when safe mode is enabled. The issue occurs in the HTML tag parsing regular expression within the Markdown class in lib/markdown2.py, which insufficiently sanitizes attribute values. An attacker can exploit this by crafting specially formatted markdown input containing HTML tags with malicious attributes. Exploitation difficulty is low, only requiring control of the markdown input.", + "cve": "PVE-2024-73644", + "id": "pyup.io-73644", + "more_info_path": "/vulnerabilities/PVE-2024-73644/73644", "specs": [ - "<2.4.4" + "<2.5.1" ], - "v": "<2.4.4" + "v": "<2.5.1" + }, + { + "advisory": "Affected versions of markdown2 are vulnerable to Cross-Site Scripting (XSS) \u2014 CWE-79 \u2014 through image URL injection. This vulnerability allows attackers to inject malicious scripts into rendered markdown content, even when safe mode is enabled. The issue occurs in the _do_link_patterns method within the Markdown class in lib/markdown2.py, which insufficiently sanitizes image URLs. An attacker can exploit this by crafting specially formatted markdown input containing malicious image URLs. Exploitation difficulty is low, requiring only control over the markdown input.", + "cve": "PVE-2024-73672", + "id": "pyup.io-73672", + "more_info_path": "/vulnerabilities/PVE-2024-73672/73672", + "specs": [ + "<2.5.1" + ], + "v": "<2.5.1" }, { "advisory": "python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \\w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute.", @@ -83824,9 +84182,9 @@ }, { "advisory": "Masonite 4.10.0 updates its dependency 'waitress' requirements to '>=2.1,<2.2' to include security fixes.", - "cve": "CVE-2019-16792", - "id": "pyup.io-48138", - "more_info_path": "/vulnerabilities/CVE-2019-16792/48138", + "cve": "CVE-2019-16786", + "id": "pyup.io-48141", + "more_info_path": "/vulnerabilities/CVE-2019-16786/48141", "specs": [ "<4.10.0" ], @@ -83834,9 +84192,9 @@ }, { "advisory": "Masonite 4.10.0 updates its dependency 'waitress' requirements to '>=2.1,<2.2' to include security fixes.", - "cve": "CVE-2019-16789", - "id": "pyup.io-48139", - "more_info_path": "/vulnerabilities/CVE-2019-16789/48139", + "cve": "CVE-2019-16792", + "id": "pyup.io-48138", + "more_info_path": "/vulnerabilities/CVE-2019-16792/48138", "specs": [ "<4.10.0" ], @@ -83854,9 +84212,9 @@ }, { "advisory": "Masonite 4.10.0 updates its dependency 'waitress' requirements to '>=2.1,<2.2' to include security fixes.", - "cve": "CVE-2019-16786", - "id": "pyup.io-48141", - "more_info_path": "/vulnerabilities/CVE-2019-16786/48141", + "cve": "CVE-2019-16785", + "id": "pyup.io-48140", + "more_info_path": "/vulnerabilities/CVE-2019-16785/48140", "specs": [ "<4.10.0" ], @@ -83864,9 +84222,9 @@ }, { "advisory": "Masonite 4.10.0 updates its dependency 'waitress' requirements to '>=2.1,<2.2' to include security fixes.", - "cve": "CVE-2019-16785", - "id": "pyup.io-48140", - "more_info_path": "/vulnerabilities/CVE-2019-16785/48140", + "cve": "CVE-2019-16789", + "id": "pyup.io-48139", + "more_info_path": "/vulnerabilities/CVE-2019-16789/48139", "specs": [ "<4.10.0" ], @@ -84338,20 +84696,20 @@ "v": "<1.25.0" }, { - "advisory": "Matrix-synapse 1.27.0 includes a fix for CVE-2021-21333: In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject to HTML injection. In the case of the notification for missed messages, this could allow an attacker to insert forged content into the email. The account expiry feature is not enabled by default and the HTML injection is not controllable by an attacker.", - "cve": "CVE-2021-21333", - "id": "pyup.io-40107", - "more_info_path": "/vulnerabilities/CVE-2021-21333/40107", + "advisory": "Matrix-synapse 1.27.0 includes a fix for CVE-2021-21332: In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting (XSS) attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities, and access to other resources served on the same domain or parent domains.", + "cve": "CVE-2021-21332", + "id": "pyup.io-40106", + "more_info_path": "/vulnerabilities/CVE-2021-21332/40106", "specs": [ "<1.27.0" ], "v": "<1.27.0" }, { - "advisory": "Matrix-synapse 1.27.0 includes a fix for CVE-2021-21332: In Synapse before version 1.27.0, the password reset endpoint served via Synapse was vulnerable to cross-site scripting (XSS) attacks. The impact depends on the configuration of the domain that Synapse is deployed on, but may allow access to cookies and other browser data, CSRF vulnerabilities, and access to other resources served on the same domain or parent domains.", - "cve": "CVE-2021-21332", - "id": "pyup.io-40106", - "more_info_path": "/vulnerabilities/CVE-2021-21332/40106", + "advisory": "Matrix-synapse 1.27.0 includes a fix for CVE-2021-21333: In Synapse before version 1.27.0, the notification emails sent for notifications for missed messages or for an expiring account are subject to HTML injection. In the case of the notification for missed messages, this could allow an attacker to insert forged content into the email. The account expiry feature is not enabled by default and the HTML injection is not controllable by an attacker.", + "cve": "CVE-2021-21333", + "id": "pyup.io-40107", + "more_info_path": "/vulnerabilities/CVE-2021-21333/40107", "specs": [ "<1.27.0" ], @@ -84712,20 +85070,20 @@ "v": "<1.0" }, { - "advisory": "Mayan-edms versions before 3.0.2 are affected by CVE-2018-16406:\r\nThe Cabinets app has XSS via a crafted cabinet label.\r\nhttps://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst\r\nhttps://gitlab.com/mayan-edms/mayan-edms/commit/48dfc06e49c7f773749e063f8cc69c95509d1c32\r\nhttps://gitlab.com/mayan-edms/mayan-edms/issues/495", - "cve": "CVE-2018-16406", - "id": "pyup.io-41710", - "more_info_path": "/vulnerabilities/CVE-2018-16406/41710", + "advisory": "Mayan-edms versions before 3.0.2 are affected by CVE-2018-16405:\r\nThe Appearance app sets window.location directly, leading to XSS.\r\nhttps://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst\r\nhttps://gitlab.com/mayan-edms/mayan-edms/commit/9ebe80595afe4fdd1e2c74358d6a9421f4ce130e\r\nhttps://gitlab.com/mayan-edms/mayan-edms/issues/494", + "cve": "CVE-2018-16405", + "id": "pyup.io-41709", + "more_info_path": "/vulnerabilities/CVE-2018-16405/41709", "specs": [ "<3.0.2" ], "v": "<3.0.2" }, { - "advisory": "Mayan-edms versions before 3.0.2 are affected by CVE-2018-16405:\r\nThe Appearance app sets window.location directly, leading to XSS.\r\nhttps://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst\r\nhttps://gitlab.com/mayan-edms/mayan-edms/commit/9ebe80595afe4fdd1e2c74358d6a9421f4ce130e\r\nhttps://gitlab.com/mayan-edms/mayan-edms/issues/494", - "cve": "CVE-2018-16405", - "id": "pyup.io-41709", - "more_info_path": "/vulnerabilities/CVE-2018-16405/41709", + "advisory": "Mayan-edms versions before 3.0.2 are affected by CVE-2018-16406:\r\nThe Cabinets app has XSS via a crafted cabinet label.\r\nhttps://gitlab.com/mayan-edms/mayan-edms/blob/master/HISTORY.rst\r\nhttps://gitlab.com/mayan-edms/mayan-edms/commit/48dfc06e49c7f773749e063f8cc69c95509d1c32\r\nhttps://gitlab.com/mayan-edms/mayan-edms/issues/495", + "cve": "CVE-2018-16406", + "id": "pyup.io-41710", + "more_info_path": "/vulnerabilities/CVE-2018-16406/41710", "specs": [ "<3.0.2" ], @@ -84916,9 +85274,9 @@ "mendeleev": [ { "advisory": "Mendeleev 0.10.0 updates its dependency 'jupyter-server' to v1.18.1 to include security fixes.", - "cve": "CVE-2022-29241", - "id": "pyup.io-50168", - "more_info_path": "/vulnerabilities/CVE-2022-29241/50168", + "cve": "CVE-2022-24757", + "id": "pyup.io-50171", + "more_info_path": "/vulnerabilities/CVE-2022-24757/50171", "specs": [ "<0.10.0" ], @@ -84926,9 +85284,9 @@ }, { "advisory": "Mendeleev 0.10.0 updates its dependency 'jupyter-server' to v1.18.1 to include security fixes.", - "cve": "CVE-2022-24757", - "id": "pyup.io-50171", - "more_info_path": "/vulnerabilities/CVE-2022-24757/50171", + "cve": "CVE-2022-29241", + "id": "pyup.io-50168", + "more_info_path": "/vulnerabilities/CVE-2022-29241/50168", "specs": [ "<0.10.0" ], @@ -85021,20 +85379,20 @@ "v": ">=0,<3.2.4" }, { - "advisory": "Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.", - "cve": "CVE-2016-3069", - "id": "pyup.io-54114", - "more_info_path": "/vulnerabilities/CVE-2016-3069/54114", + "advisory": "The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.", + "cve": "CVE-2016-3630", + "id": "pyup.io-54117", + "more_info_path": "/vulnerabilities/CVE-2016-3630/54117", "specs": [ ">=0,<3.7.3" ], "v": ">=0,<3.7.3" }, { - "advisory": "The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.", - "cve": "CVE-2016-3630", - "id": "pyup.io-54117", - "more_info_path": "/vulnerabilities/CVE-2016-3630/54117", + "advisory": "Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.", + "cve": "CVE-2016-3069", + "id": "pyup.io-54114", + "more_info_path": "/vulnerabilities/CVE-2016-3069/54114", "specs": [ ">=0,<3.7.3" ], @@ -85223,20 +85581,20 @@ ], "metldata": [ { - "advisory": "Metldata version 1.3.0 updates its `cryptography` dependency to \"cryptography>=42.0.0\" to address vulnerabilities, including CVE-2023-50782.", - "cve": "CVE-2023-50782", - "id": "pyup.io-71293", - "more_info_path": "/vulnerabilities/CVE-2023-50782/71293", + "advisory": "Metldata version 1.3.0 updates its `cryptography` dependency to \"cryptography>=42.0.0\" to address vulnerabilities, including CVE-2023-49083.", + "cve": "CVE-2023-49083", + "id": "pyup.io-71299", + "more_info_path": "/vulnerabilities/CVE-2023-49083/71299", "specs": [ "<1.3.0" ], "v": "<1.3.0" }, { - "advisory": "Metldata version 1.3.0 updates its `cryptography` dependency to \"cryptography>=42.0.0\" to address vulnerabilities, including CVE-2023-49083.", - "cve": "CVE-2023-49083", - "id": "pyup.io-71299", - "more_info_path": "/vulnerabilities/CVE-2023-49083/71299", + "advisory": "Metldata version 1.3.0 updates its `cryptography` dependency to \"cryptography>=42.0.0\" to address vulnerabilities, including CVE-2023-50782.", + "cve": "CVE-2023-50782", + "id": "pyup.io-71293", + "more_info_path": "/vulnerabilities/CVE-2023-50782/71293", "specs": [ "<1.3.0" ], @@ -85586,9 +85944,9 @@ "mindee": [ { "advisory": "Mindee 2.0.1 updates its dependency 'Pillow' to v9.0.1 to include security fixes.", - "cve": "CVE-2022-24303", - "id": "pyup.io-45115", - "more_info_path": "/vulnerabilities/CVE-2022-24303/45115", + "cve": "CVE-2022-22817", + "id": "pyup.io-45377", + "more_info_path": "/vulnerabilities/CVE-2022-22817/45377", "specs": [ "<2.0.1" ], @@ -85596,9 +85954,9 @@ }, { "advisory": "Mindee 2.0.1 updates its dependency 'Pillow' to v9.0.1 to include security fixes.", - "cve": "CVE-2022-22817", - "id": "pyup.io-45377", - "more_info_path": "/vulnerabilities/CVE-2022-22817/45377", + "cve": "CVE-2022-24303", + "id": "pyup.io-45115", + "more_info_path": "/vulnerabilities/CVE-2022-24303/45115", "specs": [ "<2.0.1" ], @@ -85707,20 +86065,20 @@ "v": ">=0,<23.11.4.1" }, { - "advisory": "MindsDB affected versions contain a critical security vulnerability in the 'inhouse' model functionality. Malicious actors can exploit this flaw to execute arbitrary code on the server during prediction tasks. The vulnerability stems from unsafe deserialization of untrusted data in the BYOM (Bring Your Own Model) feature. Attackers who successfully upload a compromised 'inhouse' model can trigger the exploit when the system uses the model for predictions. This security issue poses a significant risk to server integrity and data confidentiality. Users are advised to update to a patched version or implement alternative serialization methods immediately.", - "cve": "CVE-2024-45853", - "id": "pyup.io-73319", - "more_info_path": "/vulnerabilities/CVE-2024-45853/73319", + "advisory": "MindsDB affected versions contain a critical vulnerability in the 'finetune' function of 'inhouse' models. This flaw allows attackers to execute arbitrary code on the server by exploiting unsafe deserialization of untrusted data. Malicious actors can upload a specially crafted 'inhouse' model, which, when finetuned, triggers the execution of arbitrary code. This vulnerability poses a significant security risk, potentially leading to unauthorized access, data breaches, or complete system compromise. Users should exercise extreme caution when finetuning 'inhouse' models and ensure they only use trusted and verified models until a patch is available.", + "cve": "CVE-2024-45855", + "id": "pyup.io-73321", + "more_info_path": "/vulnerabilities/CVE-2024-45855/73321", "specs": [ ">=23.10.2.0" ], "v": ">=23.10.2.0" }, { - "advisory": "MindsDB affected versions contain a critical vulnerability in the 'finetune' function of 'inhouse' models. This flaw allows attackers to execute arbitrary code on the server by exploiting unsafe deserialization of untrusted data. Malicious actors can upload a specially crafted 'inhouse' model, which, when finetuned, triggers the execution of arbitrary code. This vulnerability poses a significant security risk, potentially leading to unauthorized access, data breaches, or complete system compromise. Users should exercise extreme caution when finetuning 'inhouse' models and ensure they only use trusted and verified models until a patch is available.", - "cve": "CVE-2024-45855", - "id": "pyup.io-73321", - "more_info_path": "/vulnerabilities/CVE-2024-45855/73321", + "advisory": "MindsDB affected versions contain a critical security vulnerability in the 'inhouse' model functionality. Malicious actors can exploit this flaw to execute arbitrary code on the server during prediction tasks. The vulnerability stems from unsafe deserialization of untrusted data in the BYOM (Bring Your Own Model) feature. Attackers who successfully upload a compromised 'inhouse' model can trigger the exploit when the system uses the model for predictions. This security issue poses a significant risk to server integrity and data confidentiality. Users are advised to update to a patched version or implement alternative serialization methods immediately.", + "cve": "CVE-2024-45853", + "id": "pyup.io-73319", + "more_info_path": "/vulnerabilities/CVE-2024-45853/73319", "specs": [ ">=23.10.2.0" ], @@ -85747,10 +86105,10 @@ "v": ">=23.10.3.0,<24.7.4.1" }, { - "advisory": "A critical arbitrary code execution vulnerability affects MindsDB, particularly when using the ChromaDB, SharePoint, Weaviate, or VectorDatabase integrations. Attackers can exploit this vulnerability by crafting malicious 'INSERT' queries for list creation in SharePoint databases, or other queries containing Python code for the affected integrations. The system executes this code on the server using the unsafe eval() function, allowing unauthorized command execution and potentially compromising system integrity and confidentiality. This vulnerability falls under CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). The patch replaces the unsafe eval() function with ast.literal_eval(), significantly improving security by limiting evaluation to literal expressions only. This change prevents the execution of arbitrary Python code, effectively mitigating the risk of code injection attacks across all affected integrations.", - "cve": "CVE-2024-45849", - "id": "pyup.io-73311", - "more_info_path": "/vulnerabilities/CVE-2024-45849/73311", + "advisory": "A critical arbitrary code execution vulnerability affects MindsDB, particularly when using the ChromaDB, SharePoint, Weaviate, or VectorDatabase integrations. Attackers can exploit this vulnerability by crafting malicious 'INSERT' queries for site column creation in SharePoint databases, or other queries containing Python code for the affected integrations. The system executes this code on the server using the unsafe eval() function, allowing unauthorized command execution and potentially compromising system integrity and confidentiality. This vulnerability falls under CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). Users must update to the latest version immediately. The update replaces the unsafe eval() function with ast.literal_eval(), significantly improving security by limiting evaluation to literal expressions only. This change prevents the execution of arbitrary Python code, effectively mitigating the risk of code injection attacks across all affected integrations.", + "cve": "CVE-2024-45850", + "id": "pyup.io-73316", + "more_info_path": "/vulnerabilities/CVE-2024-45850/73316", "specs": [ ">=23.10.5.0,<24.7.4.1" ], @@ -85767,10 +86125,10 @@ "v": ">=23.10.5.0,<24.7.4.1" }, { - "advisory": "A critical arbitrary code execution vulnerability affects MindsDB, particularly when using the ChromaDB, SharePoint, Weaviate, or VectorDatabase integrations. Attackers can exploit this vulnerability by crafting malicious 'INSERT' queries for site column creation in SharePoint databases, or other queries containing Python code for the affected integrations. The system executes this code on the server using the unsafe eval() function, allowing unauthorized command execution and potentially compromising system integrity and confidentiality. This vulnerability falls under CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). Users must update to the latest version immediately. The update replaces the unsafe eval() function with ast.literal_eval(), significantly improving security by limiting evaluation to literal expressions only. This change prevents the execution of arbitrary Python code, effectively mitigating the risk of code injection attacks across all affected integrations.", - "cve": "CVE-2024-45850", - "id": "pyup.io-73316", - "more_info_path": "/vulnerabilities/CVE-2024-45850/73316", + "advisory": "A critical arbitrary code execution vulnerability affects MindsDB, particularly when using the ChromaDB, SharePoint, Weaviate, or VectorDatabase integrations. Attackers can exploit this vulnerability by crafting malicious 'INSERT' queries for list creation in SharePoint databases, or other queries containing Python code for the affected integrations. The system executes this code on the server using the unsafe eval() function, allowing unauthorized command execution and potentially compromising system integrity and confidentiality. This vulnerability falls under CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection'). The patch replaces the unsafe eval() function with ast.literal_eval(), significantly improving security by limiting evaluation to literal expressions only. This change prevents the execution of arbitrary Python code, effectively mitigating the risk of code injection attacks across all affected integrations.", + "cve": "CVE-2024-45849", + "id": "pyup.io-73311", + "more_info_path": "/vulnerabilities/CVE-2024-45849/73311", "specs": [ ">=23.10.5.0,<24.7.4.1" ], @@ -86613,20 +86971,20 @@ "v": "<2.0.0rc0" }, { - "advisory": "Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables.", - "cve": "CVE-2024-27132", - "id": "pyup.io-68487", - "more_info_path": "/vulnerabilities/CVE-2024-27132/68487", + "advisory": "mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can exploit this by crafting malicious model versions with specially crafted 'source' parameters, enabling the reading of sensitive files within at least two directory levels from the server's root.", + "cve": "CVE-2024-3573", + "id": "pyup.io-71964", + "more_info_path": "/vulnerabilities/CVE-2024-3573/71964", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "mlflow/mlflow is vulnerable to Local File Inclusion (LFI) due to improper parsing of URIs, allowing attackers to bypass checks and read arbitrary files on the system. The issue arises from the 'is_local_uri' function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can exploit this by crafting malicious model versions with specially crafted 'source' parameters, enabling the reading of sensitive files within at least two directory levels from the server's root.", - "cve": "CVE-2024-3573", - "id": "pyup.io-71964", - "more_info_path": "/vulnerabilities/CVE-2024-3573/71964", + "advisory": "Insufficient sanitization in MLflow leads to XSS when running an untrusted recipe. This issue leads to a client-side RCE when running an untrusted recipe in Jupyter Notebook. The vulnerability stems from lack of sanitization over template variables.", + "cve": "CVE-2024-27132", + "id": "pyup.io-68487", + "more_info_path": "/vulnerabilities/CVE-2024-27132/68487", "specs": [ "<2.10.0" ], @@ -86643,7 +87001,17 @@ "v": "<2.10.0" }, { - "advisory": "A Local File Inclusion (LFI) vulnerability was identified in mlflow/mlflow affected versions. This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences. An attacker can exploit this flaw by manipulating the fragment part of the URI to read arbitrary files on the local file system, including sensitive files like '/etc/passwd'. The vulnerability is a bypass to a previous patch that only addressed similar manipulation within the URI's query string, highlighting the need for comprehensive validation of all parts of a URI to prevent LFI attacks.", + "advisory": "Affected versions of Mlflow allow attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to Denial of Service (DoS) as an authenticated user might not be able to use the intended model, as it will open a different model each time. Additionally, an attacker can exploit this vulnerability to perform data model poisoning by creating a model with the same name, potentially causing an authenticated user to become a victim by using the poisoned model. The issue stems from inadequate validation of model names, allowing for the creation of models with URL-encoded names that are treated as distinct from their URL-decoded counterparts.", + "cve": "CVE-2024-3099", + "id": "pyup.io-71582", + "more_info_path": "/vulnerabilities/CVE-2024-3099/71582", + "specs": [ + "<2.11.3" + ], + "v": "<2.11.3" + }, + { + "advisory": "Affected versions of Mlflow are vulnerable to Local File Inclusion (LFI). This vulnerability arises from the application's failure to properly validate URI fragments for directory traversal sequences. An attacker can exploit this flaw by manipulating the fragment part of the URI to read arbitrary files on the local file system, including sensitive files like '/etc/passwd'. The vulnerability is a bypass to a previous patch that only addressed similar manipulation within the URI's query string, highlighting the need for comprehensive validation of all parts of a URI to prevent LFI attacks.", "cve": "CVE-2024-2928", "id": "pyup.io-71796", "more_info_path": "/vulnerabilities/CVE-2024-2928/71796", @@ -86653,40 +87021,40 @@ "v": "<2.11.3" }, { - "advisory": "Mlflow 2.12.0 has implemented a security patch to address a critical Local File Read/Path Traversal vulnerability found in the Model Registry.", - "cve": "PVE-2024-67933", - "id": "pyup.io-67933", - "more_info_path": "/vulnerabilities/PVE-2024-67933/67933", + "advisory": "A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. This vulnerability allows for arbitrary data smuggling into the 'params' part of the URL, enabling attacks similar to those described in previous reports but utilizing the ';' character for parameter smuggling. Successful exploitation could lead to unauthorized information disclosure or server compromise.", + "cve": "CVE-2024-1593", + "id": "pyup.io-71963", + "more_info_path": "/vulnerabilities/CVE-2024-1593/71963", "specs": [ "<2.12.1" ], "v": "<2.12.1" }, { - "advisory": "A broken access control vulnerability exists in mlflow/mlflow affected versions, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT permissions, allowing them to perform unauthorized deletions of artifacts. The vulnerability specifically affects the handling of artifact deletions within the application, as demonstrated by the ability of a low privilege user to delete a directory inside an artifact using a DELETE request, despite the official documentation stating that users with EDIT permission can only read and update artifacts, not delete them.", - "cve": "CVE-2024-4263", - "id": "pyup.io-71586", - "more_info_path": "/vulnerabilities/CVE-2024-4263/71586", + "advisory": "A path traversal vulnerability exists in mlflow/mlflow affected versions, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the fragment, effectively skipping validation. This allows an attacker to construct a URL that, when processed, ignores the protocol scheme and uses the provided path for filesystem access. As a result, an attacker can read arbitrary files, including sensitive information such as SSH and cloud keys, by exploiting the way the application converts the URL into a filesystem path. The issue stems from insufficient validation of the fragment portion of the URL, leading to arbitrary file read through path traversal.", + "cve": "CVE-2024-3848", + "id": "pyup.io-71698", + "more_info_path": "/vulnerabilities/CVE-2024-3848/71698", "specs": [ "<2.12.1" ], "v": "<2.12.1" }, { - "advisory": "A path traversal vulnerability exists in mlflow/mlflow affected versions, identified as a bypass for the previously addressed CVE-2023-6909. The vulnerability arises from the application's handling of artifact URLs, where a '#' character can be used to insert a path into the fragment, effectively skipping validation. This allows an attacker to construct a URL that, when processed, ignores the protocol scheme and uses the provided path for filesystem access. As a result, an attacker can read arbitrary files, including sensitive information such as SSH and cloud keys, by exploiting the way the application converts the URL into a filesystem path. The issue stems from insufficient validation of the fragment portion of the URL, leading to arbitrary file read through path traversal.", - "cve": "CVE-2024-3848", - "id": "pyup.io-71698", - "more_info_path": "/vulnerabilities/CVE-2024-3848/71698", + "advisory": "Mlflow 2.12.0 has implemented a security patch to address a critical Local File Read/Path Traversal vulnerability found in the Model Registry.", + "cve": "PVE-2024-67933", + "id": "pyup.io-67933", + "more_info_path": "/vulnerabilities/PVE-2024-67933/67933", "specs": [ "<2.12.1" ], "v": "<2.12.1" }, { - "advisory": "A path traversal vulnerability exists in the mlflow/mlflow repository due to improper handling of URL parameters. By smuggling path traversal sequences using the ';' character in URLs, attackers can manipulate the 'params' portion of the URL to gain unauthorized access to files or directories. This vulnerability allows for arbitrary data smuggling into the 'params' part of the URL, enabling attacks similar to those described in previous reports but utilizing the ';' character for parameter smuggling. Successful exploitation could lead to unauthorized information disclosure or server compromise.", - "cve": "CVE-2024-1593", - "id": "pyup.io-71963", - "more_info_path": "/vulnerabilities/CVE-2024-1593/71963", + "advisory": "A broken access control vulnerability exists in mlflow/mlflow affected versions, where low privilege users with only EDIT permissions on an experiment can delete any artifacts. This issue arises due to the lack of proper validation for DELETE requests by users with EDIT permissions, allowing them to perform unauthorized deletions of artifacts. The vulnerability specifically affects the handling of artifact deletions within the application, as demonstrated by the ability of a low privilege user to delete a directory inside an artifact using a DELETE request, despite the official documentation stating that users with EDIT permission can only read and update artifacts, not delete them.", + "cve": "CVE-2024-4263", + "id": "pyup.io-71586", + "more_info_path": "/vulnerabilities/CVE-2024-4263/71586", "specs": [ "<2.12.1" ], @@ -86823,20 +87191,20 @@ "v": "<2.8.1" }, { - "advisory": "MLflow version 2.9.0 addresses a vulnerability that previously allowed an attacker to overwrite any file on the server hosting MLflow without any authentication.\r\nhttps://github.com/mlflow/mlflow/commit/55c72d02380e8db8118595a4fdae7879cb7ac5bd", - "cve": "CVE-2023-6018", - "id": "pyup.io-62992", - "more_info_path": "/vulnerabilities/CVE-2023-6018/62992", + "advisory": "A vulnerability in mlflow/mlflow allows for remote code execution due to improper neutralization of special elements used in an OS command ('Command Injection') within the mlflow.data.http_dataset_source.py module. Specifically, when loading a dataset from a source URL with an HTTP scheme, the filename extracted from the Content-Disposition header or the URL path is used to generate the final file path without proper sanitization. This flaw enables an attacker to control the file path fully by utilizing path traversal or absolute path techniques, such as tmp/poc.txt or /tmp/poc.txt, leading to arbitrary file write. Exploiting this vulnerability could allow a malicious user to execute commands on the vulnerable machine, potentially gaining access to data and model information.", + "cve": "CVE-2024-0520", + "id": "pyup.io-71965", + "more_info_path": "/vulnerabilities/CVE-2024-0520/71965", "specs": [ "<2.9.0" ], "v": "<2.9.0" }, { - "advisory": "A vulnerability in mlflow/mlflow allows for remote code execution due to improper neutralization of special elements used in an OS command ('Command Injection') within the mlflow.data.http_dataset_source.py module. Specifically, when loading a dataset from a source URL with an HTTP scheme, the filename extracted from the Content-Disposition header or the URL path is used to generate the final file path without proper sanitization. This flaw enables an attacker to control the file path fully by utilizing path traversal or absolute path techniques, such as tmp/poc.txt or /tmp/poc.txt, leading to arbitrary file write. Exploiting this vulnerability could allow a malicious user to execute commands on the vulnerable machine, potentially gaining access to data and model information.", - "cve": "CVE-2024-0520", - "id": "pyup.io-71965", - "more_info_path": "/vulnerabilities/CVE-2024-0520/71965", + "advisory": "MLflow version 2.9.0 addresses a vulnerability that previously allowed an attacker to overwrite any file on the server hosting MLflow without any authentication.\r\nhttps://github.com/mlflow/mlflow/commit/55c72d02380e8db8118595a4fdae7879cb7ac5bd", + "cve": "CVE-2023-6018", + "id": "pyup.io-62992", + "more_info_path": "/vulnerabilities/CVE-2023-6018/62992", "specs": [ "<2.9.0" ], @@ -86863,20 +87231,20 @@ "v": "<2.9.2" }, { - "advisory": "mlflow 2.9.2 addresses an Improper Neutralization of Special Elements Used in a Template Engine.\r\nhttps://github.com/mlflow/mlflow/pull/10640/commits/930eb808c6394360d1aa217a9eaa33891c1d244d", - "cve": "CVE-2023-6709", - "id": "pyup.io-62995", - "more_info_path": "/vulnerabilities/CVE-2023-6709/62995", + "advisory": "A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and `local_file_uri_to_path` function, allowing for the deletion of arbitrary directories on the server's filesystem. This vulnerability is due to an extra unquote operation in the `delete_artifacts` function of `local_artifact_repo.py`, which fails to sanitize user-supplied paths properly. The issue is present on affected versions, despite attempts to fix a similar issue in CVE-2023-6831.", + "cve": "CVE-2024-1560", + "id": "pyup.io-71588", + "more_info_path": "/vulnerabilities/CVE-2024-1560/71588", "specs": [ "<2.9.2" ], "v": "<2.9.2" }, { - "advisory": "A path traversal vulnerability exists in the mlflow/mlflow repository, specifically within the artifact deletion functionality. Attackers can bypass path validation by exploiting the double decoding process in the `_delete_artifact_mlflow_artifacts` handler and `local_file_uri_to_path` function, allowing for the deletion of arbitrary directories on the server's filesystem. This vulnerability is due to an extra unquote operation in the `delete_artifacts` function of `local_artifact_repo.py`, which fails to sanitize user-supplied paths properly. The issue is present on affected versions, despite attempts to fix a similar issue in CVE-2023-6831.", - "cve": "CVE-2024-1560", - "id": "pyup.io-71588", - "more_info_path": "/vulnerabilities/CVE-2024-1560/71588", + "advisory": "mlflow 2.9.2 addresses an Improper Neutralization of Special Elements Used in a Template Engine.\r\nhttps://github.com/mlflow/mlflow/pull/10640/commits/930eb808c6394360d1aa217a9eaa33891c1d244d", + "cve": "CVE-2023-6709", + "id": "pyup.io-62995", + "more_info_path": "/vulnerabilities/CVE-2023-6709/62995", "specs": [ "<2.9.2" ], @@ -86914,19 +87282,9 @@ }, { "advisory": "Path Traversal: '\\..\\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.", - "cve": "CVE-2023-6831", - "id": "pyup.io-65216", - "more_info_path": "/vulnerabilities/CVE-2023-6831/65216", - "specs": [ - ">=0,<2.9.2" - ], - "v": ">=0,<2.9.2" - }, - { - "advisory": "This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process.", - "cve": "CVE-2023-6976", - "id": "pyup.io-65221", - "more_info_path": "/vulnerabilities/CVE-2023-6976/65221", + "cve": "CVE-2023-6909", + "id": "pyup.io-65217", + "more_info_path": "/vulnerabilities/CVE-2023-6909/65217", "specs": [ ">=0,<2.9.2" ], @@ -86943,20 +87301,20 @@ "v": ">=0,<2.9.2" }, { - "advisory": "A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.", - "cve": "CVE-2023-6975", - "id": "pyup.io-65220", - "more_info_path": "/vulnerabilities/CVE-2023-6975/65220", + "advisory": "Path Traversal: '\\..\\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.", + "cve": "CVE-2023-6831", + "id": "pyup.io-65216", + "more_info_path": "/vulnerabilities/CVE-2023-6831/65216", "specs": [ ">=0,<2.9.2" ], "v": ">=0,<2.9.2" }, { - "advisory": "Path Traversal: '\\..\\filename' in GitHub repository mlflow/mlflow prior to 2.9.2.", - "cve": "CVE-2023-6909", - "id": "pyup.io-65217", - "more_info_path": "/vulnerabilities/CVE-2023-6909/65217", + "advisory": "This vulnerability is capable of writing arbitrary files into arbitrary locations on the remote filesystem in the context of the server process.", + "cve": "CVE-2023-6976", + "id": "pyup.io-65221", + "more_info_path": "/vulnerabilities/CVE-2023-6976/65221", "specs": [ ">=0,<2.9.2" ], @@ -86972,6 +87330,16 @@ ], "v": ">=0,<2.9.2" }, + { + "advisory": "A malicious user could use this issue to get command execution on the vulnerable machine and get access to data & models information.", + "cve": "CVE-2023-6975", + "id": "pyup.io-65220", + "more_info_path": "/vulnerabilities/CVE-2023-6975/65220", + "specs": [ + ">=0,<2.9.2" + ], + "v": ">=0,<2.9.2" + }, { "advisory": "Deserialization of untrusted data can occur in affected versions of the MLflow platform running, enabling a maliciously uploaded PyTorch model to run arbitrary code on an end user\u2019s system when interacted with.", "cve": "CVE-2024-37059", @@ -87072,16 +87440,6 @@ ], "v": ">=2.0.0rc0" }, - { - "advisory": "A vulnerability in mlflow/mlflow affected versions allows attackers to create multiple models with the same name by exploiting URL encoding. This flaw can lead to Denial of Service (DoS) as an authenticated user might not be able to use the intended model, as it will open a different model each time. Additionally, an attacker can exploit this vulnerability to perform data model poisoning by creating a model with the same name, potentially causing an authenticated user to become a victim by using the poisoned model. The issue stems from inadequate validation of model names, allowing for the creation of models with URL-encoded names that are treated as distinct from their URL-decoded counterparts.", - "cve": "CVE-2024-3099", - "id": "pyup.io-71582", - "more_info_path": "/vulnerabilities/CVE-2024-3099/71582", - "specs": [ - ">=2.11.1,<2.11.3" - ], - "v": ">=2.11.1,<2.11.3" - }, { "advisory": "A path traversal vulnerability exists in mlflow/mlflow version 2.9.2, allowing attackers to access arbitrary files on the server. By crafting a series of HTTP POST requests with specially crafted 'artifact_location' and 'source' parameters, using a local URI with '#' instead of '?', an attacker can traverse the server's directory structure. The issue occurs due to insufficient validation of user-supplied input in the server's handlers.", "cve": "CVE-2024-1483", @@ -87118,10 +87476,10 @@ "v": "<0.9.0rc7" }, { - "advisory": "Mlrun 1.0.3rc1 adds \"pillow~=9.0\" to requirements to tackle vulnerabilities.", - "cve": "CVE-2022-22816", - "id": "pyup.io-49218", - "more_info_path": "/vulnerabilities/CVE-2022-22816/49218", + "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", + "cve": "CVE-2022-0155", + "id": "pyup.io-49169", + "more_info_path": "/vulnerabilities/CVE-2022-0155/49169", "specs": [ "<1.0.3rc1" ], @@ -87129,9 +87487,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-35942", - "id": "pyup.io-49175", - "more_info_path": "/vulnerabilities/CVE-2021-35942/49175", + "cve": "CVE-2020-13529", + "id": "pyup.io-49203", + "more_info_path": "/vulnerabilities/CVE-2020-13529/49203", "specs": [ "<1.0.3rc1" ], @@ -87139,19 +87497,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2022-23219", - "id": "pyup.io-49178", - "more_info_path": "/vulnerabilities/CVE-2022-23219/49178", + "cve": "CVE-2022-24785", + "id": "pyup.io-49205", + "more_info_path": "/vulnerabilities/CVE-2022-24785/49205", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds \"notebook~=6.4\" to requirements to tackle vulnerabilities.", - "cve": "CVE-2021-32798", - "id": "pyup.io-49216", - "more_info_path": "/vulnerabilities/CVE-2021-32798/49216", + "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", + "cve": "CVE-2021-33503", + "id": "pyup.io-49213", + "more_info_path": "/vulnerabilities/CVE-2021-33503/49213", "specs": [ "<1.0.3rc1" ], @@ -87159,9 +87517,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2022-24785", - "id": "pyup.io-49205", - "more_info_path": "/vulnerabilities/CVE-2022-24785/49205", + "cve": "CVE-2021-3326", + "id": "pyup.io-49179", + "more_info_path": "/vulnerabilities/CVE-2021-3326/49179", "specs": [ "<1.0.3rc1" ], @@ -87169,9 +87527,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-41247", - "id": "pyup.io-49173", - "more_info_path": "/vulnerabilities/CVE-2021-41247/49173", + "cve": "CVE-2021-27645", + "id": "pyup.io-49177", + "more_info_path": "/vulnerabilities/CVE-2021-27645/49177", "specs": [ "<1.0.3rc1" ], @@ -87179,19 +87537,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-37713", - "id": "pyup.io-49209", - "more_info_path": "/vulnerabilities/CVE-2021-37713/49209", + "cve": "CVE-2021-37701", + "id": "pyup.io-49211", + "more_info_path": "/vulnerabilities/CVE-2021-37701/49211", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e\r\nhttps://github.com/advisories/GHSA-hxwm-x553-x359", - "cve": "PVE-2022-49161", - "id": "pyup.io-49165", - "more_info_path": "/vulnerabilities/PVE-2022-49161/49165", + "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", + "cve": "CVE-2021-3999", + "id": "pyup.io-49188", + "more_info_path": "/vulnerabilities/CVE-2021-3999/49188", "specs": [ "<1.0.3rc1" ], @@ -87199,9 +87557,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-32804", - "id": "pyup.io-49208", - "more_info_path": "/vulnerabilities/CVE-2021-32804/49208", + "cve": "CVE-2022-23219", + "id": "pyup.io-49178", + "more_info_path": "/vulnerabilities/CVE-2022-23219/49178", "specs": [ "<1.0.3rc1" ], @@ -87209,19 +87567,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2020-29562", - "id": "pyup.io-49184", - "more_info_path": "/vulnerabilities/CVE-2020-29562/49184", + "cve": "CVE-2021-37713", + "id": "pyup.io-49209", + "more_info_path": "/vulnerabilities/CVE-2021-37713/49209", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-3997", - "id": "pyup.io-49204", - "more_info_path": "/vulnerabilities/CVE-2021-3997/49204", + "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e\r\nhttps://github.com/advisories/GHSA-hxwm-x553-x359", + "cve": "PVE-2022-49161", + "id": "pyup.io-49165", + "more_info_path": "/vulnerabilities/PVE-2022-49161/49165", "specs": [ "<1.0.3rc1" ], @@ -87229,9 +87587,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-39134", - "id": "pyup.io-49164", - "more_info_path": "/vulnerabilities/CVE-2021-39134/49164", + "cve": "CVE-2021-37712", + "id": "pyup.io-49212", + "more_info_path": "/vulnerabilities/CVE-2021-37712/49212", "specs": [ "<1.0.3rc1" ], @@ -87239,19 +87597,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-39135", - "id": "pyup.io-49161", - "more_info_path": "/vulnerabilities/CVE-2021-39135/49161", + "cve": "CVE-2021-3997", + "id": "pyup.io-49204", + "more_info_path": "/vulnerabilities/CVE-2021-3997/49204", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-23343", - "id": "pyup.io-49207", - "more_info_path": "/vulnerabilities/CVE-2021-23343/49207", + "advisory": "Mlrun 1.0.3rc1 adds \"pillow~=9.0\" to requirements to tackle vulnerabilities.", + "cve": "CVE-2022-22816", + "id": "pyup.io-49218", + "more_info_path": "/vulnerabilities/CVE-2022-22816/49218", "specs": [ "<1.0.3rc1" ], @@ -87259,9 +87617,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2020-13529", - "id": "pyup.io-49203", - "more_info_path": "/vulnerabilities/CVE-2020-13529/49203", + "cve": "CVE-2022-24757", + "id": "pyup.io-49172", + "more_info_path": "/vulnerabilities/CVE-2022-24757/49172", "specs": [ "<1.0.3rc1" ], @@ -87269,29 +87627,29 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-27645", - "id": "pyup.io-49177", - "more_info_path": "/vulnerabilities/CVE-2021-27645/49177", + "cve": "CVE-2021-39135", + "id": "pyup.io-49161", + "more_info_path": "/vulnerabilities/CVE-2021-39135/49161", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2019-25013", - "id": "pyup.io-49185", - "more_info_path": "/vulnerabilities/CVE-2019-25013/49185", + "advisory": "Mlrun 1.0.3rc1 adds \"pillow~=9.0\" to requirements to tackle vulnerabilities.", + "cve": "CVE-2022-22817", + "id": "pyup.io-49220", + "more_info_path": "/vulnerabilities/CVE-2022-22817/49220", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2022-0536", - "id": "pyup.io-49168", - "more_info_path": "/vulnerabilities/CVE-2022-0536/49168", + "advisory": "Mlrun 1.0.3rc1 adds \"notebook~=6.4\" to requirements to tackle vulnerabilities.", + "cve": "CVE-2021-32798", + "id": "pyup.io-49216", + "more_info_path": "/vulnerabilities/CVE-2021-32798/49216", "specs": [ "<1.0.3rc1" ], @@ -87299,9 +87657,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-37712", - "id": "pyup.io-49212", - "more_info_path": "/vulnerabilities/CVE-2021-37712/49212", + "cve": "CVE-2021-32797", + "id": "pyup.io-49174", + "more_info_path": "/vulnerabilities/CVE-2021-32797/49174", "specs": [ "<1.0.3rc1" ], @@ -87309,9 +87667,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-33910", - "id": "pyup.io-49202", - "more_info_path": "/vulnerabilities/CVE-2021-33910/49202", + "cve": "CVE-2021-35942", + "id": "pyup.io-49175", + "more_info_path": "/vulnerabilities/CVE-2021-35942/49175", "specs": [ "<1.0.3rc1" ], @@ -87319,9 +87677,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-32797", - "id": "pyup.io-49174", - "more_info_path": "/vulnerabilities/CVE-2021-32797/49174", + "cve": "CVE-2022-0536", + "id": "pyup.io-49168", + "more_info_path": "/vulnerabilities/CVE-2022-0536/49168", "specs": [ "<1.0.3rc1" ], @@ -87329,9 +87687,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds \"pillow~=9.0\" to requirements to tackle vulnerabilities.", - "cve": "CVE-2022-22815", - "id": "pyup.io-49219", - "more_info_path": "/vulnerabilities/CVE-2022-22815/49219", + "cve": "CVE-2022-24303", + "id": "pyup.io-49217", + "more_info_path": "/vulnerabilities/CVE-2022-24303/49217", "specs": [ "<1.0.3rc1" ], @@ -87339,9 +87697,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2022-0155", - "id": "pyup.io-49169", - "more_info_path": "/vulnerabilities/CVE-2022-0155/49169", + "cve": "CVE-2021-3807", + "id": "pyup.io-49166", + "more_info_path": "/vulnerabilities/CVE-2021-3807/49166", "specs": [ "<1.0.3rc1" ], @@ -87349,19 +87707,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2022-23218", - "id": "pyup.io-49180", - "more_info_path": "/vulnerabilities/CVE-2022-23218/49180", + "cve": "CVE-2021-41247", + "id": "pyup.io-49173", + "more_info_path": "/vulnerabilities/CVE-2021-41247/49173", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds \"pillow~=9.0\" to requirements to tackle vulnerabilities.", - "cve": "CVE-2022-22817", - "id": "pyup.io-49220", - "more_info_path": "/vulnerabilities/CVE-2022-22817/49220", + "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", + "cve": "CVE-2021-32803", + "id": "pyup.io-49210", + "more_info_path": "/vulnerabilities/CVE-2021-32803/49210", "specs": [ "<1.0.3rc1" ], @@ -87369,9 +87727,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-32803", - "id": "pyup.io-49210", - "more_info_path": "/vulnerabilities/CVE-2021-32803/49210", + "cve": "CVE-2021-33910", + "id": "pyup.io-49202", + "more_info_path": "/vulnerabilities/CVE-2021-33910/49202", "specs": [ "<1.0.3rc1" ], @@ -87379,19 +87737,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2016-10228", - "id": "pyup.io-49200", - "more_info_path": "/vulnerabilities/CVE-2016-10228/49200", + "cve": "CVE-2021-3918", + "id": "pyup.io-49171", + "more_info_path": "/vulnerabilities/CVE-2021-3918/49171", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds \"pillow~=9.0\" to requirements to tackle vulnerabilities.", - "cve": "CVE-2022-24303", - "id": "pyup.io-49217", - "more_info_path": "/vulnerabilities/CVE-2022-24303/49217", + "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", + "cve": "CVE-2020-6096", + "id": "pyup.io-49182", + "more_info_path": "/vulnerabilities/CVE-2020-6096/49182", "specs": [ "<1.0.3rc1" ], @@ -87399,9 +87757,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-37701", - "id": "pyup.io-49211", - "more_info_path": "/vulnerabilities/CVE-2021-37701/49211", + "cve": "CVE-2022-23218", + "id": "pyup.io-49180", + "more_info_path": "/vulnerabilities/CVE-2022-23218/49180", "specs": [ "<1.0.3rc1" ], @@ -87419,19 +87777,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-3999", - "id": "pyup.io-49188", - "more_info_path": "/vulnerabilities/CVE-2021-3999/49188", + "cve": "CVE-2022-21699", + "id": "pyup.io-49170", + "more_info_path": "/vulnerabilities/CVE-2022-21699/49170", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds \"notebook~=6.4\" to requirements to tackle vulnerabilities.", - "cve": "CVE-2022-24758", - "id": "pyup.io-49215", - "more_info_path": "/vulnerabilities/CVE-2022-24758/49215", + "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", + "cve": "CVE-2021-39134", + "id": "pyup.io-49164", + "more_info_path": "/vulnerabilities/CVE-2021-39134/49164", "specs": [ "<1.0.3rc1" ], @@ -87439,19 +87797,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2020-6096", - "id": "pyup.io-49182", - "more_info_path": "/vulnerabilities/CVE-2020-6096/49182", + "cve": "CVE-2021-23343", + "id": "pyup.io-49207", + "more_info_path": "/vulnerabilities/CVE-2021-23343/49207", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-3918", - "id": "pyup.io-49171", - "more_info_path": "/vulnerabilities/CVE-2021-3918/49171", + "advisory": "Mlrun 1.0.3rc1 adds \"pillow~=9.0\" to requirements to tackle vulnerabilities.", + "cve": "CVE-2022-22815", + "id": "pyup.io-49219", + "more_info_path": "/vulnerabilities/CVE-2022-22815/49219", "specs": [ "<1.0.3rc1" ], @@ -87459,9 +87817,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-33503", - "id": "pyup.io-49213", - "more_info_path": "/vulnerabilities/CVE-2021-33503/49213", + "cve": "CVE-2016-10228", + "id": "pyup.io-49200", + "more_info_path": "/vulnerabilities/CVE-2016-10228/49200", "specs": [ "<1.0.3rc1" ], @@ -87469,19 +87827,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-3326", - "id": "pyup.io-49179", - "more_info_path": "/vulnerabilities/CVE-2021-3326/49179", + "cve": "CVE-2021-32804", + "id": "pyup.io-49208", + "more_info_path": "/vulnerabilities/CVE-2021-32804/49208", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2021-3807", - "id": "pyup.io-49166", - "more_info_path": "/vulnerabilities/CVE-2021-3807/49166", + "advisory": "Mlrun 1.0.3rc1 adds \"notebook~=6.4\" to requirements to tackle vulnerabilities.", + "cve": "CVE-2022-24758", + "id": "pyup.io-49215", + "more_info_path": "/vulnerabilities/CVE-2022-24758/49215", "specs": [ "<1.0.3rc1" ], @@ -87489,9 +87847,9 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2022-24757", - "id": "pyup.io-49172", - "more_info_path": "/vulnerabilities/CVE-2022-24757/49172", + "cve": "CVE-2020-29562", + "id": "pyup.io-49184", + "more_info_path": "/vulnerabilities/CVE-2020-29562/49184", "specs": [ "<1.0.3rc1" ], @@ -87499,19 +87857,19 @@ }, { "advisory": "Mlrun 1.0.3rc1 adds command to install security fixes in Docker base image.\r\nhttps://github.com/mlrun/mlrun/pull/1997/commits/de4c87f478f8d76dd8e46942588c81ef0d0b481e", - "cve": "CVE-2022-21699", - "id": "pyup.io-49170", - "more_info_path": "/vulnerabilities/CVE-2022-21699/49170", + "cve": "CVE-2019-25013", + "id": "pyup.io-49185", + "more_info_path": "/vulnerabilities/CVE-2019-25013/49185", "specs": [ "<1.0.3rc1" ], "v": "<1.0.3rc1" }, { - "advisory": "Mlrun 1.0.4rc1 updates its dependency 'Fastapi' to v0.78.0 to fix a transitive vulnerability related to 'ujson'.", - "cve": "CVE-2021-45958", - "id": "pyup.io-49374", - "more_info_path": "/vulnerabilities/CVE-2021-45958/49374", + "advisory": "Mlrun 1.0.4rc1 updates its dependency 'storey' to v1.0.5 to fix transitive vulnerabilities related to NumPy.", + "cve": "CVE-2021-41495", + "id": "pyup.io-49372", + "more_info_path": "/vulnerabilities/CVE-2021-41495/49372", "specs": [ "<1.0.4rc1" ], @@ -87528,10 +87886,10 @@ "v": "<1.0.4rc1" }, { - "advisory": "Mlrun 1.0.4rc1 updates its dependency 'storey' to v1.0.5 to fix transitive vulnerabilities related to NumPy.", - "cve": "CVE-2021-34141", - "id": "pyup.io-49371", - "more_info_path": "/vulnerabilities/CVE-2021-34141/49371", + "advisory": "Mlrun 1.0.4rc1 updates its dependency 'Fastapi' to v0.78.0 to fix a transitive vulnerability related to 'ujson'.", + "cve": "CVE-2021-45958", + "id": "pyup.io-49374", + "more_info_path": "/vulnerabilities/CVE-2021-45958/49374", "specs": [ "<1.0.4rc1" ], @@ -87539,39 +87897,39 @@ }, { "advisory": "Mlrun 1.0.4rc1 updates its dependency 'storey' to v1.0.5 to fix transitive vulnerabilities related to NumPy.", - "cve": "CVE-2021-41495", - "id": "pyup.io-49372", - "more_info_path": "/vulnerabilities/CVE-2021-41495/49372", + "cve": "CVE-2021-34141", + "id": "pyup.io-49371", + "more_info_path": "/vulnerabilities/CVE-2021-34141/49371", "specs": [ "<1.0.4rc1" ], "v": "<1.0.4rc1" }, { - "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-3326", - "id": "pyup.io-51011", - "more_info_path": "/vulnerabilities/CVE-2021-3326/51011", + "advisory": "Mlrun 1.1.0 updates the Python package 'jupyterhub' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-41247", + "id": "pyup.io-51002", + "more_info_path": "/vulnerabilities/CVE-2021-41247/51002", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the Python package 'jupyterhub' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-41247", - "id": "pyup.io-51002", - "more_info_path": "/vulnerabilities/CVE-2021-41247/51002", + "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2020-27618", + "id": "pyup.io-51008", + "more_info_path": "/vulnerabilities/CVE-2020-27618/51008", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'tar' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-37713", - "id": "pyup.io-50995", - "more_info_path": "/vulnerabilities/CVE-2021-37713/50995", + "advisory": "Mlrun 1.1.0 updates the packages 'libsystemd0' and 'libudev1' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-3997", + "id": "pyup.io-51020", + "more_info_path": "/vulnerabilities/CVE-2021-3997/51020", "specs": [ "<1.1.0" ], @@ -87598,10 +87956,10 @@ "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2022-23219", - "id": "pyup.io-51010", - "more_info_path": "/vulnerabilities/CVE-2022-23219/51010", + "advisory": "Mlrun 1.1.0 updates the NPM package 'ansi-regex' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-3807", + "id": "pyup.io-50987", + "more_info_path": "/vulnerabilities/CVE-2021-3807/50987", "specs": [ "<1.1.0" ], @@ -87609,19 +87967,19 @@ }, { "advisory": "Mlrun 1.1.0 updates the NPM package 'tar' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-32804", - "id": "pyup.io-50994", - "more_info_path": "/vulnerabilities/CVE-2021-32804/50994", + "cve": "CVE-2021-37701", + "id": "pyup.io-50997", + "more_info_path": "/vulnerabilities/CVE-2021-37701/50997", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2022-23218", - "id": "pyup.io-51012", - "more_info_path": "/vulnerabilities/CVE-2022-23218/51012", + "advisory": "Mlrun 1.1.0 updates the NPM package 'follow-redirects' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2022-0536", + "id": "pyup.io-50989", + "more_info_path": "/vulnerabilities/CVE-2022-0536/50989", "specs": [ "<1.1.0" ], @@ -87629,9 +87987,9 @@ }, { "advisory": "Mlrun 1.1.0 updates the NPM package 'tar' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-37712", - "id": "pyup.io-51000", - "more_info_path": "/vulnerabilities/CVE-2021-37712/51000", + "cve": "CVE-2021-37713", + "id": "pyup.io-50995", + "more_info_path": "/vulnerabilities/CVE-2021-37713/50995", "specs": [ "<1.1.0" ], @@ -87648,20 +88006,20 @@ "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the Python package 'ipython' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2022-21699", - "id": "pyup.io-51004", - "more_info_path": "/vulnerabilities/CVE-2022-21699/51004", + "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-27645", + "id": "pyup.io-51009", + "more_info_path": "/vulnerabilities/CVE-2021-27645/51009", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2020-6096", - "id": "pyup.io-51014", - "more_info_path": "/vulnerabilities/CVE-2020-6096/51014", + "advisory": "Mlrun 1.1.0 updates the NPM package 'async' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-43138", + "id": "pyup.io-50988", + "more_info_path": "/vulnerabilities/CVE-2021-43138/50988", "specs": [ "<1.1.0" ], @@ -87669,19 +88027,19 @@ }, { "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2020-29562", - "id": "pyup.io-51016", - "more_info_path": "/vulnerabilities/CVE-2020-29562/51016", + "cve": "CVE-2016-10228", + "id": "pyup.io-51015", + "more_info_path": "/vulnerabilities/CVE-2016-10228/51015", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'ansi-regex' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-3807", - "id": "pyup.io-50987", - "more_info_path": "/vulnerabilities/CVE-2021-3807/50987", + "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-3326", + "id": "pyup.io-51011", + "more_info_path": "/vulnerabilities/CVE-2021-3326/51011", "specs": [ "<1.1.0" ], @@ -87689,9 +88047,9 @@ }, { "advisory": "Mlrun 1.1.0 updates the packages 'libsystemd0' and 'libudev1' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-3997", - "id": "pyup.io-51020", - "more_info_path": "/vulnerabilities/CVE-2021-3997/51020", + "cve": "CVE-2021-33910", + "id": "pyup.io-51018", + "more_info_path": "/vulnerabilities/CVE-2021-33910/51018", "specs": [ "<1.1.0" ], @@ -87699,49 +88057,49 @@ }, { "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-27645", - "id": "pyup.io-51009", - "more_info_path": "/vulnerabilities/CVE-2021-27645/51009", + "cve": "CVE-2020-6096", + "id": "pyup.io-51014", + "more_info_path": "/vulnerabilities/CVE-2020-6096/51014", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the packages 'libsystemd0' and 'libudev1' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2020-13529", - "id": "pyup.io-51019", - "more_info_path": "/vulnerabilities/CVE-2020-13529/51019", + "advisory": "Mlrun 1.1.0 updates the NPM package 'tar' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-32803", + "id": "pyup.io-50996", + "more_info_path": "/vulnerabilities/CVE-2021-32803/50996", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'async' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-43138", - "id": "pyup.io-50988", - "more_info_path": "/vulnerabilities/CVE-2021-43138/50988", + "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2019-25013", + "id": "pyup.io-51017", + "more_info_path": "/vulnerabilities/CVE-2019-25013/51017", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the Python package 'jupyterlab' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-32797", - "id": "pyup.io-51003", - "more_info_path": "/vulnerabilities/CVE-2021-32797/51003", + "advisory": "Mlrun 1.1.0 updates the NPM package 'moment' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2022-24785", + "id": "pyup.io-50992", + "more_info_path": "/vulnerabilities/CVE-2022-24785/50992", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'follow-redirects' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2022-0155", - "id": "pyup.io-50990", - "more_info_path": "/vulnerabilities/CVE-2022-0155/50990", + "advisory": "Mlrun 1.1.0 updates the Python package 'jupyter-server' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2022-24757", + "id": "pyup.io-51001", + "more_info_path": "/vulnerabilities/CVE-2022-24757/51001", "specs": [ "<1.1.0" ], @@ -87758,20 +88116,20 @@ "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package '@npmcli/git' in its base image to include a security fix.\r\nhttps://github.com/advisories/GHSA-hxwm-x553-x359", - "cve": "PVE-2022-50919", - "id": "pyup.io-50986", - "more_info_path": "/vulnerabilities/PVE-2022-50919/50986", + "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2022-23218", + "id": "pyup.io-51012", + "more_info_path": "/vulnerabilities/CVE-2022-23218/51012", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'tar' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-32803", - "id": "pyup.io-50996", - "more_info_path": "/vulnerabilities/CVE-2021-32803/50996", + "advisory": "Mlrun 1.1.0 updates the NPM package 'path-parse' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-23343", + "id": "pyup.io-50993", + "more_info_path": "/vulnerabilities/CVE-2021-23343/50993", "specs": [ "<1.1.0" ], @@ -87779,49 +88137,49 @@ }, { "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2016-10228", - "id": "pyup.io-51015", - "more_info_path": "/vulnerabilities/CVE-2016-10228/51015", + "cve": "CVE-2020-29562", + "id": "pyup.io-51016", + "more_info_path": "/vulnerabilities/CVE-2020-29562/51016", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package '@npmcli/arborist' in its base image to include security fixes.", - "cve": "CVE-2021-39135", - "id": "pyup.io-50919", - "more_info_path": "/vulnerabilities/CVE-2021-39135/50919", + "advisory": "Mlrun 1.1.0 updates the Python package 'ipython' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2022-21699", + "id": "pyup.io-51004", + "more_info_path": "/vulnerabilities/CVE-2022-21699/51004", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the packages 'libsystemd0' and 'libudev1' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-33910", - "id": "pyup.io-51018", - "more_info_path": "/vulnerabilities/CVE-2021-33910/51018", + "advisory": "Mlrun 1.1.0 updates the NPM package '@npmcli/arborist' in its base image to include security fixes.", + "cve": "CVE-2021-39134", + "id": "pyup.io-50985", + "more_info_path": "/vulnerabilities/CVE-2021-39134/50985", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'follow-redirects' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2022-0536", - "id": "pyup.io-50989", - "more_info_path": "/vulnerabilities/CVE-2022-0536/50989", + "advisory": "Mlrun 1.1.0 updates the NPM package '@npmcli/git' in its base image to include a security fix.\r\nhttps://github.com/advisories/GHSA-hxwm-x553-x359", + "cve": "PVE-2022-50919", + "id": "pyup.io-50986", + "more_info_path": "/vulnerabilities/PVE-2022-50919/50986", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'moment' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2022-24785", - "id": "pyup.io-50992", - "more_info_path": "/vulnerabilities/CVE-2022-24785/50992", + "advisory": "Mlrun 1.1.0 updates the NPM package 'follow-redirects' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2022-0155", + "id": "pyup.io-50990", + "more_info_path": "/vulnerabilities/CVE-2022-0155/50990", "specs": [ "<1.1.0" ], @@ -87829,29 +88187,29 @@ }, { "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2019-25013", - "id": "pyup.io-51017", - "more_info_path": "/vulnerabilities/CVE-2019-25013/51017", + "cve": "CVE-2022-23219", + "id": "pyup.io-51010", + "more_info_path": "/vulnerabilities/CVE-2022-23219/51010", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'path-parse' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-23343", - "id": "pyup.io-50993", - "more_info_path": "/vulnerabilities/CVE-2021-23343/50993", + "advisory": "Mlrun 1.1.0 updates the NPM package '@npmcli/arborist' in its base image to include security fixes.", + "cve": "CVE-2021-39135", + "id": "pyup.io-50919", + "more_info_path": "/vulnerabilities/CVE-2021-39135/50919", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the Python package 'jupyter-server' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2022-24757", - "id": "pyup.io-51001", - "more_info_path": "/vulnerabilities/CVE-2022-24757/51001", + "advisory": "Mlrun 1.1.0 updates the NPM package 'tar' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-32804", + "id": "pyup.io-50994", + "more_info_path": "/vulnerabilities/CVE-2021-32804/50994", "specs": [ "<1.1.0" ], @@ -87868,30 +88226,30 @@ "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package '@npmcli/arborist' in its base image to include security fixes.", - "cve": "CVE-2021-39134", - "id": "pyup.io-50985", - "more_info_path": "/vulnerabilities/CVE-2021-39134/50985", + "advisory": "Mlrun 1.1.0 updates the Python package 'jupyterlab' in its base image to include a security fix.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-32797", + "id": "pyup.io-51003", + "more_info_path": "/vulnerabilities/CVE-2021-32797/51003", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the packages 'libc-bin', 'libc-dev-bin', 'libc6', 'libc6-dev' and 'locales' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2020-27618", - "id": "pyup.io-51008", - "more_info_path": "/vulnerabilities/CVE-2020-27618/51008", + "advisory": "Mlrun 1.1.0 updates the NPM package 'tar' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2021-37712", + "id": "pyup.io-51000", + "more_info_path": "/vulnerabilities/CVE-2021-37712/51000", "specs": [ "<1.1.0" ], "v": "<1.1.0" }, { - "advisory": "Mlrun 1.1.0 updates the NPM package 'tar' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", - "cve": "CVE-2021-37701", - "id": "pyup.io-50997", - "more_info_path": "/vulnerabilities/CVE-2021-37701/50997", + "advisory": "Mlrun 1.1.0 updates the packages 'libsystemd0' and 'libudev1' in its base image to include security fixes.\r\nhttps://github.com/mlrun/mlrun/pull/1997", + "cve": "CVE-2020-13529", + "id": "pyup.io-51019", + "more_info_path": "/vulnerabilities/CVE-2020-13529/51019", "specs": [ "<1.1.0" ], @@ -87909,9 +88267,9 @@ }, { "advisory": "Mlrun 1.3.0rc29 unpins its dependency 'cryptography' to allow latest security updates.", - "cve": "CVE-2023-0401", - "id": "pyup.io-53434", - "more_info_path": "/vulnerabilities/CVE-2023-0401/53434", + "cve": "CVE-2023-0286", + "id": "pyup.io-53452", + "more_info_path": "/vulnerabilities/CVE-2023-0286/53452", "specs": [ "<1.3.0rc29" ], @@ -87919,9 +88277,9 @@ }, { "advisory": "Mlrun 1.3.0rc29 unpins its dependency 'cryptography' to allow latest security updates.", - "cve": "CVE-2023-0286", - "id": "pyup.io-53452", - "more_info_path": "/vulnerabilities/CVE-2023-0286/53452", + "cve": "CVE-2023-0401", + "id": "pyup.io-53434", + "more_info_path": "/vulnerabilities/CVE-2023-0401/53434", "specs": [ "<1.3.0rc29" ], @@ -88510,20 +88868,20 @@ ], "mocodo": [ { - "advisory": "Affected versions of Mocodo are vulnerable to OS Command Injection. This vulnerability could lead to remote code execution, allowing attackers to execute arbitrary commands on the server. The attack vector is through unsanitized user input in the web interface, specifically in the generate.php script where the sql_case parameter is used without proper escaping. The vulnerable function is the construction of $transformation_options. This vulnerability is easily exploitable as it requires minimal user interaction. To mitigate this issue, upgrade to Mocodo version 4.2.7 or later, which implements proper input sanitization using escapeshellarg(). This vulnerability affects PHP-based deployments of Mocodo's web interface. The CWE for this vulnerability is CWE-78: Improper Neutralization of Special Elements used in an OS Command.", - "cve": "CVE-2024-35373", - "id": "pyup.io-73341", - "more_info_path": "/vulnerabilities/CVE-2024-35373/73341", + "advisory": "Affected versions of Mocodo are vulnerable to OS Command Injection. This vulnerability could result in remote code execution, potentially leading to unauthorized access to sensitive data or complete system compromise. The attack vector involves manipulating input fields in the web interface, particularly in generate.php and rewrite.php. Vulnerable areas include the construction of $basthon_options in generate.php and $command_line in rewrite.php. The vulnerability is exploitable by an attacker with access to the web interface. To remediate, update to Mocodo version 4.2.7 or later, which properly escapes user input using escapeshellarg(). This vulnerability primarily affects PHP-based deployments of Mocodo's online interface. The CWE classification is CWE-78: Improper Neutralization of Special Elements used in an OS Command.", + "cve": "CVE-2024-35374", + "id": "pyup.io-71899", + "more_info_path": "/vulnerabilities/CVE-2024-35374/71899", "specs": [ "<4.2.9" ], "v": "<4.2.9" }, { - "advisory": "Affected versions of Mocodo are vulnerable to OS Command Injection. This vulnerability could result in remote code execution, potentially leading to unauthorized access to sensitive data or complete system compromise. The attack vector involves manipulating input fields in the web interface, particularly in generate.php and rewrite.php. Vulnerable areas include the construction of $basthon_options in generate.php and $command_line in rewrite.php. The vulnerability is exploitable by an attacker with access to the web interface. To remediate, update to Mocodo version 4.2.7 or later, which properly escapes user input using escapeshellarg(). This vulnerability primarily affects PHP-based deployments of Mocodo's online interface. The CWE classification is CWE-78: Improper Neutralization of Special Elements used in an OS Command.", - "cve": "CVE-2024-35374", - "id": "pyup.io-71899", - "more_info_path": "/vulnerabilities/CVE-2024-35374/71899", + "advisory": "Affected versions of Mocodo are vulnerable to OS Command Injection. This vulnerability could lead to remote code execution, allowing attackers to execute arbitrary commands on the server. The attack vector is through unsanitized user input in the web interface, specifically in the generate.php script where the sql_case parameter is used without proper escaping. The vulnerable function is the construction of $transformation_options. This vulnerability is easily exploitable as it requires minimal user interaction. To mitigate this issue, upgrade to Mocodo version 4.2.7 or later, which implements proper input sanitization using escapeshellarg(). This vulnerability affects PHP-based deployments of Mocodo's web interface. The CWE for this vulnerability is CWE-78: Improper Neutralization of Special Elements used in an OS Command.", + "cve": "CVE-2024-35373", + "id": "pyup.io-73341", + "more_info_path": "/vulnerabilities/CVE-2024-35373/73341", "specs": [ "<4.2.9" ], @@ -89495,16 +89853,6 @@ } ], "mosaicml": [ - { - "advisory": "Mosaicml 0.13.0 updates its dependency 'ipython' to v8.11.0 in Dockerfile to include a security fix.\r\nhttps://github.com/mosaicml/composer/pull/2007", - "cve": "CVE-2023-24816", - "id": "pyup.io-53698", - "more_info_path": "/vulnerabilities/CVE-2023-24816/53698", - "specs": [ - "<0.13.0" - ], - "v": "<0.13.0" - }, { "advisory": "Mosaicml 0.13.0 updates its dependency 'pillow' to v9.0.0 in Dockerfile to include security fixes.\r\nhttps://github.com/mosaicml/composer/pull/2007", "cve": "PVE-2021-44525", @@ -89525,6 +89873,26 @@ ], "v": "<0.13.0" }, + { + "advisory": "Mosaicml 0.13.0 updates its dependency 'ipython' to v8.11.0 in Dockerfile to include a security fix.\r\nhttps://github.com/mosaicml/composer/pull/2007", + "cve": "CVE-2023-24816", + "id": "pyup.io-53698", + "more_info_path": "/vulnerabilities/CVE-2023-24816/53698", + "specs": [ + "<0.13.0" + ], + "v": "<0.13.0" + }, + { + "advisory": "Mosaicml 0.13.0 updates its dependency 'pillow' to v9.0.0 in Dockerfile to include security fixes.\r\nhttps://github.com/mosaicml/composer/pull/2007", + "cve": "CVE-2021-34552", + "id": "pyup.io-53701", + "more_info_path": "/vulnerabilities/CVE-2021-34552/53701", + "specs": [ + "<0.13.0" + ], + "v": "<0.13.0" + }, { "advisory": "Mosaicml 0.13.0 updates its dependency 'certifi' requirement to '>=2022.12.7' in Dockerfile to include a security fix.\r\nhttps://github.com/mosaicml/composer/pull/2007", "cve": "CVE-2022-23491", @@ -89555,16 +89923,6 @@ ], "v": "<0.13.0" }, - { - "advisory": "Mosaicml 0.13.0 updates its dependency 'pillow' to v9.0.0 in Dockerfile to include security fixes.\r\nhttps://github.com/mosaicml/composer/pull/2007", - "cve": "CVE-2021-34552", - "id": "pyup.io-53701", - "more_info_path": "/vulnerabilities/CVE-2021-34552/53701", - "specs": [ - "<0.13.0" - ], - "v": "<0.13.0" - }, { "advisory": "Mosaicml version 0.5.0 introduces a safe_load feature, enhancing security by limiting HF dataset downloads to specific file types. This security measure only allows files with .jsonl, .csv, or .parquet extensions, effectively preventing the risk of arbitrary code execution by restricting the types of files that can be loaded.\r\nhttps://github.com/mosaicml/llm-foundry/pull/798", "cve": "PVE-2024-66860", @@ -90067,20 +90425,20 @@ "v": "<1.1.0" }, { - "advisory": "Msticpy 1.8.2 removes ability to use plaintext token cache because of security concerns.\r\nhttps://github.com/microsoft/msticpy/pull/413", - "cve": "PVE-2022-48630", - "id": "pyup.io-48630", - "more_info_path": "/vulnerabilities/PVE-2022-48630/48630", + "advisory": "Msticpy 1.8.2 updates Docker source to mcr Anaconda for preventing supply chain attacks.\r\nhttps://github.com/microsoft/msticpy/pull/397", + "cve": "PVE-2022-48632", + "id": "pyup.io-48632", + "more_info_path": "/vulnerabilities/PVE-2022-48632/48632", "specs": [ "<1.8.2" ], "v": "<1.8.2" }, { - "advisory": "Msticpy 1.8.2 updates Docker source to mcr Anaconda for preventing supply chain attacks.\r\nhttps://github.com/microsoft/msticpy/pull/397", - "cve": "PVE-2022-48632", - "id": "pyup.io-48632", - "more_info_path": "/vulnerabilities/PVE-2022-48632/48632", + "advisory": "Msticpy 1.8.2 removes ability to use plaintext token cache because of security concerns.\r\nhttps://github.com/microsoft/msticpy/pull/413", + "cve": "PVE-2022-48630", + "id": "pyup.io-48630", + "more_info_path": "/vulnerabilities/PVE-2022-48630/48630", "specs": [ "<1.8.2" ], @@ -90856,16 +91214,6 @@ } ], "muttlib": [ - { - "advisory": "Muttlib 1.4.19 updates its dependency 'pillow' requirement to \">=9.1.1\" to include security fixes.", - "cve": "CVE-2022-22817", - "id": "pyup.io-50861", - "more_info_path": "/vulnerabilities/CVE-2022-22817/50861", - "specs": [ - "<1.4.19" - ], - "v": "<1.4.19" - }, { "advisory": "Muttlib 1.4.19 updates its dependency 'ujson' requirement to \">=5.4.0\" to include security fixes.", "cve": "CVE-2022-31117", @@ -90906,6 +91254,16 @@ ], "v": "<1.4.19" }, + { + "advisory": "Muttlib 1.4.19 updates its dependency 'pillow' requirement to \">=9.1.1\" to include security fixes.", + "cve": "CVE-2022-22817", + "id": "pyup.io-50861", + "more_info_path": "/vulnerabilities/CVE-2022-22817/50861", + "specs": [ + "<1.4.19" + ], + "v": "<1.4.19" + }, { "advisory": "Muttlib 1.4.19 updates its dependency 'PyJWT' requirement to \">=2.4.0\" to include a security fix.", "cve": "CVE-2022-29217", @@ -91024,9 +91382,9 @@ }, { "advisory": "Mxnet between versions 1.4.0 and 1.6.0 (included) use a version of 'log4j' affected by critical and severe vulnerabilities.", - "cve": "CVE-2021-45046", - "id": "pyup.io-43448", - "more_info_path": "/vulnerabilities/CVE-2021-45046/43448", + "cve": "CVE-2021-44832", + "id": "pyup.io-44455", + "more_info_path": "/vulnerabilities/CVE-2021-44832/44455", "specs": [ ">=1.4.0,<=1.6.0" ], @@ -91034,9 +91392,9 @@ }, { "advisory": "Mxnet between versions 1.4.0 and 1.6.0 (included) use a version of 'log4j' affected by critical and severe vulnerabilities.", - "cve": "CVE-2021-44832", - "id": "pyup.io-44455", - "more_info_path": "/vulnerabilities/CVE-2021-44832/44455", + "cve": "CVE-2021-45046", + "id": "pyup.io-43448", + "more_info_path": "/vulnerabilities/CVE-2021-45046/43448", "specs": [ ">=1.4.0,<=1.6.0" ], @@ -91189,6 +91547,16 @@ ], "v": "<2.1.6" }, + { + "advisory": "Affected versions of the mysql-connector-python are vulnerable to SQL Injection due to improper sanitization of schema and table names. The vulnerability arises from the direct formatting of SQL queries without adequate escaping. It can be exploited remotely by crafting specially formatted schema or table names. The issue is addressed by introducing proper escaping and quoting mechanisms using escape and quote_identifier functions.", + "cve": "PVE-2024-73722", + "id": "pyup.io-73722", + "more_info_path": "/vulnerabilities/PVE-2024-73722/73722", + "specs": [ + "<8.0.11" + ], + "v": "<8.0.11" + }, { "advisory": "Due to the formatting logic of the \"console.table()\" function it was not safe to allow user controlled input to be passed to the \"properties\" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be \"__proto__\". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.", "cve": "CVE-2022-21824", @@ -91428,20 +91796,20 @@ "v": "<0.2.9.5,>=0.4.0.dev0,<0.4.2,>=0.3.0.dev0,<0.3.9.6" }, { - "advisory": "Nanopb before 0.3.1 allows size_t overflows in pb_dec_bytes and pb_dec_string.", - "cve": "CVE-2014-125106", - "id": "pyup.io-70900", - "more_info_path": "/vulnerabilities/CVE-2014-125106/70900", + "advisory": "Nanopb before 0.3.1 fixes a security issue due to size_t overflows.", + "cve": "PVE-2021-37704", + "id": "pyup.io-37704", + "more_info_path": "/vulnerabilities/PVE-2021-37704/37704", "specs": [ "<0.3.1" ], "v": "<0.3.1" }, { - "advisory": "Nanopb before 0.3.1 fixes a security issue due to size_t overflows.", - "cve": "PVE-2021-37704", - "id": "pyup.io-37704", - "more_info_path": "/vulnerabilities/PVE-2021-37704/37704", + "advisory": "Nanopb before 0.3.1 allows size_t overflows in pb_dec_bytes and pb_dec_string.", + "cve": "CVE-2014-125106", + "id": "pyup.io-70900", + "more_info_path": "/vulnerabilities/CVE-2014-125106/70900", "specs": [ "<0.3.1" ], @@ -91624,16 +91992,6 @@ ], "v": "<1.2.3" }, - { - "advisory": "Nautobot 1.2.4 upgrades its `Pillow` dependency to 9.0.0 for Python versions >=3.7 to fix CVEs. This change is in response to the security vulnerability identified as CVE-2022-22816.\r\nhttps://github.com/nautobot/nautobot/pull/1270/commits/6434eff5b26ff28a4e06985e3bbb00ae64b8b324", - "cve": "CVE-2022-22816", - "id": "pyup.io-63593", - "more_info_path": "/vulnerabilities/CVE-2022-22816/63593", - "specs": [ - "<1.2.4" - ], - "v": "<1.2.4" - }, { "advisory": "Nautobot 1.2.4 upgrades its `Pillow` dependency to 9.0.0 for Python versions >=3.7 to fix CVEs. This change is in response to the security vulnerability identified as CVE-2022-22817. \r\nhttps://github.com/nautobot/nautobot/pull/1270/commits/6434eff5b26ff28a4e06985e3bbb00ae64b8b324", "cve": "CVE-2022-22817", @@ -91654,6 +92012,16 @@ ], "v": "<1.2.4" }, + { + "advisory": "Nautobot 1.2.4 upgrades its `Pillow` dependency to 9.0.0 for Python versions >=3.7 to fix CVEs. This change is in response to the security vulnerability identified as CVE-2022-22816.\r\nhttps://github.com/nautobot/nautobot/pull/1270/commits/6434eff5b26ff28a4e06985e3bbb00ae64b8b324", + "cve": "CVE-2022-22816", + "id": "pyup.io-63593", + "more_info_path": "/vulnerabilities/CVE-2022-22816/63593", + "specs": [ + "<1.2.4" + ], + "v": "<1.2.4" + }, { "advisory": "Nautobot 1.2.9 requires Pillow 9.0.1 or later for Python >= 3.7 in develop. This change is in response to the security vulnerability identified as CVE-2022-22817. \r\nhttps://github.com/nautobot/nautobot/pull/1488/commits/2f117f8e8a648a1e58a779477aa282f813014f40", "cve": "CVE-2022-22817", @@ -91716,10 +92084,10 @@ "v": "<1.6.10,>=2.0.0,<2.1.2" }, { - "advisory": "Nautobot is affected by a potential XSS vulnerability via 'files/get'. The mentioned endpoint was configured without \"add_attachment_headers\": True and it was missing the Content-Disposition: attachment HTTP header. Without this header, users might not be prompted to download a file; instead, the file could potentially be executed or displayed directly in the browser. This behavior can lead to various security issues, such as Cross-Site Scripting (XSS), automatic execution of potentially malicious files, or unintended disclosure of sensitive information.\r\nhttps://github.com/nautobot/nautobot/pull/5109", - "cve": "PVE-2024-64429", - "id": "pyup.io-64429", - "more_info_path": "/vulnerabilities/PVE-2024-64429/64429", + "advisory": "Nautobot is a Network Source of Truth and Network Automation Platform built as a web application. All users of Nautobot versions earlier than 1.6.10 or 2.1.2 are potentially impacted by a cross-site scripting vulnerability. Due to inadequate input sanitization, any user-editable fields that support Markdown rendering, including are potentially susceptible to cross-site scripting (XSS) attacks via maliciously crafted data. This issue is fixed in Nautobot versions 1.6.10 and 2.1.2.", + "cve": "CVE-2024-23345", + "id": "pyup.io-66715", + "more_info_path": "/vulnerabilities/CVE-2024-23345/66715", "specs": [ "<1.6.10", ">=2.0.0,<2.1.2" @@ -91727,10 +92095,10 @@ "v": "<1.6.10,>=2.0.0,<2.1.2" }, { - "advisory": "Nautobot is a Network Source of Truth and Network Automation Platform built as a web application. All users of Nautobot versions earlier than 1.6.10 or 2.1.2 are potentially impacted by a cross-site scripting vulnerability. Due to inadequate input sanitization, any user-editable fields that support Markdown rendering, including are potentially susceptible to cross-site scripting (XSS) attacks via maliciously crafted data. This issue is fixed in Nautobot versions 1.6.10 and 2.1.2.", - "cve": "CVE-2024-23345", - "id": "pyup.io-66715", - "more_info_path": "/vulnerabilities/CVE-2024-23345/66715", + "advisory": "Nautobot is affected by a potential XSS vulnerability via 'files/get'. The mentioned endpoint was configured without \"add_attachment_headers\": True and it was missing the Content-Disposition: attachment HTTP header. Without this header, users might not be prompted to download a file; instead, the file could potentially be executed or displayed directly in the browser. This behavior can lead to various security issues, such as Cross-Site Scripting (XSS), automatic execution of potentially malicious files, or unintended disclosure of sensitive information.\r\nhttps://github.com/nautobot/nautobot/pull/5109", + "cve": "PVE-2024-64429", + "id": "pyup.io-64429", + "more_info_path": "/vulnerabilities/PVE-2024-64429/64429", "specs": [ "<1.6.10", ">=2.0.0,<2.1.2" @@ -91803,20 +92171,20 @@ "v": "<2.0.3" }, { - "advisory": "Nautobot 2.0.3 upgrades the urllib3 dependency from version 2.0.6 to 2.0.7, following the discovery of a security vulnerability known as CVE-2023-45803.\r\nhttps://github.com/nautobot/nautobot/pull/4671/commits/387d30432452dd622f5125fe3ccd23dd8045790d", - "cve": "CVE-2023-45803", - "id": "pyup.io-63441", - "more_info_path": "/vulnerabilities/CVE-2023-45803/63441", + "advisory": "Nautobot 2.0.3 addresses a security vulnerability in certain REST API endpoints. These endpoints, when combined with the ?depth= query parameter, could potentially expose hashed user passwords to any authenticated user with access to these endpoints. Although the passwords were not exposed in plaintext, this vulnerability was considered significant enough to warrant a patch.\r\nhttps://github.com/nautobot/nautobot/pull/4692\r\nhttps://github.com/nautobot/nautobot/security/advisories/GHSA-r2hw-74xv-4gqp", + "cve": "CVE-2023-46128", + "id": "pyup.io-63588", + "more_info_path": "/vulnerabilities/CVE-2023-46128/63588", "specs": [ "<2.0.3" ], "v": "<2.0.3" }, { - "advisory": "Nautobot 2.0.3 addresses a security vulnerability in certain REST API endpoints. These endpoints, when combined with the ?depth= query parameter, could potentially expose hashed user passwords to any authenticated user with access to these endpoints. Although the passwords were not exposed in plaintext, this vulnerability was considered significant enough to warrant a patch.\r\nhttps://github.com/nautobot/nautobot/pull/4692\r\nhttps://github.com/nautobot/nautobot/security/advisories/GHSA-r2hw-74xv-4gqp", - "cve": "CVE-2023-46128", - "id": "pyup.io-63588", - "more_info_path": "/vulnerabilities/CVE-2023-46128/63588", + "advisory": "Nautobot 2.0.3 upgrades the urllib3 dependency from version 2.0.6 to 2.0.7, following the discovery of a security vulnerability known as CVE-2023-45803.\r\nhttps://github.com/nautobot/nautobot/pull/4671/commits/387d30432452dd622f5125fe3ccd23dd8045790d", + "cve": "CVE-2023-45803", + "id": "pyup.io-63441", + "more_info_path": "/vulnerabilities/CVE-2023-45803/63441", "specs": [ "<2.0.3" ], @@ -92796,20 +93164,20 @@ "v": "<0.0.15" }, { - "advisory": "Nerblackbox 0.0.15 updates its dependency 'mlflow' to version '2.5.0' to include a fix for a Directory Traversal vulnerability.\r\nhttps://github.com/flxst/nerblackbox/commit/b84acf3fa45709066a4efd501c4bc6f8a5a3f58e", - "cve": "PVE-2023-58982", - "id": "pyup.io-60228", - "more_info_path": "/vulnerabilities/PVE-2023-58982/60228", + "advisory": "Nerblackbox 0.0.15 updates its dependency 'pytorch-lightning' to version '1.9.3' to include a fix for a Deserialization of Untrusted Data vulnerability.\r\nhttps://github.com/flxst/nerblackbox/commit/0b43910704ff55f99a6d9c1cc8a0db0d84ff9cd0", + "cve": "CVE-2021-4118", + "id": "pyup.io-60236", + "more_info_path": "/vulnerabilities/CVE-2021-4118/60236", "specs": [ "<0.0.15" ], "v": "<0.0.15" }, { - "advisory": "Nerblackbox 0.0.15 updates its dependency 'pytorch-lightning' to version '1.9.3' to include a fix for a Deserialization of Untrusted Data vulnerability.\r\nhttps://github.com/flxst/nerblackbox/commit/0b43910704ff55f99a6d9c1cc8a0db0d84ff9cd0", - "cve": "CVE-2021-4118", - "id": "pyup.io-60236", - "more_info_path": "/vulnerabilities/CVE-2021-4118/60236", + "advisory": "Nerblackbox 0.0.15 updates its dependency 'mlflow' to version '2.5.0' to include a fix for a Directory Traversal vulnerability.\r\nhttps://github.com/flxst/nerblackbox/commit/b84acf3fa45709066a4efd501c4bc6f8a5a3f58e", + "cve": "PVE-2023-58982", + "id": "pyup.io-60228", + "more_info_path": "/vulnerabilities/PVE-2023-58982/60228", "specs": [ "<0.0.15" ], @@ -93121,10 +93489,10 @@ "v": "<10.0.8,>=11.0.0.0b1,<11.0.7,>=12.0.0.0b1,<12.0.6,>=13.0.0.0b1,<13.0.3" }, { - "advisory": "Neutron 13.0.0.0b2, 12.0.3 and 11.0.5 include a fix for CVE-2018-14636: Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration.", - "cve": "CVE-2018-14636", - "id": "pyup.io-36483", - "more_info_path": "/vulnerabilities/CVE-2018-14636/36483", + "advisory": "Neutron 13.0.0.0b2, 12.0.3 and 11.0.5 include a fix for CVE-2018-14635: When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool.", + "cve": "CVE-2018-14635", + "id": "pyup.io-36482", + "more_info_path": "/vulnerabilities/CVE-2018-14635/36482", "specs": [ "<11.0.5", ">=12.0.0.0b1,<12.0.3", @@ -93133,10 +93501,10 @@ "v": "<11.0.5,>=12.0.0.0b1,<12.0.3,>=13.0.0.0b1,<13.0.0.0b2" }, { - "advisory": "Neutron 13.0.0.0b2, 12.0.3 and 11.0.5 include a fix for CVE-2018-14635: When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool.", - "cve": "CVE-2018-14635", - "id": "pyup.io-36482", - "more_info_path": "/vulnerabilities/CVE-2018-14635/36482", + "advisory": "Neutron 13.0.0.0b2, 12.0.3 and 11.0.5 include a fix for CVE-2018-14636: Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration.", + "cve": "CVE-2018-14636", + "id": "pyup.io-36483", + "more_info_path": "/vulnerabilities/CVE-2018-14636/36483", "specs": [ "<11.0.5", ">=12.0.0.0b1,<12.0.3", @@ -93157,10 +93525,10 @@ "v": "<16.4.1,>=17.0.0.0rc1,<17.1.3,==18.0.0" }, { - "advisory": "Neutron 16.4.1, 17.2.1 and 18.1.1 include a fix for CVE-2021-40085: An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.\r\nhttps://www.openwall.com/lists/oss-security/2021/08/31/2", - "cve": "CVE-2021-40085", - "id": "pyup.io-41251", - "more_info_path": "/vulnerabilities/CVE-2021-40085/41251", + "advisory": "An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service. See CVE-2021-40797. \r\nhttps://launchpad.net/bugs/1942179", + "cve": "CVE-2021-40797", + "id": "pyup.io-41285", + "more_info_path": "/vulnerabilities/CVE-2021-40797/41285", "specs": [ "<16.4.1", ">=17.0.0.0rc1,<17.2.1", @@ -93169,10 +93537,10 @@ "v": "<16.4.1,>=17.0.0.0rc1,<17.2.1,>=18.0.0.0rc1,<18.1.1" }, { - "advisory": "An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service. See CVE-2021-40797. \r\nhttps://launchpad.net/bugs/1942179", - "cve": "CVE-2021-40797", - "id": "pyup.io-41285", - "more_info_path": "/vulnerabilities/CVE-2021-40797/41285", + "advisory": "Neutron 16.4.1, 17.2.1 and 18.1.1 include a fix for CVE-2021-40085: An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.\r\nhttps://www.openwall.com/lists/oss-security/2021/08/31/2", + "cve": "CVE-2021-40085", + "id": "pyup.io-41251", + "more_info_path": "/vulnerabilities/CVE-2021-40085/41251", "specs": [ "<16.4.1", ">=17.0.0.0rc1,<17.2.1", @@ -93202,10 +93570,10 @@ "v": "<7.0.4,>=8.0.0,<=8.1.0" }, { - "advisory": "The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic.", - "cve": "CVE-2016-5363", - "id": "pyup.io-70524", - "more_info_path": "/vulnerabilities/CVE-2016-5363/70524", + "advisory": "The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.", + "cve": "CVE-2015-8914", + "id": "pyup.io-70438", + "more_info_path": "/vulnerabilities/CVE-2015-8914/70438", "specs": [ "<7.0.4", ">=8.0.0,<=8.1.0" @@ -93213,10 +93581,10 @@ "v": "<7.0.4,>=8.0.0,<=8.1.0" }, { - "advisory": "The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.", - "cve": "CVE-2015-8914", - "id": "pyup.io-70438", - "more_info_path": "/vulnerabilities/CVE-2015-8914/70438", + "advisory": "The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic.", + "cve": "CVE-2016-5363", + "id": "pyup.io-70524", + "more_info_path": "/vulnerabilities/CVE-2016-5363/70524", "specs": [ "<7.0.4", ">=8.0.0,<=8.1.0" @@ -93710,9 +94078,9 @@ "nicegui": [ { "advisory": "Nicegui 0.7.2 updates its dependency 'pillow' to v9.0.0 to include security fixes.", - "cve": "PVE-2022-44524", - "id": "pyup.io-44598", - "more_info_path": "/vulnerabilities/PVE-2022-44524/44598", + "cve": "CVE-2022-22817", + "id": "pyup.io-44596", + "more_info_path": "/vulnerabilities/CVE-2022-22817/44596", "specs": [ "<0.7.2" ], @@ -93720,9 +94088,9 @@ }, { "advisory": "Nicegui 0.7.2 updates its dependency 'pillow' to v9.0.0 to include security fixes.", - "cve": "CVE-2022-22816", - "id": "pyup.io-44595", - "more_info_path": "/vulnerabilities/CVE-2022-22816/44595", + "cve": "PVE-2022-44524", + "id": "pyup.io-44598", + "more_info_path": "/vulnerabilities/PVE-2022-44524/44598", "specs": [ "<0.7.2" ], @@ -93730,9 +94098,9 @@ }, { "advisory": "Nicegui 0.7.2 updates its dependency 'pillow' to v9.0.0 to include security fixes.", - "cve": "CVE-2022-22815", - "id": "pyup.io-44585", - "more_info_path": "/vulnerabilities/CVE-2022-22815/44585", + "cve": "PVE-2021-44525", + "id": "pyup.io-44597", + "more_info_path": "/vulnerabilities/PVE-2021-44525/44597", "specs": [ "<0.7.2" ], @@ -93740,9 +94108,9 @@ }, { "advisory": "Nicegui 0.7.2 updates its dependency 'pillow' to v9.0.0 to include security fixes.", - "cve": "PVE-2021-44525", - "id": "pyup.io-44597", - "more_info_path": "/vulnerabilities/PVE-2021-44525/44597", + "cve": "CVE-2022-22815", + "id": "pyup.io-44585", + "more_info_path": "/vulnerabilities/CVE-2022-22815/44585", "specs": [ "<0.7.2" ], @@ -93750,9 +94118,9 @@ }, { "advisory": "Nicegui 0.7.2 updates its dependency 'pillow' to v9.0.0 to include security fixes.", - "cve": "CVE-2022-22817", - "id": "pyup.io-44596", - "more_info_path": "/vulnerabilities/CVE-2022-22817/44596", + "cve": "CVE-2022-22816", + "id": "pyup.io-44595", + "more_info_path": "/vulnerabilities/CVE-2022-22816/44595", "specs": [ "<0.7.2" ], @@ -94094,9 +94462,9 @@ }, { "advisory": "Nkocr 2.0.0 updates its dependency 'pillow' to v8.1.2 to include security fixes.", - "cve": "CVE-2020-35653", - "id": "pyup.io-44828", - "more_info_path": "/vulnerabilities/CVE-2020-35653/44828", + "cve": "CVE-2021-25290", + "id": "pyup.io-44821", + "more_info_path": "/vulnerabilities/CVE-2021-25290/44821", "specs": [ "<2.0.0" ], @@ -94104,9 +94472,9 @@ }, { "advisory": "Nkocr 2.0.0 updates its dependency 'pillow' to v8.1.2 to include security fixes.", - "cve": "CVE-2021-27923", - "id": "pyup.io-44824", - "more_info_path": "/vulnerabilities/CVE-2021-27923/44824", + "cve": "CVE-2021-25289", + "id": "pyup.io-40152", + "more_info_path": "/vulnerabilities/CVE-2021-25289/40152", "specs": [ "<2.0.0" ], @@ -94114,9 +94482,9 @@ }, { "advisory": "Nkocr 2.0.0 updates its dependency 'pillow' to v8.1.2 to include security fixes.", - "cve": "CVE-2020-35654", - "id": "pyup.io-44829", - "more_info_path": "/vulnerabilities/CVE-2020-35654/44829", + "cve": "CVE-2021-25292", + "id": "pyup.io-44826", + "more_info_path": "/vulnerabilities/CVE-2021-25292/44826", "specs": [ "<2.0.0" ], @@ -94124,9 +94492,9 @@ }, { "advisory": "Nkocr 2.0.0 updates its dependency 'pillow' to v8.1.2 to include security fixes.", - "cve": "CVE-2021-25292", - "id": "pyup.io-44826", - "more_info_path": "/vulnerabilities/CVE-2021-25292/44826", + "cve": "CVE-2020-35654", + "id": "pyup.io-44829", + "more_info_path": "/vulnerabilities/CVE-2020-35654/44829", "specs": [ "<2.0.0" ], @@ -94134,9 +94502,9 @@ }, { "advisory": "Nkocr 2.0.0 updates its dependency 'pillow' to v8.1.2 to include security fixes.", - "cve": "CVE-2021-25289", - "id": "pyup.io-40152", - "more_info_path": "/vulnerabilities/CVE-2021-25289/40152", + "cve": "CVE-2021-27923", + "id": "pyup.io-44824", + "more_info_path": "/vulnerabilities/CVE-2021-27923/44824", "specs": [ "<2.0.0" ], @@ -94144,9 +94512,9 @@ }, { "advisory": "Nkocr 2.0.0 updates its dependency 'pillow' to v8.1.2 to include security fixes.", - "cve": "CVE-2021-25290", - "id": "pyup.io-44821", - "more_info_path": "/vulnerabilities/CVE-2021-25290/44821", + "cve": "CVE-2020-35655", + "id": "pyup.io-44830", + "more_info_path": "/vulnerabilities/CVE-2020-35655/44830", "specs": [ "<2.0.0" ], @@ -94154,9 +94522,9 @@ }, { "advisory": "Nkocr 2.0.0 updates its dependency 'pillow' to v8.1.2 to include security fixes.", - "cve": "CVE-2021-25291", - "id": "pyup.io-44825", - "more_info_path": "/vulnerabilities/CVE-2021-25291/44825", + "cve": "CVE-2020-35653", + "id": "pyup.io-44828", + "more_info_path": "/vulnerabilities/CVE-2020-35653/44828", "specs": [ "<2.0.0" ], @@ -94164,9 +94532,9 @@ }, { "advisory": "Nkocr 2.0.0 updates its dependency 'pillow' to v8.1.2 to include security fixes.", - "cve": "CVE-2020-35655", - "id": "pyup.io-44830", - "more_info_path": "/vulnerabilities/CVE-2020-35655/44830", + "cve": "CVE-2021-25291", + "id": "pyup.io-44825", + "more_info_path": "/vulnerabilities/CVE-2021-25291/44825", "specs": [ "<2.0.0" ], @@ -94184,9 +94552,9 @@ }, { "advisory": "Nkocr 2.0.1 updates its dependency 'pillow' to v8.2.0 to include security fixes.", - "cve": "CVE-2021-25287", - "id": "pyup.io-44816", - "more_info_path": "/vulnerabilities/CVE-2021-25287/44816", + "cve": "CVE-2021-28675", + "id": "pyup.io-44817", + "more_info_path": "/vulnerabilities/CVE-2021-28675/44817", "specs": [ "<2.0.1" ], @@ -94204,9 +94572,9 @@ }, { "advisory": "Nkocr 2.0.1 updates its dependency 'pillow' to v8.2.0 to include security fixes.", - "cve": "CVE-2021-28675", - "id": "pyup.io-44817", - "more_info_path": "/vulnerabilities/CVE-2021-28675/44817", + "cve": "CVE-2021-25287", + "id": "pyup.io-44816", + "more_info_path": "/vulnerabilities/CVE-2021-25287/44816", "specs": [ "<2.0.1" ], @@ -94447,9 +94815,9 @@ }, { "advisory": "Nobinobi-child 0.1.3.8 updates its dependency 'django' to v3.2.10 to include security fixes.", - "cve": "CVE-2021-31542", - "id": "pyup.io-40626", - "more_info_path": "/vulnerabilities/CVE-2021-31542/40626", + "cve": "CVE-2021-32052", + "id": "pyup.io-49104", + "more_info_path": "/vulnerabilities/CVE-2021-32052/49104", "specs": [ "<0.1.3.8" ], @@ -94457,9 +94825,9 @@ }, { "advisory": "Nobinobi-child 0.1.3.8 updates its dependency 'django' to v3.2.10 to include security fixes.", - "cve": "CVE-2021-32052", - "id": "pyup.io-49104", - "more_info_path": "/vulnerabilities/CVE-2021-32052/49104", + "cve": "CVE-2021-31542", + "id": "pyup.io-40626", + "more_info_path": "/vulnerabilities/CVE-2021-31542/40626", "specs": [ "<0.1.3.8" ], @@ -94475,16 +94843,6 @@ ], "v": "<0.1.3.8" }, - { - "advisory": "Nobinobi-child 0.1.3.8 updates its dependency 'pillow' to v8.4.0 to include security fixes.", - "cve": "CVE-2021-23437", - "id": "pyup.io-49109", - "more_info_path": "/vulnerabilities/CVE-2021-23437/49109", - "specs": [ - "<0.1.3.8" - ], - "v": "<0.1.3.8" - }, { "advisory": "Nobinobi-child 0.1.3.8 updates its dependency 'django' to v3.2.10 to include security fixes.", "cve": "CVE-2021-33571", @@ -94505,6 +94863,16 @@ ], "v": "<0.1.3.8" }, + { + "advisory": "Nobinobi-child 0.1.3.8 updates its dependency 'pillow' to v8.4.0 to include security fixes.", + "cve": "CVE-2021-23437", + "id": "pyup.io-49109", + "more_info_path": "/vulnerabilities/CVE-2021-23437/49109", + "specs": [ + "<0.1.3.8" + ], + "v": "<0.1.3.8" + }, { "advisory": "Nobinobi-child 0.1.3.8 updates its dependency 'django' to v3.2.10 to include security fixes.", "cve": "CVE-2021-33203", @@ -94633,9 +95001,9 @@ }, { "advisory": "Nobinobi-staff 0.1.6.2 updates its dependency 'Django' to v3.2.7 to include security fixes.", - "cve": "CVE-2021-33571", - "id": "pyup.io-43390", - "more_info_path": "/vulnerabilities/CVE-2021-33571/43390", + "cve": "CVE-2021-35042", + "id": "pyup.io-43391", + "more_info_path": "/vulnerabilities/CVE-2021-35042/43391", "specs": [ "<0.1.6.2" ], @@ -94653,9 +95021,9 @@ }, { "advisory": "Nobinobi-staff 0.1.6.2 updates its dependency 'Django' to v3.2.7 to include security fixes.", - "cve": "CVE-2021-32052", - "id": "pyup.io-43378", - "more_info_path": "/vulnerabilities/CVE-2021-32052/43378", + "cve": "CVE-2021-33571", + "id": "pyup.io-43390", + "more_info_path": "/vulnerabilities/CVE-2021-33571/43390", "specs": [ "<0.1.6.2" ], @@ -94663,9 +95031,9 @@ }, { "advisory": "Nobinobi-staff 0.1.6.2 updates its dependency 'Django' to v3.2.7 to include security fixes.", - "cve": "CVE-2021-35042", - "id": "pyup.io-43391", - "more_info_path": "/vulnerabilities/CVE-2021-35042/43391", + "cve": "CVE-2021-32052", + "id": "pyup.io-43378", + "more_info_path": "/vulnerabilities/CVE-2021-32052/43378", "specs": [ "<0.1.6.2" ], @@ -95047,20 +95415,20 @@ ], "notebook": [ { - "advisory": "Notebook 4.0.5 includes security fixes for maliciously crafted files (CVE-2015-7337).", - "cve": "CVE-2015-7337", - "id": "pyup.io-40398", - "more_info_path": "/vulnerabilities/CVE-2015-7337/40398", + "advisory": "Notebook 4.0.5 includes security fixes for maliciously crafted files (CVE-2015-6938).", + "cve": "CVE-2015-6938", + "id": "pyup.io-40389", + "more_info_path": "/vulnerabilities/CVE-2015-6938/40389", "specs": [ "<4.0.5" ], "v": "<4.0.5" }, { - "advisory": "Notebook 4.0.5 includes security fixes for maliciously crafted files (CVE-2015-6938).", - "cve": "CVE-2015-6938", - "id": "pyup.io-40389", - "more_info_path": "/vulnerabilities/CVE-2015-6938/40389", + "advisory": "Notebook 4.0.5 includes security fixes for maliciously crafted files (CVE-2015-7337).", + "cve": "CVE-2015-7337", + "id": "pyup.io-40398", + "more_info_path": "/vulnerabilities/CVE-2015-7337/40398", "specs": [ "<4.0.5" ], @@ -95218,20 +95586,20 @@ "v": ">=0,<6.4.12" }, { - "advisory": "CVE-2024-22420 describes a vulnerability in Jupyter Notebook, where user interaction with a malicious notebook or Markdown file enables an attacker to access and act with the same permissions as the user. The flaw lies in the table of contents plugin. Jupyter Notebook v7.0.7 includes a patch for this issue. Users can manually disable the plugin as a workaround. \r\nhttps://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-4m77-cmpx-vjc4", - "cve": "CVE-2024-22420", - "id": "pyup.io-65183", - "more_info_path": "/vulnerabilities/CVE-2024-22420/65183", + "advisory": "CVE-2024-22421 is a vulnerability in Jupyter Notebook where clicking a malicious link could expose Authorization and XSRFToken tokens to third parties in older jupyter-server versions. Patched versions include notebook above 7.0.7. Users are advised to upgrade jupyter-server to version 2.7.2 or newer, which includes a fix for a redirect vulnerability. No other workaround has been identified. \r\nhttps://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947", + "cve": "CVE-2024-22421", + "id": "pyup.io-65182", + "more_info_path": "/vulnerabilities/CVE-2024-22421/65182", "specs": [ ">=7.0.0,<=7.0.6" ], "v": ">=7.0.0,<=7.0.6" }, { - "advisory": "CVE-2024-22421 is a vulnerability in Jupyter Notebook where clicking a malicious link could expose Authorization and XSRFToken tokens to third parties in older jupyter-server versions. Patched versions include notebook above 7.0.7. Users are advised to upgrade jupyter-server to version 2.7.2 or newer, which includes a fix for a redirect vulnerability. No other workaround has been identified. \r\nhttps://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947", - "cve": "CVE-2024-22421", - "id": "pyup.io-65182", - "more_info_path": "/vulnerabilities/CVE-2024-22421/65182", + "advisory": "CVE-2024-22420 describes a vulnerability in Jupyter Notebook, where user interaction with a malicious notebook or Markdown file enables an attacker to access and act with the same permissions as the user. The flaw lies in the table of contents plugin. Jupyter Notebook v7.0.7 includes a patch for this issue. Users can manually disable the plugin as a workaround. \r\nhttps://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-4m77-cmpx-vjc4", + "cve": "CVE-2024-22420", + "id": "pyup.io-65183", + "more_info_path": "/vulnerabilities/CVE-2024-22420/65183", "specs": [ ">=7.0.0,<=7.0.6" ], @@ -95685,20 +96053,20 @@ "v": ">=2010.1-rc2,<=2012.1.3" }, { - "advisory": "The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many repeated IDs in the os:scheduler_hints section.", - "cve": "CVE-2012-3371", - "id": "pyup.io-68023", - "more_info_path": "/vulnerabilities/CVE-2012-3371/68023", + "advisory": "The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restrictions.", + "cve": "CVE-2012-2654", + "id": "pyup.io-68021", + "more_info_path": "/vulnerabilities/CVE-2012-2654/68021", "specs": [ ">=2010.1-rc2,<=2012.2" ], "v": ">=2010.1-rc2,<=2012.2" }, { - "advisory": "The (1) EC2 and (2) OS APIs in OpenStack Compute (Nova) Folsom (2012.2), Essex (2012.1), and Diablo (2011.3) do not properly check the protocol when security groups are created and the network protocol is not specified entirely in lowercase, which allows remote attackers to bypass intended access restrictions.", - "cve": "CVE-2012-2654", - "id": "pyup.io-68021", - "more_info_path": "/vulnerabilities/CVE-2012-2654/68021", + "advisory": "The Nova scheduler in OpenStack Compute (Nova) Folsom (2012.2) and Essex (2012.1), when DifferentHostFilter or SameHostFilter is enabled, allows remote authenticated users to cause a denial of service (excessive database lookup calls and server hang) via a request with many repeated IDs in the os:scheduler_hints section.", + "cve": "CVE-2012-3371", + "id": "pyup.io-68023", + "more_info_path": "/vulnerabilities/CVE-2012-3371/68023", "specs": [ ">=2010.1-rc2,<=2012.2" ], @@ -97186,20 +97554,20 @@ "v": "<0.10.4" }, { - "advisory": "Octue 0.43.3 updates its dependency 'werkzeug' to v2.2.3 to include security fixes.", - "cve": "CVE-2023-25577", - "id": "pyup.io-53405", - "more_info_path": "/vulnerabilities/CVE-2023-25577/53405", + "advisory": "Octue 0.43.3 updates its dependency 'protobuf' to v3.20.3 to include a security fix.", + "cve": "CVE-2022-1941", + "id": "pyup.io-53399", + "more_info_path": "/vulnerabilities/CVE-2022-1941/53399", "specs": [ "<0.43.3" ], "v": "<0.43.3" }, { - "advisory": "Octue 0.43.3 updates its dependency 'protobuf' to v3.20.3 to include a security fix.", - "cve": "CVE-2022-1941", - "id": "pyup.io-53399", - "more_info_path": "/vulnerabilities/CVE-2022-1941/53399", + "advisory": "Octue 0.43.3 updates its dependency 'werkzeug' to v2.2.3 to include security fixes.", + "cve": "CVE-2023-25577", + "id": "pyup.io-53405", + "more_info_path": "/vulnerabilities/CVE-2023-25577/53405", "specs": [ "<0.43.3" ], @@ -98091,20 +98459,20 @@ "v": "<0.15.2" }, { - "advisory": "Omegaml 0.15.2 updates 'tensorflow' in the docker image to v2.10.0rc3 to include several security fixes.\r\nhttps://github.com/omegaml/omegaml/pull/248", - "cve": "CVE-2020-10531", - "id": "pyup.io-52281", - "more_info_path": "/vulnerabilities/CVE-2020-10531/52281", + "advisory": "Omegaml 0.15.2 updates its dependency 'pillow' to v9.0.1 to include security fixes.\r\nhttps://github.com/omegaml/omegaml/pull/273", + "cve": "CVE-2022-22817", + "id": "pyup.io-52235", + "more_info_path": "/vulnerabilities/CVE-2022-22817/52235", "specs": [ "<0.15.2" ], "v": "<0.15.2" }, { - "advisory": "Omegaml 0.15.2 updates its dependency 'pillow' to v9.0.1 to include security fixes.\r\nhttps://github.com/omegaml/omegaml/pull/273", - "cve": "CVE-2022-22817", - "id": "pyup.io-52235", - "more_info_path": "/vulnerabilities/CVE-2022-22817/52235", + "advisory": "Omegaml 0.15.2 updates 'tensorflow' in the docker image to v2.10.0rc3 to include several security fixes.\r\nhttps://github.com/omegaml/omegaml/pull/248", + "cve": "CVE-2020-10531", + "id": "pyup.io-52281", + "more_info_path": "/vulnerabilities/CVE-2020-10531/52281", "specs": [ "<0.15.2" ], @@ -99438,6 +99806,16 @@ ], "v": "<2.3.0" }, + { + "advisory": "Openbb 2.3.0 updates its dependency 'cryptography' to v39.0.0 to include security fixes.", + "cve": "CVE-2022-3786", + "id": "pyup.io-53328", + "more_info_path": "/vulnerabilities/CVE-2022-3786/53328", + "specs": [ + "<2.3.0" + ], + "v": "<2.3.0" + }, { "advisory": "Openbb 2.3.0 updates its dependency 'certifi' to v2022.12.7 to include a security fix.", "cve": "CVE-2022-23491", @@ -99468,21 +99846,11 @@ ], "v": "<2.3.0" }, - { - "advisory": "Openbb 2.3.0 updates its dependency 'cryptography' to v39.0.0 to include security fixes.", - "cve": "CVE-2022-3786", - "id": "pyup.io-53328", - "more_info_path": "/vulnerabilities/CVE-2022-3786/53328", - "specs": [ - "<2.3.0" - ], - "v": "<2.3.0" - }, { "advisory": "Openbb 2.4.0 updates its NPM dependency 'eta' to v2.0.0 to include security fixes.", - "cve": "CVE-2023-23630", - "id": "pyup.io-53366", - "more_info_path": "/vulnerabilities/CVE-2023-23630/53366", + "cve": "CVE-2022-25967", + "id": "pyup.io-53379", + "more_info_path": "/vulnerabilities/CVE-2022-25967/53379", "specs": [ "<2.4.0" ], @@ -99490,9 +99858,9 @@ }, { "advisory": "Openbb 2.4.0 updates its NPM dependency 'eta' to v2.0.0 to include security fixes.", - "cve": "CVE-2022-25967", - "id": "pyup.io-53379", - "more_info_path": "/vulnerabilities/CVE-2022-25967/53379", + "cve": "CVE-2023-23630", + "id": "pyup.io-53366", + "more_info_path": "/vulnerabilities/CVE-2023-23630/53366", "specs": [ "<2.4.0" ], @@ -99821,10 +100189,10 @@ "v": "<3.3.1.11" }, { - "advisory": "Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix.", - "cve": "CVE-2019-7317", - "id": "pyup.io-49394", - "more_info_path": "/vulnerabilities/CVE-2019-7317/49394", + "advisory": "Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.", + "cve": "CVE-2022-1292", + "id": "pyup.io-49393", + "more_info_path": "/vulnerabilities/CVE-2022-1292/49393", "specs": [ "<3.4.18", ">=4.0.0,<4.6.0" @@ -99832,10 +100200,10 @@ "v": "<3.4.18,>=4.0.0,<4.6.0" }, { - "advisory": "Opencv-python 3.4.18 and 4.6.0 update its dependency 'openssl' to v1_1_1o to include security fixes.", - "cve": "CVE-2022-1292", - "id": "pyup.io-49393", - "more_info_path": "/vulnerabilities/CVE-2022-1292/49393", + "advisory": "Opencv-python 3.4.18 and 4.6.0 pin its dependency 'libpng' to v1.6.37 to include a security fix.", + "cve": "CVE-2019-7317", + "id": "pyup.io-49394", + "more_info_path": "/vulnerabilities/CVE-2019-7317/49394", "specs": [ "<3.4.18", ">=4.0.0,<4.6.0" @@ -100850,16 +101218,6 @@ ], "v": "<1.0.0" }, - { - "advisory": "Openvino-tensorflow 1.0.0 updates its dependency 'tensorflow' to v2.5.1 to include security fixes.", - "cve": "CVE-2021-29544", - "id": "pyup.io-43107", - "more_info_path": "/vulnerabilities/CVE-2021-29544/43107", - "specs": [ - "<1.0.0" - ], - "v": "<1.0.0" - }, { "advisory": "Openvino-tensorflow 1.0.0 updates its dependency 'tensorflow' to v2.5.1 to include security fixes.", "cve": "CVE-2021-29576", @@ -102390,6 +102748,16 @@ ], "v": "<1.0.0" }, + { + "advisory": "Openvino-tensorflow 1.0.0 updates its dependency 'tensorflow' to v2.5.1 to include security fixes.", + "cve": "CVE-2021-29544", + "id": "pyup.io-43107", + "more_info_path": "/vulnerabilities/CVE-2021-29544/43107", + "specs": [ + "<1.0.0" + ], + "v": "<1.0.0" + }, { "advisory": "Openvino-tensorflow 1.0.1 adds extra checks to fix vulnerabilities.\r\nhttps://github.com/openvinotoolkit/openvino_tensorflow/pull/199/files", "cve": "PVE-2021-43091", @@ -103858,9 +104226,9 @@ "optimade": [ { "advisory": "Optimade 0.16.9 updates its dependency 'Elasticsearch' to v7.16.2 to avoid any log4j related vulnerability.\r\nhttps://github.com/Materials-Consortia/optimade-python-tools/issues/1040", - "cve": "CVE-2021-45105", - "id": "pyup.io-44696", - "more_info_path": "/vulnerabilities/CVE-2021-45105/44696", + "cve": "CVE-2021-44228", + "id": "pyup.io-44681", + "more_info_path": "/vulnerabilities/CVE-2021-44228/44681", "specs": [ "<0.16.9" ], @@ -103868,9 +104236,9 @@ }, { "advisory": "Optimade 0.16.9 updates its dependency 'Elasticsearch' to v7.16.2 to avoid any log4j related vulnerability.\r\nhttps://github.com/Materials-Consortia/optimade-python-tools/issues/1040", - "cve": "CVE-2021-44228", - "id": "pyup.io-44681", - "more_info_path": "/vulnerabilities/CVE-2021-44228/44681", + "cve": "CVE-2021-45105", + "id": "pyup.io-44696", + "more_info_path": "/vulnerabilities/CVE-2021-45105/44696", "specs": [ "<0.16.9" ], @@ -104555,20 +104923,20 @@ "v": "<1.3.7" }, { - "advisory": "Pact-python 1.7.0 updates its dependency 'wheel' to v0.38.0 to include a security fix.", - "cve": "CVE-2022-40898", - "id": "pyup.io-53382", - "more_info_path": "/vulnerabilities/CVE-2022-40898/53382", + "advisory": "Pact-python 1.7.0 includes a fix for CVE-2007-4559: Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", + "cve": "CVE-2007-4559", + "id": "pyup.io-53381", + "more_info_path": "/vulnerabilities/CVE-2007-4559/53381", "specs": [ "<1.7.0" ], "v": "<1.7.0" }, { - "advisory": "Pact-python 1.7.0 includes a fix for CVE-2007-4559: Directory traversal vulnerability in the (1) extract and (2) extractall functions in the tarfile module in Python allows user-assisted remote attackers to overwrite arbitrary files via a .. (dot dot) sequence in filenames in a TAR archive, a related issue to CVE-2001-1267.", - "cve": "CVE-2007-4559", - "id": "pyup.io-53381", - "more_info_path": "/vulnerabilities/CVE-2007-4559/53381", + "advisory": "Pact-python 1.7.0 updates its dependency 'wheel' to v0.38.0 to include a security fix.", + "cve": "CVE-2022-40898", + "id": "pyup.io-53382", + "more_info_path": "/vulnerabilities/CVE-2022-40898/53382", "specs": [ "<1.7.0" ], @@ -105291,10 +105659,10 @@ "v": "<0.45.0" }, { - "advisory": "Panther-analysis-tool version 0.45.0 has upgraded its aiohttp library to version 3.9.2 from the previous 3.8.6, addressing security concerns highlighted by CVE-2024-23334", - "cve": "CVE-2024-23334", - "id": "pyup.io-67505", - "more_info_path": "/vulnerabilities/CVE-2024-23334/67505", + "advisory": "Panther-analysis-tool version 0.45.0 has upgraded its aiohttp library to version 3.9.2 from the previous 3.8.6, addressing security concerns highlighted by CVE-2024-23829", + "cve": "CVE-2024-23829", + "id": "pyup.io-67506", + "more_info_path": "/vulnerabilities/CVE-2024-23829/67506", "specs": [ "<0.45.0" ], @@ -105311,10 +105679,10 @@ "v": "<0.45.0" }, { - "advisory": "Panther-analysis-tool version 0.45.0 has upgraded its aiohttp library to version 3.9.2 from the previous 3.8.6, addressing security concerns highlighted by CVE-2024-23829", - "cve": "CVE-2024-23829", - "id": "pyup.io-67506", - "more_info_path": "/vulnerabilities/CVE-2024-23829/67506", + "advisory": "Panther-analysis-tool version 0.45.0 has upgraded its aiohttp library to version 3.9.2 from the previous 3.8.6, addressing security concerns highlighted by CVE-2024-23334", + "cve": "CVE-2024-23334", + "id": "pyup.io-67505", + "more_info_path": "/vulnerabilities/CVE-2024-23334/67505", "specs": [ "<0.45.0" ], @@ -107364,16 +107732,6 @@ ], "v": "<2.6.2" }, - { - "advisory": "Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.", - "cve": "CVE-2016-0740", - "id": "pyup.io-33134", - "more_info_path": "/vulnerabilities/CVE-2016-0740/33134", - "specs": [ - "<3.1.1" - ], - "v": "<3.1.1" - }, { "advisory": "Buffer overflow in the ImagingPcdDecode function in PcdDecode.c in Pillow before 3.1.1 and Python Imaging Library (PIL) 1.1.7 and earlier allows remote attackers to cause a denial of service (crash) via a crafted PhotoCD file.", "cve": "CVE-2016-2533", @@ -107394,6 +107752,16 @@ ], "v": "<3.1.1" }, + { + "advisory": "Buffer overflow in the ImagingLibTiffDecode function in libImaging/TiffDecode.c in Pillow before 3.1.1 allows remote attackers to overwrite memory via a crafted TIFF file.", + "cve": "CVE-2016-0740", + "id": "pyup.io-33134", + "more_info_path": "/vulnerabilities/CVE-2016-0740/33134", + "specs": [ + "<3.1.1" + ], + "v": "<3.1.1" + }, { "advisory": "Buffer overflow in the ImagingFliDecode function in libImaging/FliDecode.c in Pillow before 3.1.1 allows remote attackers to cause a denial of service (crash) via a crafted FLI file.", "cve": "CVE-2016-0775", @@ -107464,16 +107832,6 @@ ], "v": "<6.2.2" }, - { - "advisory": "libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.", - "cve": "CVE-2020-5310", - "id": "pyup.io-37779", - "more_info_path": "/vulnerabilities/CVE-2020-5310/37779", - "specs": [ - "<6.2.2" - ], - "v": "<6.2.2" - }, { "advisory": "libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.", "cve": "CVE-2020-5312", @@ -107494,6 +107852,16 @@ ], "v": "<6.2.2" }, + { + "advisory": "libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.", + "cve": "CVE-2020-5310", + "id": "pyup.io-37779", + "more_info_path": "/vulnerabilities/CVE-2020-5310/37779", + "specs": [ + "<6.2.2" + ], + "v": "<6.2.2" + }, { "advisory": "In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.", "cve": "CVE-2020-10379", @@ -107655,20 +108023,20 @@ "v": "<8.2.0" }, { - "advisory": "Pillow version 8.2.0 includes a fix for CVE-2021-28678: For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.\r\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/\r\nhttps://github.com/python-pillow/Pillow/pull/5377\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28678-fix-blp-dos", - "cve": "CVE-2021-28678", - "id": "pyup.io-40596", - "more_info_path": "/vulnerabilities/CVE-2021-28678/40596", + "advisory": "Pillow 8.2.0 includes a fix for CVE-2021-25287: There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode", + "cve": "CVE-2021-25287", + "id": "pyup.io-40592", + "more_info_path": "/vulnerabilities/CVE-2021-25287/40592", "specs": [ "<8.2.0" ], "v": "<8.2.0" }, { - "advisory": "Pillow 8.2.0 includes a fix for CVE-2021-25287: There is an out-of-bounds read in J2kDecode, in j2ku_graya_la.\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-25287-cve-2021-25288-fix-oob-read-in-jpeg2kdecode", - "cve": "CVE-2021-25287", - "id": "pyup.io-40592", - "more_info_path": "/vulnerabilities/CVE-2021-25287/40592", + "advisory": "Pillow version 8.2.0 includes a fix for CVE-2021-28678: For BLP data, BlpImagePlugin did not properly check that reads (after jumping to file offsets) returned data. This could lead to a DoS where the decoder could be run a large number of times on empty data.\r\nhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MQHA5HAIBOYI3R6HDWCLAGFTIQP767FL/\r\nhttps://github.com/python-pillow/Pillow/pull/5377\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/8.2.0.html#cve-2021-28678-fix-blp-dos", + "cve": "CVE-2021-28678", + "id": "pyup.io-40596", + "more_info_path": "/vulnerabilities/CVE-2021-28678/40596", "specs": [ "<8.2.0" ], @@ -107705,40 +108073,40 @@ "v": "<8.3.0" }, { - "advisory": "Pillow 9.0.0 ensures JpegImagePlugin stops at the end of a truncated file to avoid Denial of Service attacks.\r\nhttps://github.com/python-pillow/Pillow/pull/5921\r\nhttps://github.com/advisories/GHSA-4fx9-vc88-q2xc", - "cve": "PVE-2022-44524", - "id": "pyup.io-44524", - "more_info_path": "/vulnerabilities/PVE-2022-44524/44524", + "advisory": "Pillow 9.0.0 includes a fix for CVE-2022-22816: path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling", + "cve": "CVE-2022-22816", + "id": "pyup.io-44486", + "more_info_path": "/vulnerabilities/CVE-2022-22816/44486", "specs": [ "<9.0.0" ], "v": "<9.0.0" }, { - "advisory": "Pillow 9.0.0 excludes carriage return in PDF regex to help prevent ReDoS.\r\nhttps://github.com/python-pillow/Pillow/pull/5912\r\nhttps://github.com/python-pillow/Pillow/commit/43b800d933c996226e4d7df00c33fcbe46d97363", - "cve": "PVE-2021-44525", - "id": "pyup.io-44525", - "more_info_path": "/vulnerabilities/PVE-2021-44525/44525", + "advisory": "Pillow 9.0.0 includes a fix for CVE-2022-22815: path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling", + "cve": "CVE-2022-22815", + "id": "pyup.io-44485", + "more_info_path": "/vulnerabilities/CVE-2022-22815/44485", "specs": [ "<9.0.0" ], "v": "<9.0.0" }, { - "advisory": "Pillow 9.0.0 includes a fix for CVE-2022-22816: path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read during initialization of ImagePath.Path.\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling", - "cve": "CVE-2022-22816", - "id": "pyup.io-44486", - "more_info_path": "/vulnerabilities/CVE-2022-22816/44486", + "advisory": "Pillow 9.0.0 ensures JpegImagePlugin stops at the end of a truncated file to avoid Denial of Service attacks.\r\nhttps://github.com/python-pillow/Pillow/pull/5921\r\nhttps://github.com/advisories/GHSA-4fx9-vc88-q2xc", + "cve": "PVE-2022-44524", + "id": "pyup.io-44524", + "more_info_path": "/vulnerabilities/PVE-2022-44524/44524", "specs": [ "<9.0.0" ], "v": "<9.0.0" }, { - "advisory": "Pillow 9.0.0 includes a fix for CVE-2022-22815: path_getbbox in path.c in Pillow before 9.0.0 improperly initializes ImagePath.Path.\r\nhttps://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling", - "cve": "CVE-2022-22815", - "id": "pyup.io-44485", - "more_info_path": "/vulnerabilities/CVE-2022-22815/44485", + "advisory": "Pillow 9.0.0 excludes carriage return in PDF regex to help prevent ReDoS.\r\nhttps://github.com/python-pillow/Pillow/pull/5912\r\nhttps://github.com/python-pillow/Pillow/commit/43b800d933c996226e4d7df00c33fcbe46d97363", + "cve": "PVE-2021-44525", + "id": "pyup.io-44525", + "more_info_path": "/vulnerabilities/PVE-2021-44525/44525", "specs": [ "<9.0.0" ], @@ -107878,9 +108246,9 @@ }, { "advisory": "Pillow-heif 0.6.1 fixes HEIF decoder's CVEs.", - "cve": "CVE-2021-35452", - "id": "pyup.io-50718", - "more_info_path": "/vulnerabilities/CVE-2021-35452/50718", + "cve": "CVE-2021-36408", + "id": "pyup.io-50715", + "more_info_path": "/vulnerabilities/CVE-2021-36408/50715", "specs": [ "<0.6.1" ], @@ -107888,9 +108256,9 @@ }, { "advisory": "Pillow-heif 0.6.1 fixes HEIF decoder's CVEs.", - "cve": "CVE-2021-36408", - "id": "pyup.io-50715", - "more_info_path": "/vulnerabilities/CVE-2021-36408/50715", + "cve": "CVE-2021-35452", + "id": "pyup.io-50718", + "more_info_path": "/vulnerabilities/CVE-2021-35452/50718", "specs": [ "<0.6.1" ], @@ -108614,20 +108982,20 @@ ], "pip": [ { - "advisory": "pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a \"pip install\" operation.", - "cve": "CVE-2013-1629", - "id": "pyup.io-33140", - "more_info_path": "/vulnerabilities/CVE-2013-1629/33140", + "advisory": "pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.", + "cve": "CVE-2013-1888", + "id": "pyup.io-33141", + "more_info_path": "/vulnerabilities/CVE-2013-1888/33141", "specs": [ "<1.3" ], "v": "<1.3" }, { - "advisory": "pip before 1.3 allows local users to overwrite arbitrary files via a symlink attack on a file in the /tmp/pip-build temporary directory.", - "cve": "CVE-2013-1888", - "id": "pyup.io-33141", - "more_info_path": "/vulnerabilities/CVE-2013-1888/33141", + "advisory": "pip before 1.3 uses HTTP to retrieve packages from the PyPI repository, and does not perform integrity checks on package contents, which allows man-in-the-middle attackers to execute arbitrary code via a crafted response to a \"pip install\" operation.", + "cve": "CVE-2013-1629", + "id": "pyup.io-33140", + "more_info_path": "/vulnerabilities/CVE-2013-1629/33140", "specs": [ "<1.3" ], @@ -108663,16 +109031,6 @@ ], "v": "<19.2" }, - { - "advisory": "An issue was discovered in Pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number). A warning was added about this behavior in version 21.1.\r\nNOTE: it has been reported that this is intended functionality and the user is responsible for using --extra-index-url securely.", - "cve": "CVE-2018-20225", - "id": "pyup.io-67599", - "more_info_path": "/vulnerabilities/CVE-2018-20225/67599", - "specs": [ - "<21.1" - ], - "v": "<21.1" - }, { "advisory": "Pip 21.1 updates its dependency 'urllib3' to v1.26.4 due to security issues.", "cve": "CVE-2021-28363", @@ -108693,6 +109051,16 @@ ], "v": "<21.1" }, + { + "advisory": "An issue was discovered in Pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number). A warning was added about this behavior in version 21.1.\r\nNOTE: it has been reported that this is intended functionality and the user is responsible for using --extra-index-url securely.", + "cve": "CVE-2018-20225", + "id": "pyup.io-67599", + "more_info_path": "/vulnerabilities/CVE-2018-20225/67599", + "specs": [ + "<21.1" + ], + "v": "<21.1" + }, { "advisory": "Affected versions of Pip are vulnerable to Command Injection. When installing a package from a Mercurial VCS URL (ie \"pip install hg+...\") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the \"hg clone\" call (ie \"--config\"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.", "cve": "CVE-2023-5752", @@ -108727,19 +109095,19 @@ "pipenv": [ { "advisory": "Pipenv 2020.5.28 updates its dependency 'urllib3' to v1.25.9 to include security fixes.", - "cve": "CVE-2019-11236", - "id": "pyup.io-45799", - "more_info_path": "/vulnerabilities/CVE-2019-11236/45799", + "cve": "CVE-2019-11324", + "id": "pyup.io-45798", + "more_info_path": "/vulnerabilities/CVE-2019-11324/45798", "specs": [ "<2020.5.28" ], "v": "<2020.5.28" }, { - "advisory": "Pipenv 2020.5.28 updates its dependency 'urllib3' to v1.25.9 to include security fixes.", - "cve": "CVE-2019-11324", - "id": "pyup.io-45798", - "more_info_path": "/vulnerabilities/CVE-2019-11324/45798", + "advisory": "Pipenv 2020.5.28 updates its dependency 'jinja2' to v2.11.2 to include a security fix.", + "cve": "CVE-2019-10906", + "id": "pyup.io-38334", + "more_info_path": "/vulnerabilities/CVE-2019-10906/38334", "specs": [ "<2020.5.28" ], @@ -108756,10 +109124,10 @@ "v": "<2020.5.28" }, { - "advisory": "Pipenv 2020.5.28 updates its dependency 'jinja2' to v2.11.2 to include a security fix.", - "cve": "CVE-2019-10906", - "id": "pyup.io-38334", - "more_info_path": "/vulnerabilities/CVE-2019-10906/38334", + "advisory": "Pipenv 2020.5.28 updates its dependency 'urllib3' to v1.25.9 to include security fixes.", + "cve": "CVE-2019-11236", + "id": "pyup.io-45799", + "more_info_path": "/vulnerabilities/CVE-2019-11236/45799", "specs": [ "<2020.5.28" ], @@ -109259,6 +109627,83 @@ ], "v": "<4.1.3" }, + { + "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5497: membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL.", + "cve": "CVE-2012-5497", + "id": "pyup.io-35389", + "more_info_path": "/vulnerabilities/CVE-2012-5497/35389", + "specs": [ + "<4.2.3", + ">=4.3a1,<4.3b1" + ], + "v": "<4.2.3,>=4.3a1,<4.3b1" + }, + { + "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5499: python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns.", + "cve": "CVE-2012-5499", + "id": "pyup.io-35391", + "more_info_path": "/vulnerabilities/CVE-2012-5499/35391", + "specs": [ + "<4.2.3", + ">=4.3a1,<4.3b1" + ], + "v": "<4.2.3,>=4.3a1,<4.3b1" + }, + { + "advisory": "ftp.py in Plone before 4.2.3 and 4.3b1 allows remote attackers to read hidden folder contents via unspecified vectors.", + "cve": "CVE-2012-5503", + "id": "pyup.io-25999", + "more_info_path": "/vulnerabilities/CVE-2012-5503/25999", + "specs": [ + "<4.2.3", + ">=4.3a1,<4.3b1" + ], + "v": "<4.2.3,>=4.3a1,<4.3b1" + }, + { + "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5502: Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.", + "cve": "CVE-2012-5502", + "id": "pyup.io-35394", + "more_info_path": "/vulnerabilities/CVE-2012-5502/35394", + "specs": [ + "<4.2.3", + ">=4.3a1,<4.3b1" + ], + "v": "<4.2.3,>=4.3a1,<4.3b1" + }, + { + "advisory": "z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.", + "cve": "CVE-2012-5491", + "id": "pyup.io-35384", + "more_info_path": "/vulnerabilities/CVE-2012-5491/35384", + "specs": [ + "<4.2.3", + ">=4.3a1,<4.3b1" + ], + "v": "<4.2.3,>=4.3a1,<4.3b1" + }, + { + "advisory": "Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", + "cve": "CVE-2012-5490", + "id": "pyup.io-35383", + "more_info_path": "/vulnerabilities/CVE-2012-5490/35383", + "specs": [ + "<4.2.3", + ">=4.3a1,<4.3b1" + ], + "v": "<4.2.3,>=4.3a1,<4.3b1" + }, + { + "advisory": "uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.", + "cve": "CVE-2012-5492", + "id": "pyup.io-35385", + "more_info_path": "/vulnerabilities/CVE-2012-5492/35385", + "specs": [ + "<4.2.3", + ">=4.3a1,<4.3b1" + ], + "v": "<4.2.3,>=4.3a1,<4.3b1" + }, { "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5485: registerConfiglet.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via unspecified vectors, related to the admin interface.", "cve": "CVE-2012-5485", @@ -109325,17 +109770,6 @@ ], "v": "<4.2.3,>=4.3a1,<4.3b1" }, - { - "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5497: membership_tool.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to enumerate user account names via a crafted URL.", - "cve": "CVE-2012-5497", - "id": "pyup.io-35389", - "more_info_path": "/vulnerabilities/CVE-2012-5497/35389", - "specs": [ - "<4.2.3", - ">=4.3a1,<4.3b1" - ], - "v": "<4.2.3,>=4.3a1,<4.3b1" - }, { "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5501: at_download.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to read arbitrary BLOBs (Files and Images) stored on custom content types via a crafted URL.", "cve": "CVE-2012-5501", @@ -109358,28 +109792,6 @@ ], "v": "<4.2.3,>=4.3a1,<4.3b1" }, - { - "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5499: python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service (memory consumption) via a large value, related to formatColumns.", - "cve": "CVE-2012-5499", - "id": "pyup.io-35391", - "more_info_path": "/vulnerabilities/CVE-2012-5499/35391", - "specs": [ - "<4.2.3", - ">=4.3a1,<4.3b1" - ], - "v": "<4.2.3,>=4.3a1,<4.3b1" - }, - { - "advisory": "ftp.py in Plone before 4.2.3 and 4.3b1 allows remote attackers to read hidden folder contents via unspecified vectors.", - "cve": "CVE-2012-5503", - "id": "pyup.io-25999", - "more_info_path": "/vulnerabilities/CVE-2012-5503/25999", - "specs": [ - "<4.2.3", - ">=4.3a1,<4.3b1" - ], - "v": "<4.2.3,>=4.3a1,<4.3b1" - }, { "advisory": "Plone versions 4.2.3 and 4.3b1 include a fix for CVE-2012-6661, a vulnerability in its dependency \"zope\".", "cve": "CVE-2012-6661", @@ -109424,17 +109836,6 @@ ], "v": "<4.2.3,>=4.3a1,<4.3b1" }, - { - "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5502: Cross-site scripting (XSS) vulnerability in safe_html.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote authenticated users with permissions to edit content to inject arbitrary web script or HTML via unspecified vectors.", - "cve": "CVE-2012-5502", - "id": "pyup.io-35394", - "more_info_path": "/vulnerabilities/CVE-2012-5502/35394", - "specs": [ - "<4.2.3", - ">=4.3a1,<4.3b1" - ], - "v": "<4.2.3,>=4.3a1,<4.3b1" - }, { "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5488: Python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to createObject.", "cve": "CVE-2012-5488", @@ -109446,39 +109847,6 @@ ], "v": "<4.2.3,>=4.3a1,<4.3b1" }, - { - "advisory": "Cross-site scripting (XSS) vulnerability in kssdevel.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.", - "cve": "CVE-2012-5490", - "id": "pyup.io-35383", - "more_info_path": "/vulnerabilities/CVE-2012-5490/35383", - "specs": [ - "<4.2.3", - ">=4.3a1,<4.3b1" - ], - "v": "<4.2.3,>=4.3a1,<4.3b1" - }, - { - "advisory": "z3c.form, as used in Plone before 4.2.3 and 4.3 before beta 1, allows remote attackers to obtain the default form field values by leveraging knowledge of the form location and the element id.", - "cve": "CVE-2012-5491", - "id": "pyup.io-35384", - "more_info_path": "/vulnerabilities/CVE-2012-5491/35384", - "specs": [ - "<4.2.3", - ">=4.3a1,<4.3b1" - ], - "v": "<4.2.3,>=4.3a1,<4.3b1" - }, - { - "advisory": "uid_catalog.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to obtain metadata about hidden objects via a crafted URL.", - "cve": "CVE-2012-5492", - "id": "pyup.io-35385", - "more_info_path": "/vulnerabilities/CVE-2012-5492/35385", - "specs": [ - "<4.2.3", - ">=4.3a1,<4.3b1" - ], - "v": "<4.2.3,>=4.3a1,<4.3b1" - }, { "advisory": "Plone 4.2.3 and 4.3b1 include a fix for CVE-2012-5495: python_scripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to execute Python code via a crafted URL, related to \"go_back.\"", "cve": "CVE-2012-5495", @@ -109738,6 +110106,16 @@ ], "v": "<=5.2.4" }, + { + "advisory": "Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item.", + "cve": "CVE-2021-33508", + "id": "pyup.io-40533", + "more_info_path": "/vulnerabilities/CVE-2021-33508/40533", + "specs": [ + "<=5.2.4" + ], + "v": "<=5.2.4" + }, { "advisory": "Plone through 5.2.4 allows remote authenticated managers to conduct SSRF attacks via an event ical URL, to read one line of a file.", "cve": "CVE-2021-33510", @@ -109758,16 +110136,6 @@ ], "v": "<=5.2.4" }, - { - "advisory": "Plone through 5.2.4 allows XSS via a full name that is mishandled during rendering of the ownership tab of a content item.", - "cve": "CVE-2021-33508", - "id": "pyup.io-40533", - "more_info_path": "/vulnerabilities/CVE-2021-33508/40533", - "specs": [ - "<=5.2.4" - ], - "v": "<=5.2.4" - }, { "advisory": "Plone through 5.2.4 allows stored XSS attacks (by a Contributor) by uploading an SVG or HTML document.", "cve": "CVE-2021-33512", @@ -109875,10 +110243,10 @@ "v": ">=2.1,<4.1,>=4.2a1,<4.2.5,>=4.3a1,<4.3.1" }, { - "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4195: Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.", - "cve": "CVE-2013-4195", - "id": "pyup.io-35447", - "more_info_path": "/vulnerabilities/CVE-2013-4195/35447", + "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4189: Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, and (3) traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors.", + "cve": "CVE-2013-4189", + "id": "pyup.io-35441", + "more_info_path": "/vulnerabilities/CVE-2013-4189/35441", "specs": [ ">=2.1,<4.1", ">=4.2a1,<4.2.5", @@ -109887,10 +110255,10 @@ "v": ">=2.1,<4.1,>=4.2a1,<4.2.5,>=4.3a1,<4.3.1" }, { - "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4194: The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers to obtain sensitive information via a crafted URL, which reveals the installation path in an error message.", - "cve": "CVE-2013-4194", - "id": "pyup.io-35446", - "more_info_path": "/vulnerabilities/CVE-2013-4194/35446", + "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4192: sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.", + "cve": "CVE-2013-4192", + "id": "pyup.io-35444", + "more_info_path": "/vulnerabilities/CVE-2013-4192/35444", "specs": [ ">=2.1,<4.1", ">=4.2a1,<4.2.5", @@ -109899,10 +110267,10 @@ "v": ">=2.1,<4.1,>=4.2a1,<4.2.5,>=4.3a1,<4.3.1" }, { - "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4189: Multiple unspecified vulnerabilities in (1) dataitems.py, (2) get.py, and (3) traverseName.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote authenticated users with administrator access to a subtree to access nodes above the subtree via unknown vectors.", - "cve": "CVE-2013-4189", - "id": "pyup.io-35441", - "more_info_path": "/vulnerabilities/CVE-2013-4189/35441", + "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4197: member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.", + "cve": "CVE-2013-4197", + "id": "pyup.io-35449", + "more_info_path": "/vulnerabilities/CVE-2013-4197/35449", "specs": [ ">=2.1,<4.1", ">=4.2a1,<4.2.5", @@ -109911,10 +110279,10 @@ "v": ">=2.1,<4.1,>=4.2a1,<4.2.5,>=4.3a1,<4.3.1" }, { - "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4193: typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL.", - "cve": "CVE-2013-4193", - "id": "pyup.io-35445", - "more_info_path": "/vulnerabilities/CVE-2013-4193/35445", + "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4191: zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive.", + "cve": "CVE-2013-4191", + "id": "pyup.io-35443", + "more_info_path": "/vulnerabilities/CVE-2013-4191/35443", "specs": [ ">=2.1,<4.1", ">=4.2a1,<4.2.5", @@ -109923,10 +110291,10 @@ "v": ">=2.1,<4.1,>=4.2a1,<4.2.5,>=4.3a1,<4.3.1" }, { - "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4192: sendto.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to spoof emails via unspecified vectors.", - "cve": "CVE-2013-4192", - "id": "pyup.io-35444", - "more_info_path": "/vulnerabilities/CVE-2013-4192/35444", + "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4195: Multiple open redirect vulnerabilities in (1) marmoset_patch.py, (2) publish.py, and (3) principiaredirect.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.", + "cve": "CVE-2013-4195", + "id": "pyup.io-35447", + "more_info_path": "/vulnerabilities/CVE-2013-4195/35447", "specs": [ ">=2.1,<4.1", ">=4.2a1,<4.2.5", @@ -109935,10 +110303,10 @@ "v": ">=2.1,<4.1,>=4.2a1,<4.2.5,>=4.3a1,<4.3.1" }, { - "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4197: member_portrait.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to modify or delete portraits of other users via unspecified vectors.", - "cve": "CVE-2013-4197", - "id": "pyup.io-35449", - "more_info_path": "/vulnerabilities/CVE-2013-4197/35449", + "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4194: The WYSIWYG component (wysiwyg.py) in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote attackers to obtain sensitive information via a crafted URL, which reveals the installation path in an error message.", + "cve": "CVE-2013-4194", + "id": "pyup.io-35446", + "more_info_path": "/vulnerabilities/CVE-2013-4194/35446", "specs": [ ">=2.1,<4.1", ">=4.2a1,<4.2.5", @@ -109947,10 +110315,10 @@ "v": ">=2.1,<4.1,>=4.2a1,<4.2.5,>=4.3a1,<4.3.1" }, { - "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4191: zip.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce access restrictions when including content in a zip archive, which allows remote attackers to obtain sensitive information by reading a generated archive.", - "cve": "CVE-2013-4191", - "id": "pyup.io-35443", - "more_info_path": "/vulnerabilities/CVE-2013-4191/35443", + "advisory": "Plone 4.1, 4.2.5 and 4.3.1 include a fix for CVE-2013-4193: typeswidget.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 does not properly enforce the immutable setting on unspecified content edit forms, which allows remote attackers to hide fields on the forms via a crafted URL.", + "cve": "CVE-2013-4193", + "id": "pyup.io-35445", + "more_info_path": "/vulnerabilities/CVE-2013-4193/35445", "specs": [ ">=2.1,<4.1", ">=4.2a1,<4.2.5", @@ -109982,18 +110350,6 @@ ], "v": ">=2.1,<4.1,>=4.2a1,<4.2.5,>=4.3a1,<4.3.1" }, - { - "advisory": "Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.", - "cve": "CVE-2013-4190", - "id": "pyup.io-35442", - "more_info_path": "/vulnerabilities/CVE-2013-4190/35442", - "specs": [ - ">=2.1,<=4.1", - ">=4.2a1,<=4.2.5", - ">=4.3a1,<=4.3.1" - ], - "v": ">=2.1,<=4.1,>=4.2a1,<=4.2.5,>=4.3a1,<=4.3.1" - }, { "advisory": "mail_password.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allows remote authenticated users to bypass the prohibition on password changes via the forgotten password email functionality.", "cve": "CVE-2013-4198", @@ -110018,6 +110374,18 @@ ], "v": ">=2.1,<=4.1,>=4.2a1,<=4.2.5,>=4.3a1,<=4.3.1" }, + { + "advisory": "Multiple cross-site scripting (XSS) vulnerabilities in (1) spamProtect.py, (2) pts.py, and (3) request.py in Plone 2.1 through 4.1, 4.2.x through 4.2.5, and 4.3.x through 4.3.1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.", + "cve": "CVE-2013-4190", + "id": "pyup.io-35442", + "more_info_path": "/vulnerabilities/CVE-2013-4190/35442", + "specs": [ + ">=2.1,<=4.1", + ">=4.2a1,<=4.2.5", + ">=4.3a1,<=4.3.1" + ], + "v": ">=2.1,<=4.1,>=4.2a1,<=4.2.5,>=4.3a1,<=4.3.1" + }, { "advisory": "Unspecified vulnerability in Plone 2.5 through 4.0, as used in Conga, luci, and possibly other products, allows remote attackers to obtain administrative access, read or create arbitrary content, and change the site skin via unknown vectors.", "cve": "CVE-2011-0720", @@ -110194,10 +110562,10 @@ "v": ">=3.3a1,<3.3.6,>=4.0a1,<4.3.11,>=5.0a1,<5.0.6" }, { - "advisory": "Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.\r\nhttps://plone.org/security/hotfix/20160830/non-persistent-xss-in-zope2", - "cve": "CVE-2016-7140", - "id": "pyup.io-35688", - "more_info_path": "/vulnerabilities/CVE-2016-7140/35688", + "advisory": "Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.", + "cve": "CVE-2016-7138", + "id": "pyup.io-35686", + "more_info_path": "/vulnerabilities/CVE-2016-7138/35686", "specs": [ ">=3.3a1,<=3.3.6", ">=4.0a1,<=4.3.11", @@ -110206,10 +110574,10 @@ "v": ">=3.3a1,<=3.3.6,>=4.0a1,<=4.3.11,>=5.0a1,<=5.0.6" }, { - "advisory": "Cross-site scripting (XSS) vulnerability in the URL checking infrastructure in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.", - "cve": "CVE-2016-7138", - "id": "pyup.io-35686", - "more_info_path": "/vulnerabilities/CVE-2016-7138/35686", + "advisory": "Multiple cross-site scripting (XSS) vulnerabilities in the ZMI page in Zope2 in Plone CMS 5.x through 5.0.6, 4.x through 4.3.11, and 3.3.x through 3.3.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.\r\nhttps://plone.org/security/hotfix/20160830/non-persistent-xss-in-zope2", + "cve": "CVE-2016-7140", + "id": "pyup.io-35688", + "more_info_path": "/vulnerabilities/CVE-2016-7140/35688", "specs": [ ">=3.3a1,<=3.3.6", ">=4.0a1,<=4.3.11", @@ -111389,16 +111757,6 @@ } ], "polyaxon": [ - { - "advisory": "Polyaxon 0.4.1 updates its NPM dependency 'bootstrap' to v3.4.1 to include a security fix.", - "cve": "CVE-2019-8331", - "id": "pyup.io-49097", - "more_info_path": "/vulnerabilities/CVE-2019-8331/49097", - "specs": [ - "<0.4.1" - ], - "v": "<0.4.1" - }, { "advisory": "Polyaxon 0.4.1 updates its NPM dependency 'lodash' to v4.17.11 to include security fixes.", "cve": "CVE-2018-16487", @@ -111419,6 +111777,16 @@ ], "v": "<0.4.1" }, + { + "advisory": "Polyaxon 0.4.1 updates its NPM dependency 'bootstrap' to v3.4.1 to include a security fix.", + "cve": "CVE-2019-8331", + "id": "pyup.io-49097", + "more_info_path": "/vulnerabilities/CVE-2019-8331/49097", + "specs": [ + "<0.4.1" + ], + "v": "<0.4.1" + }, { "advisory": "Polyaxon 0.5.1 updates its NPM dependency 'lodash' to v4.17.14: vulnerability issue.", "cve": "CVE-2019-10744", @@ -111450,20 +111818,20 @@ "v": "<0.5.5" }, { - "advisory": "Polyaxon 0.5.5 updates its dependency 'djangorestframework' to v3.10.1 to include a security fix.", - "cve": "CVE-2020-25626", - "id": "pyup.io-38023", - "more_info_path": "/vulnerabilities/CVE-2020-25626/38023", + "advisory": "Polyaxon 0.5.5 updates its dependency 'django' to v2.2.4 to include security fixes.", + "cve": "CVE-2019-14233", + "id": "pyup.io-45018", + "more_info_path": "/vulnerabilities/CVE-2019-14233/45018", "specs": [ "<0.5.5" ], "v": "<0.5.5" }, { - "advisory": "Polyaxon 0.5.5 updates its dependency 'django' to v2.2.4 to include security fixes.", - "cve": "CVE-2019-14233", - "id": "pyup.io-45018", - "more_info_path": "/vulnerabilities/CVE-2019-14233/45018", + "advisory": "Polyaxon 0.5.5 updates its dependency 'djangorestframework' to v3.10.1 to include a security fix.", + "cve": "CVE-2020-25626", + "id": "pyup.io-38023", + "more_info_path": "/vulnerabilities/CVE-2020-25626/38023", "specs": [ "<0.5.5" ], @@ -111700,6 +112068,18 @@ "v": ">=2.7.0,<2.7.3" } ], + "port-ocean": [ + { + "advisory": "Port-ocean 0.12.4 pins 'cryptography' dependency to versions \"^43.0.1\" to include a security fix.", + "cve": "PVE-2024-73711", + "id": "pyup.io-73710", + "more_info_path": "/vulnerabilities/PVE-2024-73711/73710", + "specs": [ + "<0.12.4" + ], + "v": "<0.12.4" + } + ], "portablemc": [ { "advisory": "Portablemc 2.2.0 fixes indirectly a Log4j related vulnerability with changes on the version manifest management.\r\nhttps://github.com/mindstorm38/portablemc/issues/52", @@ -112173,6 +112553,18 @@ "v": "<0.2.3" } ], + "prelude-parser": [ + { + "advisory": "Prelude-parser 0.11.1 updates its Rust dependency 'PyO3' to v0.22.4 to include a security fix.", + "cve": "PVE-2024-73689", + "id": "pyup.io-73689", + "more_info_path": "/vulnerabilities/PVE-2024-73689/73689", + "specs": [ + "<0.11.1" + ], + "v": "<0.11.1" + } + ], "press": [ { "advisory": "Press 0.5.8 includes a fix for the function 'configuration_from_yaml' in 'press/configuration/util.py'. It used the unsafe yaml.load(), that allows instantiation of arbitrary objects. Consider yaml.safe_load(). \r\nhttps://github.com/jr0d/press/commit/c641f54ed39d1c3a335cd967954760ede9454052#diff-482d133cd7fc1e6dde3facc3af875192a5f8397fa3054ff21956c05e1138f26f", @@ -112197,20 +112589,20 @@ "v": "<2.3.2" }, { - "advisory": "pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Organizers can trigger the overwriting (with the standard pretalx 404 page content) of an arbitrary file.", - "cve": "CVE-2023-28458", - "id": "pyup.io-62906", - "more_info_path": "/vulnerabilities/CVE-2023-28458/62906", + "advisory": "pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Users were able to upload crafted HTML documents that trigger the reading of arbitrary files.", + "cve": "CVE-2023-28459", + "id": "pyup.io-62907", + "more_info_path": "/vulnerabilities/CVE-2023-28459/62907", "specs": [ "<2.3.2" ], "v": "<2.3.2" }, { - "advisory": "pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Users were able to upload crafted HTML documents that trigger the reading of arbitrary files.", - "cve": "CVE-2023-28459", - "id": "pyup.io-62907", - "more_info_path": "/vulnerabilities/CVE-2023-28459/62907", + "advisory": "pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Organizers can trigger the overwriting (with the standard pretalx 404 page content) of an arbitrary file.", + "cve": "CVE-2023-28458", + "id": "pyup.io-62906", + "more_info_path": "/vulnerabilities/CVE-2023-28458/62906", "specs": [ "<2.3.2" ], @@ -113399,10 +113791,10 @@ ], "psd-tools": [ { - "advisory": "Psd-tools 1.9.18 includes a version of 'pillow' vulnerable to several CVEs.", - "cve": "CVE-2020-5311", - "id": "pyup.io-43469", - "more_info_path": "/vulnerabilities/CVE-2020-5311/43469", + "advisory": "libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.", + "cve": "CVE-2020-5310", + "id": "pyup.io-43468", + "more_info_path": "/vulnerabilities/CVE-2020-5310/43468", "specs": [ "<=1.9.18" ], @@ -113410,9 +113802,9 @@ }, { "advisory": "Psd-tools 1.9.18 includes a version of 'pillow' vulnerable to several CVEs.", - "cve": "CVE-2020-5312", - "id": "pyup.io-43470", - "more_info_path": "/vulnerabilities/CVE-2020-5312/43470", + "cve": "CVE-2020-5311", + "id": "pyup.io-43469", + "more_info_path": "/vulnerabilities/CVE-2020-5311/43469", "specs": [ "<=1.9.18" ], @@ -113429,10 +113821,10 @@ "v": "<=1.9.18" }, { - "advisory": "libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.", - "cve": "CVE-2020-5310", - "id": "pyup.io-43468", - "more_info_path": "/vulnerabilities/CVE-2020-5310/43468", + "advisory": "Psd-tools 1.9.18 includes a version of 'pillow' vulnerable to several CVEs.", + "cve": "CVE-2020-5312", + "id": "pyup.io-43470", + "more_info_path": "/vulnerabilities/CVE-2020-5312/43470", "specs": [ "<=1.9.18" ], @@ -115180,16 +115572,6 @@ ], "v": "<0.11.1" }, - { - "advisory": "Pupyl 0.11.1 updates 'Tensorflow' to v2.5.0 to include security fixes", - "cve": "CVE-2021-29544", - "id": "pyup.io-43869", - "more_info_path": "/vulnerabilities/CVE-2021-29544/43869", - "specs": [ - "<0.11.1" - ], - "v": "<0.11.1" - }, { "advisory": "Pupyl 0.11.1 updates 'Tensorflow' to v2.5.0 to include security fixes", "cve": "CVE-2021-29557", @@ -116260,6 +116642,16 @@ ], "v": "<0.11.1" }, + { + "advisory": "Pupyl 0.11.1 updates 'Tensorflow' to v2.5.0 to include security fixes", + "cve": "CVE-2021-29544", + "id": "pyup.io-43869", + "more_info_path": "/vulnerabilities/CVE-2021-29544/43869", + "specs": [ + "<0.11.1" + ], + "v": "<0.11.1" + }, { "advisory": "Pupyl 0.12.1 updates its dependency 'TensorFlow' to v2.6.0 to include security fixes.", "cve": "CVE-2021-37684", @@ -117876,6 +118268,18 @@ "v": "<3.0.0alpha.2,<3.0.0a2" } ], + "pvops": [ + { + "advisory": "Pvops 0.4.0 starts requiring 'nltk>=3.9.1' to include a security fix.", + "cve": "CVE-2024-39705", + "id": "pyup.io-73875", + "more_info_path": "/vulnerabilities/CVE-2024-39705/73875", + "specs": [ + "<0.4.0" + ], + "v": "<0.4.0" + } + ], "pwd": [ { "advisory": "pwd is a package affected by pytosquatting: http://www.nbu.gov.sk/skcsirt-sa-20170909-pypi/", @@ -118651,10 +119055,10 @@ ], "pyanchor": [ { - "advisory": "Pyanchor version 0.5.1 updates its dependency 'urllib3' to v1.26.5 to include a security fix.", - "cve": "CVE-2021-33503", - "id": "pyup.io-49122", - "more_info_path": "/vulnerabilities/CVE-2021-33503/49122", + "advisory": "Pyanchor version 0.5.1 updates its dependency 'py' to v1.10.0 to include a security fix.", + "cve": "CVE-2020-29651", + "id": "pyup.io-49121", + "more_info_path": "/vulnerabilities/CVE-2020-29651/49121", "specs": [ "<0.5.1" ], @@ -118671,10 +119075,10 @@ "v": "<0.5.1" }, { - "advisory": "Pyanchor version 0.5.1 updates its dependency 'py' to v1.10.0 to include a security fix.", - "cve": "CVE-2020-29651", - "id": "pyup.io-49121", - "more_info_path": "/vulnerabilities/CVE-2020-29651/49121", + "advisory": "Pyanchor version 0.5.1 updates its dependency 'urllib3' to v1.26.5 to include a security fix.", + "cve": "CVE-2021-33503", + "id": "pyup.io-49122", + "more_info_path": "/vulnerabilities/CVE-2021-33503/49122", "specs": [ "<0.5.1" ], @@ -119025,20 +119429,20 @@ ], "pybotx": [ { - "advisory": "Pybotx 0.55.3 updates its dependency 'fastapy' to v0.95.2 to include a security fix.", - "cve": "PVE-2023-58713", - "id": "pyup.io-58906", - "more_info_path": "/vulnerabilities/PVE-2023-58713/58906", + "advisory": "Pybotx 0.55.3 updates its dependency 'requests' to v2.31.0 to include a security fix.", + "cve": "CVE-2023-32681", + "id": "pyup.io-58908", + "more_info_path": "/vulnerabilities/CVE-2023-32681/58908", "specs": [ "<0.55.3" ], "v": "<0.55.3" }, { - "advisory": "Pybotx 0.55.3 updates its dependency 'requests' to v2.31.0 to include a security fix.", - "cve": "CVE-2023-32681", - "id": "pyup.io-58908", - "more_info_path": "/vulnerabilities/CVE-2023-32681/58908", + "advisory": "Pybotx 0.55.3 updates its dependency 'fastapy' to v0.95.2 to include a security fix.", + "cve": "PVE-2023-58713", + "id": "pyup.io-58906", + "more_info_path": "/vulnerabilities/PVE-2023-58713/58906", "specs": [ "<0.55.3" ], @@ -119902,40 +120306,40 @@ "v": ">=0,<0.1.1" }, { - "advisory": "Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command.", - "cve": "CVE-2007-6736", - "id": "pyup.io-53970", - "more_info_path": "/vulnerabilities/CVE-2007-6736/53970", + "advisory": "The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command.", + "cve": "CVE-2007-6740", + "id": "pyup.io-53974", + "more_info_path": "/vulnerabilities/CVE-2007-6740/53974", "specs": [ ">=0,<0.2.0" ], "v": ">=0,<0.2.0" }, { - "advisory": "FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempted_logins count for a USER command that specifies an invalid username, which makes it easier for remote attackers to obtain access via a brute-force attack.", - "cve": "CVE-2007-6737", - "id": "pyup.io-53971", - "more_info_path": "/vulnerabilities/CVE-2007-6737/53971", + "advisory": "Multiple directory traversal vulnerabilities in FTPServer.py in pyftpdlib before 0.2.0 allow remote authenticated users to access arbitrary files and directories via a .. (dot dot) in a (1) LIST, (2) STOR, or (3) RETR command.", + "cve": "CVE-2007-6736", + "id": "pyup.io-53970", + "more_info_path": "/vulnerabilities/CVE-2007-6736/53970", "specs": [ ">=0,<0.2.0" ], "v": ">=0,<0.2.0" }, { - "advisory": "The ftp_STOU function in FTPServer.py in pyftpdlib before 0.2.0 does not limit the number of attempts to discover a unique filename, which might allow remote authenticated users to cause a denial of service via a STOU command.", - "cve": "CVE-2007-6740", - "id": "pyup.io-53974", - "more_info_path": "/vulnerabilities/CVE-2007-6740/53974", + "advisory": "FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command.", + "cve": "CVE-2007-6739", + "id": "pyup.io-53973", + "more_info_path": "/vulnerabilities/CVE-2007-6739/53973", "specs": [ ">=0,<0.2.0" ], "v": ">=0,<0.2.0" }, { - "advisory": "FTPServer.py in pyftpdlib before 0.2.0 allows remote attackers to cause a denial of service via a long command.", - "cve": "CVE-2007-6739", - "id": "pyup.io-53973", - "more_info_path": "/vulnerabilities/CVE-2007-6739/53973", + "advisory": "FTPServer.py in pyftpdlib before 0.2.0 does not increment the attempted_logins count for a USER command that specifies an invalid username, which makes it easier for remote attackers to obtain access via a brute-force attack.", + "cve": "CVE-2007-6737", + "id": "pyup.io-53971", + "more_info_path": "/vulnerabilities/CVE-2007-6737/53971", "specs": [ ">=0,<0.2.0" ], @@ -119951,16 +120355,6 @@ ], "v": ">=0,<0.2.0" }, - { - "advisory": "The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file descriptor exhaustion and daemon outage) by sending a QUIT command during a disallowed data-transfer attempt.", - "cve": "CVE-2008-7264", - "id": "pyup.io-54040", - "more_info_path": "/vulnerabilities/CVE-2008-7264/54040", - "specs": [ - ">=0,<0.5.0" - ], - "v": ">=0,<0.5.0" - }, { "advisory": "ftpserver.py in pyftpdlib before 0.5.0 does not delay its response after receiving an invalid login attempt, which makes it easier for remote attackers to obtain access via a brute-force attack.", "cve": "CVE-2008-7263", @@ -119972,14 +120366,14 @@ "v": ">=0,<0.5.0" }, { - "advisory": "ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session.", - "cve": "CVE-2009-5012", - "id": "pyup.io-54046", - "more_info_path": "/vulnerabilities/CVE-2009-5012/54046", + "advisory": "The ftp_QUIT function in ftpserver.py in pyftpdlib before 0.5.0 allows remote authenticated users to cause a denial of service (file descriptor exhaustion and daemon outage) by sending a QUIT command during a disallowed data-transfer attempt.", + "cve": "CVE-2008-7264", + "id": "pyup.io-54040", + "more_info_path": "/vulnerabilities/CVE-2008-7264/54040", "specs": [ - ">=0,<0.5.2" + ">=0,<0.5.0" ], - "v": ">=0,<0.5.2" + "v": ">=0,<0.5.0" }, { "advisory": "Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attackers to cause a denial of service (daemon outage) by establishing and then immediately closing a TCP connection, leading to the getpeername function having an ENOTCONN error, a different vulnerability than CVE-2010-3494.", @@ -120000,6 +120394,16 @@ ">=0,<0.5.2" ], "v": ">=0,<0.5.2" + }, + { + "advisory": "ftpserver.py in pyftpdlib before 0.5.2 does not require the l permission for the MLST command, which allows remote authenticated users to bypass intended access restrictions and list the root directory via an FTP session.", + "cve": "CVE-2009-5012", + "id": "pyup.io-54046", + "more_info_path": "/vulnerabilities/CVE-2009-5012/54046", + "specs": [ + ">=0,<0.5.2" + ], + "v": ">=0,<0.5.2" } ], "pyftpdlib-ustcblog": [ @@ -120025,6 +120429,16 @@ ], "v": "<1.11.0" }, + { + "advisory": "Pyg90alarm 1.6.1 updates its dependency 'sphinx' to v3.0.4 to include a security fix.", + "cve": "CVE-2020-11022", + "id": "pyup.io-51546", + "more_info_path": "/vulnerabilities/CVE-2020-11022/51546", + "specs": [ + "<1.6.1" + ], + "v": "<1.6.1" + }, { "advisory": "Pyg90alarm 1.6.1 updates its dependency 'pygments' to v2.7.4 to include a security fix.", "cve": "CVE-2021-20270", @@ -120045,16 +120459,6 @@ ], "v": "<1.6.1" }, - { - "advisory": "Pyg90alarm 1.6.1 updates its dependency 'sphinx' to v3.0.4 to include a security fix.", - "cve": "CVE-2020-11022", - "id": "pyup.io-51546", - "more_info_path": "/vulnerabilities/CVE-2020-11022/51546", - "specs": [ - "<1.6.1" - ], - "v": "<1.6.1" - }, { "advisory": "Pyg90alarm 1.6.1 updates its dependency 'sphinx' to v3.0.4 to include a security fix.", "cve": "CVE-2020-11023", @@ -120619,6 +121023,16 @@ ], "v": "<0.5.0b3.dev77" }, + { + "advisory": "Affected versions of pyLoad are vulnerable to path traversal via the storage_folder configuration setting. This vulnerability allows attackers to write files to arbitrary locations by manipulating the storage_folder path, potentially leading to arbitrary file writes and code execution. The vulnerability exists in the Core.init and Api.set_config_value functions where storage paths aren't properly validated. Attackers with access to configuration settings can exploit this through the web interface. Users should update to the version which implements proper path validation and restriction checks.", + "cve": "CVE-2024-47821", + "id": "pyup.io-73964", + "more_info_path": "/vulnerabilities/CVE-2024-47821/73964", + "specs": [ + "<0.5.0b3.dev87" + ], + "v": "<0.5.0b3.dev87" + }, { "advisory": "pyLoad 0.5.0 is vulnerable to Unrestricted File Upload.", "cve": "CVE-2023-47890", @@ -120700,20 +121114,20 @@ "v": ">=0,<0.5.0b3.dev40" }, { - "advisory": "Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41.", - "cve": "CVE-2023-0435", - "id": "pyup.io-54622", - "more_info_path": "/vulnerabilities/CVE-2023-0435/54622", + "advisory": "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in mootools-more 1.6.0 allows a malicious user to inject properties into Object.prototype.", + "cve": "CVE-2021-20088", + "id": "pyup.io-65843", + "more_info_path": "/vulnerabilities/CVE-2021-20088/65843", "specs": [ ">=0,<0.5.0b3.dev41" ], "v": ">=0,<0.5.0b3.dev41" }, { - "advisory": "Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in mootools-more 1.6.0 allows a malicious user to inject properties into Object.prototype.", - "cve": "CVE-2021-20088", - "id": "pyup.io-65843", - "more_info_path": "/vulnerabilities/CVE-2021-20088/65843", + "advisory": "Excessive Attack Surface in GitHub repository pyload/pyload prior to 0.5.0b3.dev41.", + "cve": "CVE-2023-0435", + "id": "pyup.io-54622", + "more_info_path": "/vulnerabilities/CVE-2023-0435/54622", "specs": [ ">=0,<0.5.0b3.dev41" ], @@ -121284,7 +121698,7 @@ ], "pyogrio": [ { - "advisory": "Pyogrio 0.7.2 and prior releases for Windows ship with a version of 'libcurl' (8.2.1) that has a high-severity vulnerability.\r\n#It only affects Windows users", + "advisory": "Pyogrio 0.7.2 and prior releases for Windows ship with a version of 'libcurl' (8.2.1) that has a high-severity vulnerability.", "cve": "CVE-2023-38545", "id": "pyup.io-61775", "more_info_path": "/vulnerabilities/CVE-2023-38545/61775", @@ -122039,9 +122453,9 @@ "pyramid-fullauth": [ { "advisory": "Pyramid-fullauth 1.0.0 updates its dependency 'SQLAlchemy' to be at least version 1.3.0 to include security fixes.", - "cve": "CVE-2019-7548", - "id": "pyup.io-52577", - "more_info_path": "/vulnerabilities/CVE-2019-7548/52577", + "cve": "CVE-2019-7164", + "id": "pyup.io-52562", + "more_info_path": "/vulnerabilities/CVE-2019-7164/52562", "specs": [ "<1.0.0" ], @@ -122049,9 +122463,9 @@ }, { "advisory": "Pyramid-fullauth 1.0.0 updates its dependency 'SQLAlchemy' to be at least version 1.3.0 to include security fixes.", - "cve": "CVE-2019-7164", - "id": "pyup.io-52562", - "more_info_path": "/vulnerabilities/CVE-2019-7164/52562", + "cve": "CVE-2019-7548", + "id": "pyup.io-52577", + "more_info_path": "/vulnerabilities/CVE-2019-7548/52577", "specs": [ "<1.0.0" ], @@ -122387,9 +122801,9 @@ }, { "advisory": "Pyserini 0.11.0.0 and prior includes a version of Anserini affected by critical and severe vulnerabilities, related to log4j.", - "cve": "CVE-2021-44832", - "id": "pyup.io-44462", - "more_info_path": "/vulnerabilities/CVE-2021-44832/44462", + "cve": "CVE-2021-45046", + "id": "pyup.io-43607", + "more_info_path": "/vulnerabilities/CVE-2021-45046/43607", "specs": [ "<=0.11.0.0" ], @@ -122397,9 +122811,9 @@ }, { "advisory": "Pyserini 0.11.0.0 and prior includes a version of Anserini affected by critical and severe vulnerabilities, related to log4j.", - "cve": "CVE-2021-45105", - "id": "pyup.io-43608", - "more_info_path": "/vulnerabilities/CVE-2021-45105/43608", + "cve": "CVE-2021-44832", + "id": "pyup.io-44462", + "more_info_path": "/vulnerabilities/CVE-2021-44832/44462", "specs": [ "<=0.11.0.0" ], @@ -122407,9 +122821,9 @@ }, { "advisory": "Pyserini 0.11.0.0 and prior includes a version of Anserini affected by critical and severe vulnerabilities, related to log4j.", - "cve": "CVE-2021-45046", - "id": "pyup.io-43607", - "more_info_path": "/vulnerabilities/CVE-2021-45046/43607", + "cve": "CVE-2021-45105", + "id": "pyup.io-43608", + "more_info_path": "/vulnerabilities/CVE-2021-45105/43608", "specs": [ "<=0.11.0.0" ], @@ -123108,9 +123522,9 @@ }, { "advisory": "Pysys-java 0.1 and prior includes a version of 'log4j-core' affected by critical and severe vulnerabilities.\r\nhttps://github.com/ben-spiller/pysysjava/pull/14", - "cve": "CVE-2021-45046", - "id": "pyup.io-43601", - "more_info_path": "/vulnerabilities/CVE-2021-45046/43601", + "cve": "CVE-2021-44832", + "id": "pyup.io-44461", + "more_info_path": "/vulnerabilities/CVE-2021-44832/44461", "specs": [ "<=0.1" ], @@ -123118,9 +123532,9 @@ }, { "advisory": "Pysys-java 0.1 and prior includes a version of 'log4j-core' affected by critical and severe vulnerabilities.\r\nhttps://github.com/ben-spiller/pysysjava/pull/14", - "cve": "CVE-2021-44832", - "id": "pyup.io-44461", - "more_info_path": "/vulnerabilities/CVE-2021-44832/44461", + "cve": "CVE-2021-44228", + "id": "pyup.io-43600", + "more_info_path": "/vulnerabilities/CVE-2021-44228/43600", "specs": [ "<=0.1" ], @@ -123128,9 +123542,9 @@ }, { "advisory": "Pysys-java 0.1 and prior includes a version of 'log4j-core' affected by critical and severe vulnerabilities.\r\nhttps://github.com/ben-spiller/pysysjava/pull/14", - "cve": "CVE-2021-44228", - "id": "pyup.io-43600", - "more_info_path": "/vulnerabilities/CVE-2021-44228/43600", + "cve": "CVE-2021-45046", + "id": "pyup.io-43601", + "more_info_path": "/vulnerabilities/CVE-2021-45046/43601", "specs": [ "<=0.1" ], @@ -127029,9 +127443,9 @@ }, { "advisory": "Pytoxo 1.2 updates its dependency 'pillow' to v9.0.1 to include security fixes.", - "cve": "CVE-2022-22817", - "id": "pyup.io-48200", - "more_info_path": "/vulnerabilities/CVE-2022-22817/48200", + "cve": "CVE-2022-24303", + "id": "pyup.io-48199", + "more_info_path": "/vulnerabilities/CVE-2022-24303/48199", "specs": [ "<1.2" ], @@ -127039,9 +127453,9 @@ }, { "advisory": "Pytoxo 1.2 updates its dependency 'pillow' to v9.0.1 to include security fixes.", - "cve": "CVE-2022-24303", - "id": "pyup.io-48199", - "more_info_path": "/vulnerabilities/CVE-2022-24303/48199", + "cve": "CVE-2021-34552", + "id": "pyup.io-48206", + "more_info_path": "/vulnerabilities/CVE-2021-34552/48206", "specs": [ "<1.2" ], @@ -127049,9 +127463,9 @@ }, { "advisory": "Pytoxo 1.2 updates its dependency 'pillow' to v9.0.1 to include security fixes.", - "cve": "CVE-2021-34552", - "id": "pyup.io-48206", - "more_info_path": "/vulnerabilities/CVE-2021-34552/48206", + "cve": "CVE-2022-22817", + "id": "pyup.io-48200", + "more_info_path": "/vulnerabilities/CVE-2022-22817/48200", "specs": [ "<1.2" ], @@ -127477,16 +127891,6 @@ ], "v": "<3.0.20181203" }, - { - "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", - "cve": "CVE-2020-35654", - "id": "pyup.io-46447", - "more_info_path": "/vulnerabilities/CVE-2020-35654/46447", - "specs": [ - "<6.1.0" - ], - "v": "<6.1.0" - }, { "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", "cve": "CVE-2021-25293", @@ -127497,16 +127901,6 @@ ], "v": "<6.1.0" }, - { - "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", - "cve": "CVE-2021-27922", - "id": "pyup.io-46444", - "more_info_path": "/vulnerabilities/CVE-2021-27922/46444", - "specs": [ - "<6.1.0" - ], - "v": "<6.1.0" - }, { "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", "cve": "CVE-2021-25291", @@ -127559,9 +127953,9 @@ }, { "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", - "cve": "CVE-2021-25290", - "id": "pyup.io-46439", - "more_info_path": "/vulnerabilities/CVE-2021-25290/46439", + "cve": "CVE-2021-27922", + "id": "pyup.io-46444", + "more_info_path": "/vulnerabilities/CVE-2021-27922/46444", "specs": [ "<6.1.0" ], @@ -127579,9 +127973,9 @@ }, { "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", - "cve": "CVE-2020-10379", - "id": "pyup.io-40579", - "more_info_path": "/vulnerabilities/CVE-2020-10379/40579", + "cve": "CVE-2020-10994", + "id": "pyup.io-46449", + "more_info_path": "/vulnerabilities/CVE-2020-10994/46449", "specs": [ "<6.1.0" ], @@ -127589,9 +127983,9 @@ }, { "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", - "cve": "CVE-2021-27921", - "id": "pyup.io-46443", - "more_info_path": "/vulnerabilities/CVE-2021-27921/46443", + "cve": "CVE-2021-25290", + "id": "pyup.io-46439", + "more_info_path": "/vulnerabilities/CVE-2021-25290/46439", "specs": [ "<6.1.0" ], @@ -127599,9 +127993,9 @@ }, { "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", - "cve": "CVE-2020-10994", - "id": "pyup.io-46449", - "more_info_path": "/vulnerabilities/CVE-2020-10994/46449", + "cve": "CVE-2020-10379", + "id": "pyup.io-40579", + "more_info_path": "/vulnerabilities/CVE-2020-10379/40579", "specs": [ "<6.1.0" ], @@ -127609,9 +128003,9 @@ }, { "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", - "cve": "CVE-2021-23437", - "id": "pyup.io-46452", - "more_info_path": "/vulnerabilities/CVE-2021-23437/46452", + "cve": "CVE-2020-35653", + "id": "pyup.io-46446", + "more_info_path": "/vulnerabilities/CVE-2020-35653/46446", "specs": [ "<6.1.0" ], @@ -127619,9 +128013,9 @@ }, { "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", - "cve": "CVE-2020-35653", - "id": "pyup.io-46446", - "more_info_path": "/vulnerabilities/CVE-2020-35653/46446", + "cve": "CVE-2021-23437", + "id": "pyup.io-46452", + "more_info_path": "/vulnerabilities/CVE-2021-23437/46452", "specs": [ "<6.1.0" ], @@ -127636,6 +128030,26 @@ "<6.1.0" ], "v": "<6.1.0" + }, + { + "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", + "cve": "CVE-2021-27921", + "id": "pyup.io-46443", + "more_info_path": "/vulnerabilities/CVE-2021-27921/46443", + "specs": [ + "<6.1.0" + ], + "v": "<6.1.0" + }, + { + "advisory": "Pywikibot 6.1.0 updates its dependency 'Pillow' to versions >=8.1.1 to include security fixes.", + "cve": "CVE-2020-35654", + "id": "pyup.io-46447", + "more_info_path": "/vulnerabilities/CVE-2020-35654/46447", + "specs": [ + "<6.1.0" + ], + "v": "<6.1.0" } ], "pywin32": [ @@ -128147,6 +128561,16 @@ } ], "quart": [ + { + "advisory": "Affected versions of Quart are vulnerable to possible resource exhaustion when parsing file data in forms.", + "cve": "CVE-2024-49767", + "id": "pyup.io-73878", + "more_info_path": "/vulnerabilities/CVE-2024-49767/73878", + "specs": [ + "<0.19.7" + ], + "v": "<0.19.7" + }, { "advisory": "Quart 0.4.0 allows the request to be limited to prevent DOS attacks.", "cve": "PVE-2021-39235", @@ -128202,6 +128626,38 @@ "v": "<0.9.1" } ], + "querynator": [ + { + "advisory": "Querynator updated black to version 24.3.0 due to moderate vulnerability CVE-2024-21503.", + "cve": "CVE-2024-21503", + "id": "pyup.io-73662", + "more_info_path": "/vulnerabilities/CVE-2024-21503/73662", + "specs": [ + "<0.6.0" + ], + "v": "<0.6.0" + }, + { + "advisory": "Querynator updated requests to version 2.31.0 due to moderate vulnerability CVE-2023-32681.", + "cve": "CVE-2023-32681", + "id": "pyup.io-73675", + "more_info_path": "/vulnerabilities/CVE-2023-32681/73675", + "specs": [ + "<0.6.0" + ], + "v": "<0.6.0" + }, + { + "advisory": "Querynator updated requests to version 2.31.0 due to moderate vulnerability CVE-2024-35195.", + "cve": "CVE-2024-35195", + "id": "pyup.io-73676", + "more_info_path": "/vulnerabilities/CVE-2024-35195/73676", + "specs": [ + "<0.6.0" + ], + "v": "<0.6.0" + } + ], "quilt": [ { "advisory": "Quilt 2.9.14 updates Flask version to v.0.12.3 to include security fixes.", @@ -128383,9 +128839,9 @@ }, { "advisory": "Qutebrowser 1.12.0 Windows and macOS releases ship 'Qt' 5.15, which is based on Chromium 80.0.3987.163 with security fixes up to 81.0.4044.138.\r\n#NOTE: This vulnerability affects only users of MacOS and Windows.\r\nhttps://github.com/qutebrowser/qutebrowser/commit/2a42f3a8c27aa036f4af08ef6f3108bbe80a3bcb", - "cve": "CVE-2020-6831", - "id": "pyup.io-62670", - "more_info_path": "/vulnerabilities/CVE-2020-6831/62670", + "cve": "CVE-2020-6464", + "id": "pyup.io-38447", + "more_info_path": "/vulnerabilities/CVE-2020-6464/38447", "specs": [ "<1.12.0" ], @@ -128393,9 +128849,9 @@ }, { "advisory": "Qutebrowser 1.12.0 Windows and macOS releases ship 'Qt' 5.15, which is based on Chromium 80.0.3987.163 with security fixes up to 81.0.4044.138.\r\n#NOTE: This vulnerability affects only users of MacOS and Windows.\r\nhttps://github.com/qutebrowser/qutebrowser/commit/2a42f3a8c27aa036f4af08ef6f3108bbe80a3bcb", - "cve": "CVE-2020-6464", - "id": "pyup.io-38447", - "more_info_path": "/vulnerabilities/CVE-2020-6464/38447", + "cve": "CVE-2020-6831", + "id": "pyup.io-62670", + "more_info_path": "/vulnerabilities/CVE-2020-6831/62670", "specs": [ "<1.12.0" ], @@ -128781,46 +129237,6 @@ ], "v": "<2.0.2" }, - { - "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2019-13960", - "id": "pyup.io-48345", - "more_info_path": "/vulnerabilities/CVE-2019-13960/48345", - "specs": [ - "<2.0.2" - ], - "v": "<2.0.2" - }, - { - "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2019-19645", - "id": "pyup.io-48349", - "more_info_path": "/vulnerabilities/CVE-2019-19645/48349", - "specs": [ - "<2.0.2" - ], - "v": "<2.0.2" - }, - { - "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15208", - "id": "pyup.io-48373", - "more_info_path": "/vulnerabilities/CVE-2020-15208/48373", - "specs": [ - "<2.0.2" - ], - "v": "<2.0.2" - }, - { - "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2018-19664", - "id": "pyup.io-48342", - "more_info_path": "/vulnerabilities/CVE-2018-19664/48342", - "specs": [ - "<2.0.2" - ], - "v": "<2.0.2" - }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", "cve": "CVE-2018-11770", @@ -128841,16 +129257,6 @@ ], "v": "<2.0.2" }, - { - "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15202", - "id": "pyup.io-48367", - "more_info_path": "/vulnerabilities/CVE-2020-15202/48367", - "specs": [ - "<2.0.2" - ], - "v": "<2.0.2" - }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", "cve": "CVE-2019-5481", @@ -128871,16 +129277,6 @@ ], "v": "<2.0.2" }, - { - "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15207", - "id": "pyup.io-48372", - "more_info_path": "/vulnerabilities/CVE-2020-15207/48372", - "specs": [ - "<2.0.2" - ], - "v": "<2.0.2" - }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", "cve": "CVE-2019-19244", @@ -128901,16 +129297,6 @@ ], "v": "<2.0.2" }, - { - "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15203", - "id": "pyup.io-48368", - "more_info_path": "/vulnerabilities/CVE-2020-15203/48368", - "specs": [ - "<2.0.2" - ], - "v": "<2.0.2" - }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", "cve": "CVE-2020-15204", @@ -128991,16 +129377,6 @@ ], "v": "<2.0.2" }, - { - "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15195", - "id": "pyup.io-48366", - "more_info_path": "/vulnerabilities/CVE-2020-15195/48366", - "specs": [ - "<2.0.2" - ], - "v": "<2.0.2" - }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", "cve": "CVE-2020-11655", @@ -129053,9 +129429,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2019-5482", - "id": "pyup.io-48354", - "more_info_path": "/vulnerabilities/CVE-2019-5482/48354", + "cve": "CVE-2020-26268", + "id": "pyup.io-48381", + "more_info_path": "/vulnerabilities/CVE-2020-26268/48381", "specs": [ "<2.0.2" ], @@ -129063,9 +129439,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-26268", - "id": "pyup.io-48381", - "more_info_path": "/vulnerabilities/CVE-2020-26268/48381", + "cve": "CVE-2020-15202", + "id": "pyup.io-48367", + "more_info_path": "/vulnerabilities/CVE-2020-15202/48367", "specs": [ "<2.0.2" ], @@ -129073,9 +129449,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2018-20330", - "id": "pyup.io-48343", - "more_info_path": "/vulnerabilities/CVE-2018-20330/48343", + "cve": "CVE-2018-19664", + "id": "pyup.io-48342", + "more_info_path": "/vulnerabilities/CVE-2018-19664/48342", "specs": [ "<2.0.2" ], @@ -129083,9 +129459,49 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-5215", - "id": "pyup.io-48384", - "more_info_path": "/vulnerabilities/CVE-2020-5215/48384", + "cve": "CVE-2020-15208", + "id": "pyup.io-48373", + "more_info_path": "/vulnerabilities/CVE-2020-15208/48373", + "specs": [ + "<2.0.2" + ], + "v": "<2.0.2" + }, + { + "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", + "cve": "CVE-2019-19645", + "id": "pyup.io-48349", + "more_info_path": "/vulnerabilities/CVE-2019-19645/48349", + "specs": [ + "<2.0.2" + ], + "v": "<2.0.2" + }, + { + "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", + "cve": "CVE-2019-13960", + "id": "pyup.io-48345", + "more_info_path": "/vulnerabilities/CVE-2019-13960/48345", + "specs": [ + "<2.0.2" + ], + "v": "<2.0.2" + }, + { + "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", + "cve": "CVE-2020-13631", + "id": "pyup.io-48360", + "more_info_path": "/vulnerabilities/CVE-2020-13631/48360", + "specs": [ + "<2.0.2" + ], + "v": "<2.0.2" + }, + { + "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", + "cve": "CVE-2019-10099", + "id": "pyup.io-48344", + "more_info_path": "/vulnerabilities/CVE-2019-10099/48344", "specs": [ "<2.0.2" ], @@ -129103,9 +129519,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-14155", - "id": "pyup.io-48363", - "more_info_path": "/vulnerabilities/CVE-2020-14155/48363", + "cve": "CVE-2020-15190", + "id": "pyup.io-48364", + "more_info_path": "/vulnerabilities/CVE-2020-15190/48364", "specs": [ "<2.0.2" ], @@ -129113,9 +129529,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15211", - "id": "pyup.io-48376", - "more_info_path": "/vulnerabilities/CVE-2020-15211/48376", + "cve": "CVE-2020-15250", + "id": "pyup.io-48377", + "more_info_path": "/vulnerabilities/CVE-2020-15250/48377", "specs": [ "<2.0.2" ], @@ -129123,9 +129539,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-26267", - "id": "pyup.io-48380", - "more_info_path": "/vulnerabilities/CVE-2020-26267/48380", + "cve": "CVE-2018-17190", + "id": "pyup.io-48341", + "more_info_path": "/vulnerabilities/CVE-2018-17190/48341", "specs": [ "<2.0.2" ], @@ -129133,9 +129549,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-11656", - "id": "pyup.io-48356", - "more_info_path": "/vulnerabilities/CVE-2020-11656/48356", + "cve": "CVE-2019-5482", + "id": "pyup.io-48354", + "more_info_path": "/vulnerabilities/CVE-2019-5482/48354", "specs": [ "<2.0.2" ], @@ -129143,9 +129559,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2019-19880", - "id": "pyup.io-48351", - "more_info_path": "/vulnerabilities/CVE-2019-19880/48351", + "cve": "CVE-2020-15195", + "id": "pyup.io-48366", + "more_info_path": "/vulnerabilities/CVE-2020-15195/48366", "specs": [ "<2.0.2" ], @@ -129153,9 +129569,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15190", - "id": "pyup.io-48364", - "more_info_path": "/vulnerabilities/CVE-2020-15190/48364", + "cve": "CVE-2018-20330", + "id": "pyup.io-48343", + "more_info_path": "/vulnerabilities/CVE-2018-20330/48343", "specs": [ "<2.0.2" ], @@ -129163,9 +129579,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15210", - "id": "pyup.io-48375", - "more_info_path": "/vulnerabilities/CVE-2020-15210/48375", + "cve": "CVE-2020-15203", + "id": "pyup.io-48368", + "more_info_path": "/vulnerabilities/CVE-2020-15203/48368", "specs": [ "<2.0.2" ], @@ -129173,9 +129589,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-13630", - "id": "pyup.io-48359", - "more_info_path": "/vulnerabilities/CVE-2020-13630/48359", + "cve": "CVE-2020-15207", + "id": "pyup.io-48372", + "more_info_path": "/vulnerabilities/CVE-2020-15207/48372", "specs": [ "<2.0.2" ], @@ -129183,9 +129599,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2019-10099", - "id": "pyup.io-48344", - "more_info_path": "/vulnerabilities/CVE-2019-10099/48344", + "cve": "CVE-2020-11656", + "id": "pyup.io-48356", + "more_info_path": "/vulnerabilities/CVE-2020-11656/48356", "specs": [ "<2.0.2" ], @@ -129193,9 +129609,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-15250", - "id": "pyup.io-48377", - "more_info_path": "/vulnerabilities/CVE-2020-15250/48377", + "cve": "CVE-2020-15211", + "id": "pyup.io-48376", + "more_info_path": "/vulnerabilities/CVE-2020-15211/48376", "specs": [ "<2.0.2" ], @@ -129203,9 +129619,9 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2018-17190", - "id": "pyup.io-48341", - "more_info_path": "/vulnerabilities/CVE-2018-17190/48341", + "cve": "CVE-2020-5215", + "id": "pyup.io-48384", + "more_info_path": "/vulnerabilities/CVE-2020-5215/48384", "specs": [ "<2.0.2" ], @@ -129213,9 +129629,49 @@ }, { "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", - "cve": "CVE-2020-13631", - "id": "pyup.io-48360", - "more_info_path": "/vulnerabilities/CVE-2020-13631/48360", + "cve": "CVE-2020-26267", + "id": "pyup.io-48380", + "more_info_path": "/vulnerabilities/CVE-2020-26267/48380", + "specs": [ + "<2.0.2" + ], + "v": "<2.0.2" + }, + { + "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", + "cve": "CVE-2020-14155", + "id": "pyup.io-48363", + "more_info_path": "/vulnerabilities/CVE-2020-14155/48363", + "specs": [ + "<2.0.2" + ], + "v": "<2.0.2" + }, + { + "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", + "cve": "CVE-2020-13630", + "id": "pyup.io-48359", + "more_info_path": "/vulnerabilities/CVE-2020-13630/48359", + "specs": [ + "<2.0.2" + ], + "v": "<2.0.2" + }, + { + "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", + "cve": "CVE-2020-15210", + "id": "pyup.io-48375", + "more_info_path": "/vulnerabilities/CVE-2020-15210/48375", + "specs": [ + "<2.0.2" + ], + "v": "<2.0.2" + }, + { + "advisory": "Rapidtide 2.0.2 starts to require the 'Tensorflow' 2.4.0 or above to address security issues.", + "cve": "CVE-2019-19880", + "id": "pyup.io-48351", + "more_info_path": "/vulnerabilities/CVE-2019-19880/48351", "specs": [ "<2.0.2" ], @@ -131124,6 +131580,16 @@ ], "v": "<3.6.7" }, + { + "advisory": "Rasa 3.6.7 updates its dependency 'cryptography' to version '41.0.3' to include a fix for a DoS vulnerability.\r\nhttps://github.com/RasaHQ/rasa/pull/12768", + "cve": "CVE-2023-3817", + "id": "pyup.io-60807", + "more_info_path": "/vulnerabilities/CVE-2023-3817/60807", + "specs": [ + "<3.6.7" + ], + "v": "<3.6.7" + }, { "advisory": "Rasa 3.6.7 updates its dependency 'certifi' to version '2023.7.22' to include a fix for a vulnerability.\r\nhttps://github.com/RasaHQ/rasa/pull/12768", "cve": "CVE-2023-37920", @@ -131144,16 +131610,6 @@ ], "v": "<3.6.7" }, - { - "advisory": "Rasa 3.6.7 updates its dependency 'cryptography' to version '41.0.3' to include a fix for a DoS vulnerability.\r\nhttps://github.com/RasaHQ/rasa/pull/12768", - "cve": "CVE-2023-3817", - "id": "pyup.io-60807", - "more_info_path": "/vulnerabilities/CVE-2023-3817/60807", - "specs": [ - "<3.6.7" - ], - "v": "<3.6.7" - }, { "advisory": "Rasa 3.0.x <= 3.0.9 and <=2.8.26 require versions of TensorFlow (2.6.1/2.6.2) that have known vulnerabilities.", "cve": "CVE-2022-23584", @@ -131751,9 +132207,9 @@ }, { "advisory": "Rasa-sdk 3.6.2 updates its dependency 'wheel' to include a fix for a ReDoS vulnerability.\r\nhttps://github.com/RasaHQ/rasa-sdk/pull/1026", - "cve": "PVE-2023-60638", - "id": "pyup.io-60638", - "more_info_path": "/vulnerabilities/PVE-2023-60638/60638", + "cve": "CVE-2022-40898", + "id": "pyup.io-60643", + "more_info_path": "/vulnerabilities/CVE-2022-40898/60643", "specs": [ "<3.6.2" ], @@ -131761,9 +132217,9 @@ }, { "advisory": "Rasa-sdk 3.6.2 updates its dependency 'wheel' to include a fix for a ReDoS vulnerability.\r\nhttps://github.com/RasaHQ/rasa-sdk/pull/1026", - "cve": "CVE-2022-40898", - "id": "pyup.io-60643", - "more_info_path": "/vulnerabilities/CVE-2022-40898/60643", + "cve": "PVE-2023-60638", + "id": "pyup.io-60638", + "more_info_path": "/vulnerabilities/PVE-2023-60638/60638", "specs": [ "<3.6.2" ], @@ -131782,10 +132238,10 @@ "v": "<1.3.0" }, { - "advisory": "Rasterio 1.3.0 updates its C dependency 'hdf5' to include security fixes.\r\nhttps://github.com/rasterio/rasterio-wheels/issues/81", - "cve": "CVE-2020-10810", - "id": "pyup.io-51986", - "more_info_path": "/vulnerabilities/CVE-2020-10810/51986", + "advisory": "Rasterio 1.3.0 updates its C dependency 'json-c' to include a security fix.\r\nhttps://github.com/rasterio/rasterio-wheels/issues/81", + "cve": "CVE-2020-12762", + "id": "pyup.io-51989", + "more_info_path": "/vulnerabilities/CVE-2020-12762/51989", "specs": [ "<1.3.0" ], @@ -131793,9 +132249,9 @@ }, { "advisory": "Rasterio 1.3.0 updates its C dependency 'hdf5' to include security fixes.\r\nhttps://github.com/rasterio/rasterio-wheels/issues/81", - "cve": "CVE-2020-10809", - "id": "pyup.io-51988", - "more_info_path": "/vulnerabilities/CVE-2020-10809/51988", + "cve": "CVE-2020-10812", + "id": "pyup.io-51987", + "more_info_path": "/vulnerabilities/CVE-2020-10812/51987", "specs": [ "<1.3.0" ], @@ -131803,19 +132259,19 @@ }, { "advisory": "Rasterio 1.3.0 updates its C dependency 'hdf5' to include security fixes.\r\nhttps://github.com/rasterio/rasterio-wheels/issues/81", - "cve": "CVE-2020-10812", - "id": "pyup.io-51987", - "more_info_path": "/vulnerabilities/CVE-2020-10812/51987", + "cve": "CVE-2020-10809", + "id": "pyup.io-51988", + "more_info_path": "/vulnerabilities/CVE-2020-10809/51988", "specs": [ "<1.3.0" ], "v": "<1.3.0" }, { - "advisory": "Rasterio 1.3.0 updates its C dependency 'json-c' to include a security fix.\r\nhttps://github.com/rasterio/rasterio-wheels/issues/81", - "cve": "CVE-2020-12762", - "id": "pyup.io-51989", - "more_info_path": "/vulnerabilities/CVE-2020-12762/51989", + "advisory": "Rasterio 1.3.0 updates its C dependency 'hdf5' to include security fixes.\r\nhttps://github.com/rasterio/rasterio-wheels/issues/81", + "cve": "CVE-2020-10810", + "id": "pyup.io-51986", + "more_info_path": "/vulnerabilities/CVE-2020-10810/51986", "specs": [ "<1.3.0" ], @@ -131947,16 +132403,6 @@ ], "v": "<2.8.1" }, - { - "advisory": "Ray 2.8.1 includes a fix for CVE-2023-6020: LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication.\r\nhttps://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023", - "cve": "CVE-2023-6020", - "id": "pyup.io-62649", - "more_info_path": "/vulnerabilities/CVE-2023-6020/62649", - "specs": [ - "<2.8.1" - ], - "v": "<2.8.1" - }, { "advisory": "Ray 2.8.1 includes a fix for CVE-2023-6021: LFI in Ray's log API endpoint allows attackers to read any file on the server without authentication.\r\nhttps://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023", "cve": "CVE-2023-6021", @@ -131968,7 +132414,7 @@ "v": "<2.8.1" }, { - "advisory": "Ray 2.8.1 includes a fix for CVE-2023-48023: Anyscale Ray 2.6.3 and 2.8.0 allows /log_proxy SSRF. \r\nNOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment", + "advisory": "Ray 2.8.1 includes a fix for CVE-2023-48023: Anyscale Ray 2.6.3 and 2.8.0 allows SSRF through /log_proxy. \r\nNOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its documentation, is not intended for use outside of a strictly controlled network environment", "cve": "CVE-2023-48023", "id": "pyup.io-62651", "more_info_path": "/vulnerabilities/CVE-2023-48023/62651", @@ -131977,6 +132423,16 @@ ], "v": "<2.8.1" }, + { + "advisory": "Ray 2.8.1 includes a fix for CVE-2023-6020: LFI in Ray's /static/ directory allows attackers to read any file on the server without authentication.\r\nhttps://www.anyscale.com/blog/update-on-ray-cves-cve-2023-6019-cve-2023-6020-cve-2023-6021-cve-2023-48022-cve-2023-48023", + "cve": "CVE-2023-6020", + "id": "pyup.io-62649", + "more_info_path": "/vulnerabilities/CVE-2023-6020/62649", + "specs": [ + "<2.8.1" + ], + "v": "<2.8.1" + }, { "advisory": "Ray 2.9.0 upgrades grpc from 1.50.2 to 1.57.1 to include security patches.\r\nhttps://github.com/ray-project/ray/pull/39090", "cve": "PVE-2023-63050", @@ -132001,9 +132457,9 @@ "ray-on-aml": [ { "advisory": "Ray-on-aml 0.0.4 updates its dependency 'ray' to v1.9.1 to include security fixes.", - "cve": "CVE-2021-45046", - "id": "pyup.io-44476", - "more_info_path": "/vulnerabilities/CVE-2021-45046/44476", + "cve": "CVE-2021-44228", + "id": "pyup.io-43977", + "more_info_path": "/vulnerabilities/CVE-2021-44228/43977", "specs": [ "<0.0.4" ], @@ -132011,9 +132467,9 @@ }, { "advisory": "Ray-on-aml 0.0.4 updates its dependency 'ray' to v1.9.1 to include security fixes.", - "cve": "CVE-2021-44228", - "id": "pyup.io-43977", - "more_info_path": "/vulnerabilities/CVE-2021-44228/43977", + "cve": "CVE-2021-45046", + "id": "pyup.io-44476", + "more_info_path": "/vulnerabilities/CVE-2021-45046/44476", "specs": [ "<0.0.4" ], @@ -132223,20 +132679,20 @@ "v": ">=0,<2.4.2" }, { - "advisory": "Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2.", - "cve": "CVE-2022-3179", - "id": "pyup.io-54517", - "more_info_path": "/vulnerabilities/CVE-2022-3179/54517", + "advisory": "Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2.", + "cve": "CVE-2022-3175", + "id": "pyup.io-54515", + "more_info_path": "/vulnerabilities/CVE-2022-3175/54515", "specs": [ ">=0,<2.4.2" ], "v": ">=0,<2.4.2" }, { - "advisory": "Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2.", - "cve": "CVE-2022-3175", - "id": "pyup.io-54515", - "more_info_path": "/vulnerabilities/CVE-2022-3175/54515", + "advisory": "Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.2.", + "cve": "CVE-2022-3179", + "id": "pyup.io-54517", + "more_info_path": "/vulnerabilities/CVE-2022-3179/54517", "specs": [ ">=0,<2.4.2" ], @@ -132262,6 +132718,16 @@ ], "v": ">=0,<2.4.5" }, + { + "advisory": "In rdiffweb prior to version 2.4.6, the `cookie` session_id does not have a secure attribute when the URL is invalid. Version 2.4.6 contains a fix for the issue.", + "cve": "CVE-2022-3250", + "id": "pyup.io-54491", + "more_info_path": "/vulnerabilities/CVE-2022-3250/54491", + "specs": [ + ">=0,<2.4.6" + ], + "v": ">=0,<2.4.6" + }, { "advisory": "rdiffweb prior to 2.4.6 is vulnerable to cross-site request forgery on the repository settings. A malicious user can change the settings of a repository by sending a URL to the victim. This issue is fixed in version 2.4.6.\n\n", "cve": "CVE-2022-3267", @@ -132282,16 +132748,6 @@ ], "v": ">=0,<2.4.6" }, - { - "advisory": "In rdiffweb prior to version 2.4.6, the `cookie` session_id does not have a secure attribute when the URL is invalid. Version 2.4.6 contains a fix for the issue.", - "cve": "CVE-2022-3250", - "id": "pyup.io-54491", - "more_info_path": "/vulnerabilities/CVE-2022-3250/54491", - "specs": [ - ">=0,<2.4.6" - ], - "v": ">=0,<2.4.6" - }, { "advisory": "Session Fixation in GitHub repository ikus060/rdiffweb prior to 2.4.7.", "cve": "CVE-2022-3269", @@ -132412,16 +132868,6 @@ ], "v": ">=0,<2.5.0" }, - { - "advisory": "Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. ", - "cve": "CVE-2022-3439", - "id": "pyup.io-54521", - "more_info_path": "/vulnerabilities/CVE-2022-3439/54521", - "specs": [ - ">=0,<2.5.0" - ], - "v": ">=0,<2.5.0" - }, { "advisory": "rdiffweb prior to 2.5.0a4 allows users to set their new password to be the same as the old password during a password reset. Version 2.5.0a4 enforces a password policy in which a new password cannot be the same as the old one.", "cve": "CVE-2022-3376", @@ -132443,14 +132889,14 @@ "v": ">=0,<2.5.0" }, { - "advisory": "rdiffweb prior to 2.5.0a3 is vulnerable to Allocation of Resources Without Limits or Throttling. A lack of limit in the length of the `Token name` parameter can result in denial of service or memory corruption. Version 2.5.0a3 fixes this issue.", - "cve": "CVE-2022-3371", - "id": "pyup.io-54498", - "more_info_path": "/vulnerabilities/CVE-2022-3371/54498", + "advisory": "Allocation of Resources Without Limits or Throttling in GitHub repository ikus060/rdiffweb prior to 2.5.0. ", + "cve": "CVE-2022-3439", + "id": "pyup.io-54521", + "more_info_path": "/vulnerabilities/CVE-2022-3439/54521", "specs": [ - ">=0,<2.5.0a3" + ">=0,<2.5.0" ], - "v": ">=0,<2.5.0a3" + "v": ">=0,<2.5.0" }, { "advisory": "rdiffweb prior to 2.5.0a3 does not validate email length, allowing users to insert an email longer than 255 characters. If a user signs up with an email with a length of 1 million or more characters and logs in, withdraws, or changes their email, the server may cause denial of service due to overload. ", @@ -132462,6 +132908,16 @@ ], "v": ">=0,<2.5.0a3" }, + { + "advisory": "rdiffweb prior to 2.5.0a3 is vulnerable to Allocation of Resources Without Limits or Throttling. A lack of limit in the length of the `Token name` parameter can result in denial of service or memory corruption. Version 2.5.0a3 fixes this issue.", + "cve": "CVE-2022-3371", + "id": "pyup.io-54498", + "more_info_path": "/vulnerabilities/CVE-2022-3371/54498", + "specs": [ + ">=0,<2.5.0a3" + ], + "v": ">=0,<2.5.0a3" + }, { "advisory": "A lack of user input validation leads to an open redirect vulnerability in rdiffweb prior to 2.5.0a4.", "cve": "CVE-2022-3438", @@ -135163,7 +135619,7 @@ "v": "<2.3.0b2" }, { - "advisory": "In Roundup affected versions, classhelpers (_generic.help.html) allow XSS.", + "advisory": "In affected versions of Roundup, classhelpers (_generic.help.html) allows XSS.", "cve": "CVE-2024-39124", "id": "pyup.io-72259", "more_info_path": "/vulnerabilities/CVE-2024-39124/72259", @@ -135284,6 +135740,16 @@ ], "v": "<1.1.6" }, + { + "advisory": "Rozetka-api 1.1.6 updates its dependency 'cryptography' to version '41.0.3' to include a fix for a DoS vulnerability.\r\nhttps://github.com/ALERTua/rozetka_api/commit/ec51dcf627aa00cf67e40b89793a6b0a39615a5a", + "cve": "CVE-2023-3446", + "id": "pyup.io-60499", + "more_info_path": "/vulnerabilities/CVE-2023-3446/60499", + "specs": [ + "<1.1.6" + ], + "v": "<1.1.6" + }, { "advisory": "Rozetka-api 1.1.6 updates its dependency 'certifi' to version '2023.7.22' to include a fix for an Improper Following of a Certificate's Chain of Trust vulnerability.\r\nhttps://github.com/ALERTua/rozetka_api/commit/ec51dcf627aa00cf67e40b89793a6b0a39615a5a", "cve": "CVE-2023-37920", @@ -135313,16 +135779,6 @@ "<1.1.6" ], "v": "<1.1.6" - }, - { - "advisory": "Rozetka-api 1.1.6 updates its dependency 'cryptography' to version '41.0.3' to include a fix for a DoS vulnerability.\r\nhttps://github.com/ALERTua/rozetka_api/commit/ec51dcf627aa00cf67e40b89793a6b0a39615a5a", - "cve": "CVE-2023-3446", - "id": "pyup.io-60499", - "more_info_path": "/vulnerabilities/CVE-2023-3446/60499", - "specs": [ - "<1.1.6" - ], - "v": "<1.1.6" } ], "rpc-py": [ @@ -136116,9 +136572,9 @@ "sagemaker-pytorch-inference": [ { "advisory": "Sagemaker-pytorch-inference 1.4.1 updates its dependency 'pillow' to v7.1.0 to include security fixes.", - "cve": "CVE-2020-5310", - "id": "pyup.io-45793", - "more_info_path": "/vulnerabilities/CVE-2020-5310/45793", + "cve": "CVE-2019-19911", + "id": "pyup.io-45797", + "more_info_path": "/vulnerabilities/CVE-2019-19911/45797", "specs": [ "<1.4.1" ], @@ -136126,9 +136582,9 @@ }, { "advisory": "Sagemaker-pytorch-inference 1.4.1 updates its dependency 'pillow' to v7.1.0 to include security fixes.", - "cve": "CVE-2019-19911", - "id": "pyup.io-45797", - "more_info_path": "/vulnerabilities/CVE-2019-19911/45797", + "cve": "CVE-2020-5310", + "id": "pyup.io-45793", + "more_info_path": "/vulnerabilities/CVE-2020-5310/45793", "specs": [ "<1.4.1" ], @@ -136920,6 +137376,16 @@ ], "v": "<3006.7" }, + { + "advisory": "Salt version 3006.8 upgrades its cryptography dependency to version 42.0.5 to address several security issues, including CVE-2024-0727.", + "cve": "CVE-2024-0727", + "id": "pyup.io-71143", + "more_info_path": "/vulnerabilities/CVE-2024-0727/71143", + "specs": [ + "<3006.8" + ], + "v": "<3006.8" + }, { "advisory": "Salt version 3006.8 updates its 'idna' dependency to version 3.7 to address the security vulnerability identified as CVE-2024-3651.", "cve": "CVE-2024-3651", @@ -136950,16 +137416,6 @@ ], "v": "<3006.8" }, - { - "advisory": "Salt version 3006.8 upgrades its cryptography dependency to version 42.0.5 to address several security issues, including CVE-2024-0727.", - "cve": "CVE-2024-0727", - "id": "pyup.io-71143", - "more_info_path": "/vulnerabilities/CVE-2024-0727/71143", - "specs": [ - "<3006.8" - ], - "v": "<3006.8" - }, { "advisory": "Salt version 3006.8 updates its aiohttp dependency to version 3.9.4 to address the security vulnerability identified as CVE-2024-27306.", "cve": "CVE-2024-27306", @@ -137799,16 +138255,6 @@ ], "v": "<21.2.9" }, - { - "advisory": "Scancode-toolkit 21.3.30 updates its dependency 'urllib3' to v1.26.4 to include a security fix.", - "cve": "CVE-2021-28363", - "id": "pyup.io-48441", - "more_info_path": "/vulnerabilities/CVE-2021-28363/48441", - "specs": [ - "<21.3.30" - ], - "v": "<21.3.30" - }, { "advisory": "Scancode-toolkit 21.3.30 updates its dependency 'pyyaml' to v5.4.1 to include security fixes.", "cve": "CVE-2017-18342", @@ -137839,6 +138285,16 @@ ], "v": "<21.3.30" }, + { + "advisory": "Scancode-toolkit 21.3.30 updates its dependency 'urllib3' to v1.26.4 to include a security fix.", + "cve": "CVE-2021-28363", + "id": "pyup.io-48441", + "more_info_path": "/vulnerabilities/CVE-2021-28363/48441", + "specs": [ + "<21.3.30" + ], + "v": "<21.3.30" + }, { "advisory": "Scancode-toolkit 21.6.7 updates its dependency 'nltk' to v3.6.2 to include a security fix.", "cve": "CVE-2019-14751", @@ -137881,9 +138337,9 @@ }, { "advisory": "Scancode-toolkit 21.6.7 updates its dependency 'jinja2' to v3.0.1 to include security fixes.", - "cve": "CVE-2020-28493", - "id": "pyup.io-48446", - "more_info_path": "/vulnerabilities/CVE-2020-28493/48446", + "cve": "CVE-2019-10906", + "id": "pyup.io-48445", + "more_info_path": "/vulnerabilities/CVE-2019-10906/48445", "specs": [ "<21.6.7" ], @@ -137901,9 +138357,9 @@ }, { "advisory": "Scancode-toolkit 21.6.7 updates its dependency 'jinja2' to v3.0.1 to include security fixes.", - "cve": "CVE-2019-10906", - "id": "pyup.io-48445", - "more_info_path": "/vulnerabilities/CVE-2019-10906/48445", + "cve": "CVE-2020-28493", + "id": "pyup.io-48446", + "more_info_path": "/vulnerabilities/CVE-2020-28493/48446", "specs": [ "<21.6.7" ], @@ -137962,7 +138418,7 @@ "v": "<34.4.0" }, { - "advisory": "ScanCodeIO upgrades Django to 5.1.1 and related dependencies for CVE-2024-45230.", + "advisory": "ScanCodeIO 34.8.1 upgrades Django to 5.1.1 and related dependencies for CVE-2024-45230.", "cve": "CVE-2024-45230", "id": "pyup.io-73075", "more_info_path": "/vulnerabilities/CVE-2024-45230/73075", @@ -137972,7 +138428,7 @@ "v": "<34.8.1" }, { - "advisory": "ScanCodeIO upgrades Django to 5.1.1 and related dependencies for CVE-2024-45231.", + "advisory": "ScanCodeIO 34.8.1 upgrades Django to 5.1.1 and related dependencies for CVE-2024-45231.", "cve": "CVE-2024-45231", "id": "pyup.io-73081", "more_info_path": "/vulnerabilities/CVE-2024-45231/73081", @@ -138042,20 +138498,20 @@ "v": "<2.3.0" }, { - "advisory": "Sceptre 3.3.0 updates its dependency 'setuptools' to v65.5.1 to include a security fix.", - "cve": "CVE-2022-40897", - "id": "pyup.io-53273", - "more_info_path": "/vulnerabilities/CVE-2022-40897/53273", + "advisory": "Sceptre 3.3.0 updates its dependency 'wheel' to v0.38.1 to include a security fix.", + "cve": "CVE-2022-40898", + "id": "pyup.io-53270", + "more_info_path": "/vulnerabilities/CVE-2022-40898/53270", "specs": [ "<3.3.0" ], "v": "<3.3.0" }, { - "advisory": "Sceptre 3.3.0 updates its dependency 'wheel' to v0.38.1 to include a security fix.", - "cve": "CVE-2022-40898", - "id": "pyup.io-53270", - "more_info_path": "/vulnerabilities/CVE-2022-40898/53270", + "advisory": "Sceptre 3.3.0 updates its dependency 'setuptools' to v65.5.1 to include a security fix.", + "cve": "CVE-2022-40897", + "id": "pyup.io-53273", + "more_info_path": "/vulnerabilities/CVE-2022-40897/53273", "specs": [ "<3.3.0" ], @@ -138142,7 +138598,7 @@ "v": "<1.1.0rc1" }, { - "advisory": "A sensitive data leakage vulnerability was identified in scikit-learn's TfidfVectorizer affected versions. The vulnerability arises from the unexpected storage of all tokens present in the training data within the `stop_words_` attribute, rather than only storing the subset of tokens required for the TF-IDF technique to function. This behavior leads to the potential leakage of sensitive information, as the `stop_words_` attribute could contain tokens that were meant to be discarded and not stored, such as passwords or keys. The impact of this vulnerability varies based on the nature of the data being processed by the vectorizer.", + "advisory": "A sensitive data leakage vulnerability was identified in affected versions of scikit-learn TfidfVectorizer. The vulnerability arises from the unexpected storage of all tokens present in the training data within the `stop_words_` attribute, rather than only storing the subset of tokens required for the TF-IDF technique to function. This behavior leads to the potential leakage of sensitive information, as the `stop_words_` attribute could contain tokens that were meant to be discarded and not stored, such as passwords or keys. The impact of this vulnerability varies based on the nature of the data being processed by the vectorizer.", "cve": "CVE-2024-5206", "id": "pyup.io-71596", "more_info_path": "/vulnerabilities/CVE-2024-5206/71596", @@ -138258,20 +138714,20 @@ ], "scout-browser": [ { - "advisory": "Scout is a Variant Call Format (VCF) visualization interface. The Pypi package `scout-browser` is vulnerable to path traversal due to `send_file` call in versions prior to 4.52.", - "cve": "CVE-2022-1554", - "id": "pyup.io-54438", - "more_info_path": "/vulnerabilities/CVE-2022-1554/54438", + "advisory": "Pypi package scout-browser (GitHub repository clinical-genomics/scout) prior to v4.52 is vulnerable to server-side request forgery. An attacker could make the application perform arbitrary requests to steal cookies, request access to private areas, or lead to cross-site scripting.", + "cve": "CVE-2022-1592", + "id": "pyup.io-53953", + "more_info_path": "/vulnerabilities/CVE-2022-1592/53953", "specs": [ ">=0,<4.52" ], "v": ">=0,<4.52" }, { - "advisory": "Pypi package scout-browser (GitHub repository clinical-genomics/scout) prior to v4.52 is vulnerable to server-side request forgery. An attacker could make the application perform arbitrary requests to steal cookies, request access to private areas, or lead to cross-site scripting.", - "cve": "CVE-2022-1592", - "id": "pyup.io-53953", - "more_info_path": "/vulnerabilities/CVE-2022-1592/53953", + "advisory": "Scout is a Variant Call Format (VCF) visualization interface. The Pypi package `scout-browser` is vulnerable to path traversal due to `send_file` call in versions prior to 4.52.", + "cve": "CVE-2022-1554", + "id": "pyup.io-54438", + "more_info_path": "/vulnerabilities/CVE-2022-1554/54438", "specs": [ ">=0,<4.52" ], @@ -138529,6 +138985,18 @@ "v": ">=0,<0.8.0" } ], + "scrapy-zyte-api": [ + { + "advisory": "Affected versions of scrapy-zyte-api are vulnerable to a Race Condition leading to Uncontrolled Resource Consumption (CWE-400). This vulnerability allows the crawler to exceed the configured maximum number of Zyte API requests due to inconsistent tracking under concurrent conditions. An attacker could exploit this by rapidly sending multiple requests, potentially leading to higher resource usage or unexpected costs. The vulnerability exists in the _max_requests_reached method of scrapy_zyte_api/_middlewares.py. Users should update to the version which fixes the issue by implementing an atomic request counter.", + "cve": "PVE-2024-73843", + "id": "pyup.io-73843", + "more_info_path": "/vulnerabilities/PVE-2024-73843/73843", + "specs": [ + "<0.25.0" + ], + "v": "<0.25.0" + } + ], "scrapydd": [ { "advisory": "Scrapydd 0.6.3 enhances the security by adding protection against cross-site request forgery.", @@ -140052,20 +140520,20 @@ "v": "<0.7.18b5" }, { - "advisory": "Secretflow 0.7.18b5 updates its dependency 'protobuf' to v3.19.6 to include a security fix.", - "cve": "CVE-2022-1941", - "id": "pyup.io-53872", - "more_info_path": "/vulnerabilities/CVE-2022-1941/53872", + "advisory": "Secretflow 0.7.18b5 requires 'onnx' v1.13.1 to include a security fix.", + "cve": "CVE-2022-25882", + "id": "pyup.io-53784", + "more_info_path": "/vulnerabilities/CVE-2022-25882/53784", "specs": [ "<0.7.18b5" ], "v": "<0.7.18b5" }, { - "advisory": "Secretflow 0.7.18b5 requires 'onnx' v1.13.1 to include a security fix.", - "cve": "CVE-2022-25882", - "id": "pyup.io-53784", - "more_info_path": "/vulnerabilities/CVE-2022-25882/53784", + "advisory": "Secretflow 0.7.18b5 updates its dependency 'protobuf' to v3.19.6 to include a security fix.", + "cve": "CVE-2022-1941", + "id": "pyup.io-53872", + "more_info_path": "/vulnerabilities/CVE-2022-1941/53872", "specs": [ "<0.7.18b5" ], @@ -143525,16 +143993,6 @@ ], "v": "<1.2.0a0" }, - { - "advisory": "Sleap 1.2.0a0 updates its dependency 'TensorFlow' to v2.7.0 to include security fixes.", - "cve": "CVE-2021-29544", - "id": "pyup.io-46128", - "more_info_path": "/vulnerabilities/CVE-2021-29544/46128", - "specs": [ - "<1.2.0a0" - ], - "v": "<1.2.0a0" - }, { "advisory": "Sleap 1.2.0a0 updates its dependency 'TensorFlow' to v2.7.0 to include security fixes.", "cve": "CVE-2020-8284", @@ -144555,6 +145013,16 @@ ], "v": "<1.2.0a0" }, + { + "advisory": "Sleap 1.2.0a0 updates its dependency 'TensorFlow' to v2.7.0 to include security fixes.", + "cve": "CVE-2021-29544", + "id": "pyup.io-46128", + "more_info_path": "/vulnerabilities/CVE-2021-29544/46128", + "specs": [ + "<1.2.0a0" + ], + "v": "<1.2.0a0" + }, { "advisory": "Sleap 1.2.0a6 requires Tensorflow v2.6.3 to include security fixes.", "cve": "CVE-2022-23571", @@ -145634,6 +146102,18 @@ "v": "<0.4.0" } ], + "snowflake-cli": [ + { + "advisory": "Affected versions of the Snowflake CLI package are vulnerable to an Information Exposure vulnerability (CWE-200). This vulnerability results in plaintext passwords being displayed when users execute the snow connection list command, potentially exposing sensitive credentials to unauthorized individuals. The issue resides in the list_connections function, which fails to mask or omit the password field in the connection parameters. Attackers or unauthorized users with access to the command output could exploit this to gain unauthorized access to Snowflake accounts. To mitigate this issue, users should update to the latest version where passwords are properly masked, and ensure that command outputs containing sensitive information are not shared or logged.", + "cve": "PVE-2024-73612", + "id": "pyup.io-73612", + "more_info_path": "/vulnerabilities/PVE-2024-73612/73612", + "specs": [ + "<2.1.1" + ], + "v": "<2.1.1" + } + ], "snowflake-connector-python": [ { "advisory": "Snowflake-connector-python 2.8.2 includes a fix for CVE-2022-42965: An exponential ReDoS (Regular Expression Denial of Service) can be triggered in the snowflake-connector-python PyPI package, when an attacker is able to supply arbitrary input to the undocumented get_file_transfer_type method.", @@ -145654,6 +146134,16 @@ "<3.0.2" ], "v": "<3.0.2" + }, + { + "advisory": "Affected versions of Snowflake Connector for Python are vulnerable to Sensitive Information Exposure (CWE-532). The connector was logging sensitive authentication data including tokens, private keys, and credentials in debug logs. An attacker with access to log files could extract authentication tokens, private keys, and other sensitive data. The vulnerability exists in the Auth class logging functionality and insufficient secret detection patterns. This is exploitable wherever debug logging is enabled. The issue affects _auth.py and secret_detector.py modules, which failed to properly mask all sensitive data formats. To remediate, upgrade to the latest version, which implements stricter logging controls and improved secret detection patterns. Organizations should also rotate any credentials that may have been logged in debug output.", + "cve": "CVE-2024-49750", + "id": "pyup.io-73970", + "more_info_path": "/vulnerabilities/CVE-2024-49750/73970", + "specs": [ + "<3.12.3" + ], + "v": "<3.12.3" } ], "snudown": [ @@ -145679,16 +146169,6 @@ ], "v": "<0.4.2" }, - { - "advisory": "Snyk-tags version 2.2.4 updates its dependency on the cryptography library to version 42.0.4. This change is made to address the security issue identified as CVE-2023-6237.", - "cve": "CVE-2023-6237", - "id": "pyup.io-67577", - "more_info_path": "/vulnerabilities/CVE-2023-6237/67577", - "specs": [ - "<2.2.4" - ], - "v": "<2.2.4" - }, { "advisory": "Snyk-tags version 2.2.4 updates its dependency on the cryptography library to version 42.0.4. This change is made to address the security issue identified as CVE-2023-5363.", "cve": "CVE-2023-5363", @@ -145729,6 +146209,16 @@ ], "v": "<2.2.4" }, + { + "advisory": "Snyk-tags version 2.2.4 updates its dependency on the cryptography library to version 42.0.4. This change is made to address the security issue identified as CVE-2023-6237.", + "cve": "CVE-2023-6237", + "id": "pyup.io-67577", + "more_info_path": "/vulnerabilities/CVE-2023-6237/67577", + "specs": [ + "<2.2.4" + ], + "v": "<2.2.4" + }, { "advisory": "Snyk-tags version 2.2.4 updates its dependency on the cryptography library to version 42.0.4. This change is made to address the security issue identified as CVE-2024-0727.", "cve": "CVE-2024-0727", @@ -146723,20 +147213,20 @@ "v": "<3.0.4" }, { - "advisory": "Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring.\r\nhttps://github.com/sphinx-doc/sphinx/issues/8172\r\nhttps://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417", - "cve": "PVE-2023-59910", - "id": "pyup.io-59910", - "more_info_path": "/vulnerabilities/PVE-2023-59910/59910", + "advisory": "Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory.\r\nhttps://github.com/sphinx-doc/sphinx/issues/8175\r\nhttps://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2", + "cve": "PVE-2023-59925", + "id": "pyup.io-59925", + "more_info_path": "/vulnerabilities/PVE-2023-59925/59925", "specs": [ "<3.3.0" ], "v": "<3.3.0" }, { - "advisory": "Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in inventory.\r\nhttps://github.com/sphinx-doc/sphinx/issues/8175\r\nhttps://github.com/sphinx-doc/sphinx/commit/f7b872e673f9b359a61fd287a7338a28077840d2", - "cve": "PVE-2023-59925", - "id": "pyup.io-59925", - "more_info_path": "/vulnerabilities/PVE-2023-59925/59925", + "advisory": "Sphinx 3.3.0 includes a fix for a ReDoS vulnerability in docstring.\r\nhttps://github.com/sphinx-doc/sphinx/issues/8172\r\nhttps://github.com/sphinx-doc/sphinx/commit/f00e75278c5999f40b214d8934357fbf0e705417", + "cve": "PVE-2023-59910", + "id": "pyup.io-59910", + "more_info_path": "/vulnerabilities/PVE-2023-59910/59910", "specs": [ "<3.3.0" ], @@ -147571,6 +148061,16 @@ ], "v": "<0.25.0" }, + { + "advisory": "Affected versions of the Starlette framework are vulnerable to Denial of Service (DoS) attacks due to the lack of restrictions on multipart part sizes. The vulnerability resides in the MultiPartParser class, which previously did not enforce size limits on incoming data. This issue is mitigated by introducing a max_part_size constraint and raises exceptions when limits are exceeded.", + "cve": "CVE-2024-47874", + "id": "pyup.io-73725", + "more_info_path": "/vulnerabilities/CVE-2024-47874/73725", + "specs": [ + "<0.40.0" + ], + "v": "<0.40.0" + }, { "advisory": "When using form data, `python-multipart` employs a Regular Expression to parse the HTTP `Content-Type` header. This creates a vulnerability where an attacker can send a specially crafted `Content-Type` option, causing significant CPU resource consumption and indefinitely stalling the server by locking the main event loop, rendering the server unable to process further requests. This issue particularly affects FastAPI servers parsing form data, leading to a Denial of Service (DoS) condition when the number of malicious requests exceeds the number of available server workers. However, this vulnerability does not impact the processing of JSON data through the `/submit_json` endpoint. It is specific to a defined set of versions of FastAPI and `python-multipart` when handling form data.", "cve": "PVE-2024-68094", @@ -147896,20 +148396,20 @@ "v": "<0.193.0" }, { - "advisory": "Affected versions of Strawberry GraphQL are vulnerable to CWE-434: Unrestricted Upload of File with Dangerous Type and CWE-352: Cross-Site Request Forgery (CSRF). These issues allow attackers to upload malicious files or execute unauthorized actions through CSRF attacks. Multipart uploads were enabled by default, and CSRF protection was disabled for Django views. Exploitation involves submitting harmful files or crafting requests to bypass CSRF protections. Users should upgrade to the where multipart uploads are disabled by default, and CSRF protection is enforced, mitigating both vulnerabilities.", - "cve": "PVE-2024-73381", - "id": "pyup.io-73381", - "more_info_path": "/vulnerabilities/PVE-2024-73381/73381", + "advisory": "Affected versions of strawberry-graphql are vulnerable to Cross-Site Request Forgery (CSRF) and insufficient security in multipart file uploads. CSRF attacks allow unauthorized actions to be performed on behalf of authenticated users due to the implicit CSRF exemption in Strawberry\u2019s Django integration. Additionally, multipart uploads were enabled by default without proper security controls, making them susceptible to malicious file uploads. These issues are resolved by requiring explicit opt-in for multipart uploads and enforcing CSRF protection.", + "cve": "CVE-2024-47082", + "id": "pyup.io-73495", + "more_info_path": "/vulnerabilities/CVE-2024-47082/73495", "specs": [ "<0.243.0" ], "v": "<0.243.0" }, { - "advisory": "Affected versions of strawberry-graphql are vulnerable to Cross-Site Request Forgery (CSRF) and insufficient security in multipart file uploads. CSRF attacks allow unauthorized actions to be performed on behalf of authenticated users due to the implicit CSRF exemption in Strawberry\u2019s Django integration. Additionally, multipart uploads were enabled by default without proper security controls, making them susceptible to malicious file uploads. These issues are resolved by requiring explicit opt-in for multipart uploads and enforcing CSRF protection.", - "cve": "CVE-2024-47082", - "id": "pyup.io-73495", - "more_info_path": "/vulnerabilities/CVE-2024-47082/73495", + "advisory": "Affected versions of Strawberry GraphQL are vulnerable to CWE-434: Unrestricted Upload of File with Dangerous Type and CWE-352: Cross-Site Request Forgery (CSRF). These issues allow attackers to upload malicious files or execute unauthorized actions through CSRF attacks. Multipart uploads were enabled by default, and CSRF protection was disabled for Django views. Exploitation involves submitting harmful files or crafting requests to bypass CSRF protections. Users should upgrade to the where multipart uploads are disabled by default, and CSRF protection is enforced, mitigating both vulnerabilities.", + "cve": "PVE-2024-73381", + "id": "pyup.io-73381", + "more_info_path": "/vulnerabilities/PVE-2024-73381/73381", "specs": [ "<0.243.0" ], @@ -147952,20 +148452,20 @@ ], "streamlink": [ { - "advisory": "Streamlink 5.3.0 fixes a race condition that was present in the DASH stream implementation, where queued segments were being downloaded even after the stream had been closed. This was addressed by ensuring that the downloading of segments is properly stopped when a stream is closed, preventing unnecessary network traffic and potential errors.\r\nhttps://github.com/streamlink/streamlink/commit/498efd523c10672d3c2224b71bb513e0907bbe6e", - "cve": "PVE-2024-64310", - "id": "pyup.io-64310", - "more_info_path": "/vulnerabilities/PVE-2024-64310/64310", + "advisory": "Streamlink 5.3.0 fixes a race condition that affected the proper closure and data flushing of substreams when being muxed using FFMPEG. The issue arose from the incorrect handling of substream buffers, which could result in missing data if the buffers weren't fully drained before the stream was closed. \r\nhttps://github.com/streamlink/streamlink/commit/546386208cf620e7dd90e400f953e0442ca3976d", + "cve": "PVE-2024-64212", + "id": "pyup.io-64212", + "more_info_path": "/vulnerabilities/PVE-2024-64212/64212", "specs": [ "<5.3.0" ], "v": "<5.3.0" }, { - "advisory": "Streamlink 5.3.0 fixes a race condition that affected the proper closure and data flushing of substreams when being muxed using FFMPEG. The issue arose from the incorrect handling of substream buffers, which could result in missing data if the buffers weren't fully drained before the stream was closed. \r\nhttps://github.com/streamlink/streamlink/commit/546386208cf620e7dd90e400f953e0442ca3976d", - "cve": "PVE-2024-64212", - "id": "pyup.io-64212", - "more_info_path": "/vulnerabilities/PVE-2024-64212/64212", + "advisory": "Streamlink 5.3.0 fixes a race condition that was present in the DASH stream implementation, where queued segments were being downloaded even after the stream had been closed. This was addressed by ensuring that the downloading of segments is properly stopped when a stream is closed, preventing unnecessary network traffic and potential errors.\r\nhttps://github.com/streamlink/streamlink/commit/498efd523c10672d3c2224b71bb513e0907bbe6e", + "cve": "PVE-2024-64310", + "id": "pyup.io-64310", + "more_info_path": "/vulnerabilities/PVE-2024-64310/64310", "specs": [ "<5.3.0" ], @@ -148927,9 +149427,9 @@ }, { "advisory": "Sw360 1.3.1 updates its dependency 'urllib3' to v1.26.18 to include security fixes.", - "cve": "CVE-2023-45803", - "id": "pyup.io-62270", - "more_info_path": "/vulnerabilities/CVE-2023-45803/62270", + "cve": "CVE-2023-43804", + "id": "pyup.io-62267", + "more_info_path": "/vulnerabilities/CVE-2023-43804/62267", "specs": [ "<1.3.1" ], @@ -148937,9 +149437,9 @@ }, { "advisory": "Sw360 1.3.1 updates its dependency 'urllib3' to v1.26.18 to include security fixes.", - "cve": "CVE-2023-43804", - "id": "pyup.io-62267", - "more_info_path": "/vulnerabilities/CVE-2023-43804/62267", + "cve": "CVE-2023-45803", + "id": "pyup.io-62270", + "more_info_path": "/vulnerabilities/CVE-2023-45803/62270", "specs": [ "<1.3.1" ], @@ -149214,40 +149714,40 @@ "v": "<0.8.2b40" }, { - "advisory": "Syft 0.8.4b4 updates its dependency 'pygments' to 2.15.0 to include a security fix on the CVE-2021-27291.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", - "cve": "CVE-2021-27291", - "id": "pyup.io-63097", - "more_info_path": "/vulnerabilities/CVE-2021-27291/63097", + "advisory": "Syft 0.8.4b4 updates its dependency 'certifi' to 2023.7.22 to include a security fix on the CVE-2023-37920.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", + "cve": "CVE-2023-37920", + "id": "pyup.io-63096", + "more_info_path": "/vulnerabilities/CVE-2023-37920/63096", "specs": [ "<0.8.4b4" ], "v": "<0.8.4b4" }, { - "advisory": "Syft 0.8.4b4 updates its dependency 'sphinx' to 3.3.0 to include a security fix on the CVE-2020-11023.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", - "cve": "CVE-2020-11023", - "id": "pyup.io-63101", - "more_info_path": "/vulnerabilities/CVE-2020-11023/63101", + "advisory": "Syft 0.8.4b4 updates its dependency 'pygments' to 2.15.0 to include a security fix on the CVE-2021-20270.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", + "cve": "CVE-2021-20270", + "id": "pyup.io-63098", + "more_info_path": "/vulnerabilities/CVE-2021-20270/63098", "specs": [ "<0.8.4b4" ], "v": "<0.8.4b4" }, { - "advisory": "Syft 0.8.4b4 updates its dependency 'pygments' to 2.15.0 to include a security fix on the CVE-2021-20270.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", - "cve": "CVE-2021-20270", - "id": "pyup.io-63098", - "more_info_path": "/vulnerabilities/CVE-2021-20270/63098", + "advisory": "Syft 0.8.4b4 updates its dependency 'sphinx' to 3.3.0 to include a security fix on the CVE-2020-11023.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", + "cve": "CVE-2020-11023", + "id": "pyup.io-63101", + "more_info_path": "/vulnerabilities/CVE-2020-11023/63101", "specs": [ "<0.8.4b4" ], "v": "<0.8.4b4" }, { - "advisory": "Syft 0.8.4b4 updates its dependency 'certifi' to 2023.7.22 to include a security fix on the CVE-2023-37920.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", - "cve": "CVE-2023-37920", - "id": "pyup.io-63096", - "more_info_path": "/vulnerabilities/CVE-2023-37920/63096", + "advisory": "Syft 0.8.4b4 updates its dependency 'requests' to 2.31.0 to include a security fix on the CVE-2023-32681.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", + "cve": "CVE-2023-32681", + "id": "pyup.io-63100", + "more_info_path": "/vulnerabilities/CVE-2023-32681/63100", "specs": [ "<0.8.4b4" ], @@ -149264,20 +149764,20 @@ "v": "<0.8.4b4" }, { - "advisory": "Syft 0.8.4b4 updates its dependency 'certifi' to 2023.7.22 to include a security fix on the CVE-2022-23491.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", - "cve": "CVE-2022-23491", - "id": "pyup.io-63086", - "more_info_path": "/vulnerabilities/CVE-2022-23491/63086", + "advisory": "Syft 0.8.4b4 updates its dependency 'pygments' to 2.15.0 to include a security fix on the CVE-2021-27291.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", + "cve": "CVE-2021-27291", + "id": "pyup.io-63097", + "more_info_path": "/vulnerabilities/CVE-2021-27291/63097", "specs": [ "<0.8.4b4" ], "v": "<0.8.4b4" }, { - "advisory": "Syft 0.8.4b4 updates its dependency 'requests' to 2.31.0 to include a security fix on the CVE-2023-32681.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", - "cve": "CVE-2023-32681", - "id": "pyup.io-63100", - "more_info_path": "/vulnerabilities/CVE-2023-32681/63100", + "advisory": "Syft 0.8.4b4 updates its dependency 'certifi' to 2023.7.22 to include a security fix on the CVE-2022-23491.\r\nhttps://github.com/OpenMined/PySyft/pull/8356", + "cve": "CVE-2022-23491", + "id": "pyup.io-63086", + "more_info_path": "/vulnerabilities/CVE-2022-23491/63086", "specs": [ "<0.8.4b4" ], @@ -149568,9 +150068,9 @@ }, { "advisory": "Synapseml 0.9.0 updates its dependency 'openjdk' to include several security fixes.\r\nhttps://github.com/microsoft/SynapseML/commit/de4b47b8b6643575eb8dec470dec0dadfd1d836b", - "cve": "CVE-2019-3843", - "id": "pyup.io-54957", - "more_info_path": "/vulnerabilities/CVE-2019-3843/54957", + "cve": "CVE-2020-1967", + "id": "pyup.io-54958", + "more_info_path": "/vulnerabilities/CVE-2020-1967/54958", "specs": [ "<0.9.0" ], @@ -149588,9 +150088,9 @@ }, { "advisory": "Synapseml 0.9.0 updates its dependency 'openjdk' to include several security fixes.\r\nhttps://github.com/microsoft/SynapseML/commit/de4b47b8b6643575eb8dec470dec0dadfd1d836b", - "cve": "CVE-2020-1967", - "id": "pyup.io-54958", - "more_info_path": "/vulnerabilities/CVE-2020-1967/54958", + "cve": "CVE-2019-8457", + "id": "pyup.io-54960", + "more_info_path": "/vulnerabilities/CVE-2019-8457/54960", "specs": [ "<0.9.0" ], @@ -149598,9 +150098,9 @@ }, { "advisory": "Synapseml 0.9.0 updates its dependency 'openjdk' to include several security fixes.\r\nhttps://github.com/microsoft/SynapseML/commit/de4b47b8b6643575eb8dec470dec0dadfd1d836b", - "cve": "CVE-2019-3844", - "id": "pyup.io-54956", - "more_info_path": "/vulnerabilities/CVE-2019-3844/54956", + "cve": "CVE-2019-3843", + "id": "pyup.io-54957", + "more_info_path": "/vulnerabilities/CVE-2019-3843/54957", "specs": [ "<0.9.0" ], @@ -149608,9 +150108,9 @@ }, { "advisory": "Synapseml 0.9.0 updates its dependency 'openjdk' to include several security fixes.\r\nhttps://github.com/microsoft/SynapseML/commit/de4b47b8b6643575eb8dec470dec0dadfd1d836b", - "cve": "CVE-2019-8457", - "id": "pyup.io-54960", - "more_info_path": "/vulnerabilities/CVE-2019-8457/54960", + "cve": "CVE-2019-3844", + "id": "pyup.io-54956", + "more_info_path": "/vulnerabilities/CVE-2019-3844/54956", "specs": [ "<0.9.0" ], @@ -149629,20 +150129,20 @@ "v": "<0.5.0" }, { - "advisory": "Syngen version 0.7.16 upgrades its mlflow dependency to version 2.10.* from 2.9.2 in response to the security vulnerability CVE-2023-50447.", - "cve": "CVE-2023-50447", - "id": "pyup.io-67145", - "more_info_path": "/vulnerabilities/CVE-2023-50447/67145", + "advisory": "Syngen version 0.7.16 upgrades its mlflow dependency to version 2.10.* from 2.9.2 in response to the security vulnerability CVE-2023-6977.", + "cve": "CVE-2023-6977", + "id": "pyup.io-67017", + "more_info_path": "/vulnerabilities/CVE-2023-6977/67017", "specs": [ "<0.7.16" ], "v": "<0.7.16" }, { - "advisory": "Syngen version 0.7.16 upgrades its mlflow dependency to version 2.10.* from 2.9.2 in response to the security vulnerability CVE-2023-6977.", - "cve": "CVE-2023-6977", - "id": "pyup.io-67017", - "more_info_path": "/vulnerabilities/CVE-2023-6977/67017", + "advisory": "Syngen version 0.7.16 upgrades its mlflow dependency to version 2.10.* from 2.9.2 in response to the security vulnerability CVE-2023-50447.", + "cve": "CVE-2023-50447", + "id": "pyup.io-67145", + "more_info_path": "/vulnerabilities/CVE-2023-50447/67145", "specs": [ "<0.7.16" ], @@ -149787,6 +150287,18 @@ "v": ">=0.10.0,<0.11.5" } ], + "taegis-magic": [ + { + "advisory": "Affected versions of taegis_magic are vulnerable to Exposure of Sensitive Information (CWE-200). The use of inspect.currentframe().f_locals in the search function may expose sensitive internal variables such as tenant IDs, regions, or other private data, depending on the local context in which the function is called. This vulnerability could be exploited by unauthorized actors through improper access control, particularly in multi-tenant environments. Mitigation involves replacing f_locals with an explicit dictionary to ensure that only necessary arguments are passed.", + "cve": "PVE-2024-73625", + "id": "pyup.io-73625", + "more_info_path": "/vulnerabilities/PVE-2024-73625/73625", + "specs": [ + "<2024.10.08" + ], + "v": "<2024.10.08" + } + ], "tagmark": [ { "advisory": "Tagmark 0.2.0 updates its dependency 'requests' to v2.31.0 to include a security fix.", @@ -150001,20 +150513,20 @@ "v": "<1.3.2" }, { - "advisory": "Tap-rest-api-msdk 1.3.2 updates its dependency 'cryptography' to version '41.0.3' to include a fix for a Denial of Service vulnerability.", - "cve": "CVE-2023-3446", - "id": "pyup.io-60221", - "more_info_path": "/vulnerabilities/CVE-2023-3446/60221", + "advisory": "Tap-rest-api-msdk 1.3.2 updates its dependency 'cryptography' to version '41.0.3' to include a fix for an Insufficient Verification of Data Authenticity vulnerability.", + "cve": "CVE-2023-2975", + "id": "pyup.io-60222", + "more_info_path": "/vulnerabilities/CVE-2023-2975/60222", "specs": [ "<1.3.2" ], "v": "<1.3.2" }, { - "advisory": "Tap-rest-api-msdk 1.3.2 updates its dependency 'cryptography' to version '41.0.3' to include a fix for an Insufficient Verification of Data Authenticity vulnerability.", - "cve": "CVE-2023-2975", - "id": "pyup.io-60222", - "more_info_path": "/vulnerabilities/CVE-2023-2975/60222", + "advisory": "Tap-rest-api-msdk 1.3.2 updates its dependency 'cryptography' to version '41.0.3' to include a fix for a Denial of Service vulnerability.", + "cve": "CVE-2023-3446", + "id": "pyup.io-60221", + "more_info_path": "/vulnerabilities/CVE-2023-3446/60221", "specs": [ "<1.3.2" ], @@ -150347,7 +150859,7 @@ ], "templated-dictionary": [ { - "advisory": "The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.", + "advisory": "Templated-dictionary contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.", "cve": "CVE-2023-6395", "id": "pyup.io-65397", "more_info_path": "/vulnerabilities/CVE-2023-6395/65397", @@ -150799,10 +151311,10 @@ "v": "<1.15.0rc0" }, { - "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"Apache Spark\" to handle CVE-2018-17190.", - "cve": "CVE-2018-17190", - "id": "pyup.io-39825", - "more_info_path": "/vulnerabilities/CVE-2018-17190/39825", + "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 update its dependency \"SQLite3\" to handle CVE-2019-19880.", + "cve": "CVE-2019-19880", + "id": "pyup.io-38460", + "more_info_path": "/vulnerabilities/CVE-2019-19880/38460", "specs": [ "<1.15.3", ">=2.0.0a0,<2.0.2", @@ -150811,10 +151323,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"SQLite\" to handle CVE-2019-19645.", - "cve": "CVE-2019-19645", - "id": "pyup.io-39819", - "more_info_path": "/vulnerabilities/CVE-2019-19645/39819", + "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"Apache Spark\" to handle CVE-2018-17190.", + "cve": "CVE-2018-17190", + "id": "pyup.io-39825", + "more_info_path": "/vulnerabilities/CVE-2018-17190/39825", "specs": [ "<1.15.3", ">=2.0.0a0,<2.0.2", @@ -150823,10 +151335,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"Apache Spark\" to handle CVE-2019-10099.", - "cve": "CVE-2019-10099", - "id": "pyup.io-39824", - "more_info_path": "/vulnerabilities/CVE-2019-10099/39824", + "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"libjpeg-turbo\" to handle CVE-2018-19664.", + "cve": "CVE-2018-19664", + "id": "pyup.io-39821", + "more_info_path": "/vulnerabilities/CVE-2018-19664/39821", "specs": [ "<1.15.3", ">=2.0.0a0,<2.0.2", @@ -150835,10 +151347,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"libjpeg-turbo\" to handle CVE-2018-19664.", - "cve": "CVE-2018-19664", - "id": "pyup.io-39821", - "more_info_path": "/vulnerabilities/CVE-2018-19664/39821", + "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"SQLite\" to handle CVE-2019-19645.", + "cve": "CVE-2019-19645", + "id": "pyup.io-39819", + "more_info_path": "/vulnerabilities/CVE-2019-19645/39819", "specs": [ "<1.15.3", ">=2.0.0a0,<2.0.2", @@ -150859,10 +151371,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"SQLite3\" to handle CVE-2019-19244.", - "cve": "CVE-2019-19244", - "id": "pyup.io-39818", - "more_info_path": "/vulnerabilities/CVE-2019-19244/39818", + "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"libjpeg-turbo\" to handle CVE-2018-20330.", + "cve": "CVE-2018-20330", + "id": "pyup.io-39822", + "more_info_path": "/vulnerabilities/CVE-2018-20330/39822", "specs": [ "<1.15.3", ">=2.0.0a0,<2.0.2", @@ -150871,10 +151383,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 update its dependency \"SQLite3\" to handle CVE-2019-19880.", - "cve": "CVE-2019-19880", - "id": "pyup.io-38460", - "more_info_path": "/vulnerabilities/CVE-2019-19880/38460", + "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"libjpeg-turbo\" to handle CVE-2019-13960.", + "cve": "CVE-2019-13960", + "id": "pyup.io-39823", + "more_info_path": "/vulnerabilities/CVE-2019-13960/39823", "specs": [ "<1.15.3", ">=2.0.0a0,<2.0.2", @@ -150883,10 +151395,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"libjpeg-turbo\" to handle CVE-2018-20330.", - "cve": "CVE-2018-20330", - "id": "pyup.io-39822", - "more_info_path": "/vulnerabilities/CVE-2018-20330/39822", + "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"SQLite3\" to handle CVE-2019-19244.", + "cve": "CVE-2019-19244", + "id": "pyup.io-39818", + "more_info_path": "/vulnerabilities/CVE-2019-19244/39818", "specs": [ "<1.15.3", ">=2.0.0a0,<2.0.2", @@ -150895,10 +151407,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"libjpeg-turbo\" to handle CVE-2019-13960.", - "cve": "CVE-2019-13960", - "id": "pyup.io-39823", - "more_info_path": "/vulnerabilities/CVE-2019-13960/39823", + "advisory": "Tensorflow versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"Apache Spark\" to handle CVE-2019-10099.", + "cve": "CVE-2019-10099", + "id": "pyup.io-39824", + "more_info_path": "/vulnerabilities/CVE-2019-10099/39824", "specs": [ "<1.15.3", ">=2.0.0a0,<2.0.2", @@ -150907,10 +151419,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15208: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a \"DCHECK\" which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can craft cases where this is larger than that of the second tensor. In turn, this would result in reads/writes outside of bounds since the interpreter will wrongly assume that there is enough data in both tensors. The issue was patched in commit 8ee24e7949a203d234489f9da2c5bf45a7d5157d", - "cve": "CVE-2020-15208", - "id": "pyup.io-39937", - "more_info_path": "/vulnerabilities/CVE-2020-15208/39937", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15203: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the 'fill' argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a 'printf' call is constructed. This may result in segmentation fault.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xmq7-7fxm-rr79", + "cve": "CVE-2020-15203", + "id": "pyup.io-39942", + "more_info_path": "/vulnerabilities/CVE-2020-15203/39942", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -150921,10 +151433,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15195: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of 'SparseFillEmptyRowsGrad' uses a double indexing pattern. It is possible for 'reverse_index_map(i)' to be an index outside of bounds of 'grad_values', thus resulting in a heap buffer overflow.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-63xm-rx5p-xvqr", - "cve": "CVE-2020-15195", - "id": "pyup.io-39944", - "more_info_path": "/vulnerabilities/CVE-2020-15195/39944", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15207: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses 'ResolveAxis' to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds. If the 'DCHECK' does not trigger, then code execution moves ahead with a negative index. This, in turn, results in accessing data out of bounds which results in segfaults and/or data corruption.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q4qf-3fc6-8x34", + "cve": "CVE-2020-15207", + "id": "pyup.io-39938", + "more_info_path": "/vulnerabilities/CVE-2020-15207/39938", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -150935,10 +151447,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15204: In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling \"tf.raw_ops.GetSessionHandle\" or \"tf.raw_ops.GetSessionHandleV2\" results in a null pointer dereference In linked snippet, in eager mode, \"ctx->session_state()\" returns \"nullptr\". Since code immediately dereferences this, we get a segmentation fault. The issue was patched in commit 9a133d73ae4b4664d22bd1aa6d654fec13c52ee1", - "cve": "CVE-2020-15204", - "id": "pyup.io-39941", - "more_info_path": "/vulnerabilities/CVE-2020-15204/39941", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15190: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the \"tf.raw_ops.Switch\" operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. However, the eager runtime traverses all tensors in the output. Since only one of the tensors is defined, the other one is \"nullptr\", hence we are binding a reference to \"nullptr\". This is undefined behavior and reported as an error if compiling with \"-fsanitize=null\". In this case, this results in a segmentation fault The issue was patched in commit da8558533d925694483d2c136a9220d6d49d843c\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4g9f-63rx-5cw4", + "cve": "CVE-2020-15190", + "id": "pyup.io-38813", + "more_info_path": "/vulnerabilities/CVE-2020-15190/38813", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -150949,10 +151461,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15209: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a \"nullptr\" buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. The runtime assumes that these buffers are written to before a possible read, hence they are initialized with \"nullptr\". However, by changing the buffer index for a tensor and implicitly converting that tensor to be a read-write one, as there is nothing in the model that writes to it, we get a null pointer dereference. The issue was patched in commit 0b5662bc.", - "cve": "CVE-2020-15209", - "id": "pyup.io-39960", - "more_info_path": "/vulnerabilities/CVE-2020-15209/39960", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15195: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of 'SparseFillEmptyRowsGrad' uses a double indexing pattern. It is possible for 'reverse_index_map(i)' to be an index outside of bounds of 'grad_values', thus resulting in a heap buffer overflow.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-63xm-rx5p-xvqr", + "cve": "CVE-2020-15195", + "id": "pyup.io-39944", + "more_info_path": "/vulnerabilities/CVE-2020-15195/39944", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -150963,10 +151475,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15206: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's \"SavedModel\" protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using \"tensorflow-serving\" or other inference-as-a-service installments. Fixed were added in commits f760f88b4267d981e13f4b302c437ae800445968 and fcfef195637c6e365577829c4d67681695956e7d. However, this was not enough, as #41097 reported a different failure mode. The issue was finally patched in commit df095206f25471e864a8e63a0f1caef53a0e3a6", - "cve": "CVE-2020-15206", - "id": "pyup.io-39939", - "more_info_path": "/vulnerabilities/CVE-2020-15206/39939", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15205: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the 'data_splits' argument of 'tf.raw_ops.StringNGrams' lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after 'ee ff' are contents from the memory stack. Since these can contain return addresses, this data leak can be used to defeat ASLR.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g7p5-5759-qv46", + "cve": "CVE-2020-15205", + "id": "pyup.io-39940", + "more_info_path": "/vulnerabilities/CVE-2020-15205/39940", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -150977,10 +151489,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15203: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the 'fill' argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a 'printf' call is constructed. This may result in segmentation fault.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xmq7-7fxm-rr79", - "cve": "CVE-2020-15203", - "id": "pyup.io-39942", - "more_info_path": "/vulnerabilities/CVE-2020-15203/39942", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15204: In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling \"tf.raw_ops.GetSessionHandle\" or \"tf.raw_ops.GetSessionHandleV2\" results in a null pointer dereference In linked snippet, in eager mode, \"ctx->session_state()\" returns \"nullptr\". Since code immediately dereferences this, we get a segmentation fault. The issue was patched in commit 9a133d73ae4b4664d22bd1aa6d654fec13c52ee1", + "cve": "CVE-2020-15204", + "id": "pyup.io-39941", + "more_info_path": "/vulnerabilities/CVE-2020-15204/39941", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -150991,10 +151503,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15207: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses 'ResolveAxis' to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds. If the 'DCHECK' does not trigger, then code execution moves ahead with a negative index. This, in turn, results in accessing data out of bounds which results in segfaults and/or data corruption.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q4qf-3fc6-8x34", - "cve": "CVE-2020-15207", - "id": "pyup.io-39938", - "more_info_path": "/vulnerabilities/CVE-2020-15207/39938", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15206: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's \"SavedModel\" protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using \"tensorflow-serving\" or other inference-as-a-service installments. Fixed were added in commits f760f88b4267d981e13f4b302c437ae800445968 and fcfef195637c6e365577829c4d67681695956e7d. However, this was not enough, as #41097 reported a different failure mode. The issue was finally patched in commit df095206f25471e864a8e63a0f1caef53a0e3a6", + "cve": "CVE-2020-15206", + "id": "pyup.io-39939", + "more_info_path": "/vulnerabilities/CVE-2020-15206/39939", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151005,10 +151517,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15190: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the \"tf.raw_ops.Switch\" operation takes as input a tensor and a boolean and outputs two tensors. Depending on the boolean value, one of the tensors is exactly the input tensor whereas the other one should be an empty tensor. However, the eager runtime traverses all tensors in the output. Since only one of the tensors is defined, the other one is \"nullptr\", hence we are binding a reference to \"nullptr\". This is undefined behavior and reported as an error if compiling with \"-fsanitize=null\". In this case, this results in a segmentation fault The issue was patched in commit da8558533d925694483d2c136a9220d6d49d843c\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4g9f-63rx-5cw4", - "cve": "CVE-2020-15190", - "id": "pyup.io-38813", - "more_info_path": "/vulnerabilities/CVE-2020-15190/38813", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15202: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the 'Shard' API in TensorFlow expects the last argument to be a function taking two 'int64' (i.e., 'long long') arguments. However, there are several places in TensorFlow where a lambda taking 'int' or 'int32' arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6fg-mjxg-hqq4", + "cve": "CVE-2020-15202", + "id": "pyup.io-39943", + "more_info_path": "/vulnerabilities/CVE-2020-15202/39943", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151019,10 +151531,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15205: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the 'data_splits' argument of 'tf.raw_ops.StringNGrams' lacks validation. This allows a user to pass values that can cause heap overflow errors and even leak contents of memory In the linked code snippet, all the binary strings after 'ee ff' are contents from the memory stack. Since these can contain return addresses, this data leak can be used to defeat ASLR.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g7p5-5759-qv46", - "cve": "CVE-2020-15205", - "id": "pyup.io-39940", - "more_info_path": "/vulnerabilities/CVE-2020-15205/39940", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15211: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices for the tensors, indexing into an array of tensors that is owned by the subgraph. This results in a pattern of double array indexing when trying to get the data of each tensor. However, some operators can have some tensors be optional. To handle this scenario, the flatbuffer model uses a negative \"-1\" value as index for these tensors. This results in special casing during validation at model loading time. Unfortunately, this means that the \"-1\" index is a valid tensor index for any operator, including those that don't expect optional inputs and including for output tensors. Thus, this allows writing and reading from outside the bounds of heap allocated arrays, although only at a specific offset from the start of these arrays. This results in both read and write gadgets, albeit very limited in scope. The issue was patched in several commits (46d5b0852, 00302787b7, e11f5558, cd31fd0ce, 1970c21, and fff2c83). A potential workaround would be to add a custom \"Verifier\" to the model loading code to ensure that only operators which accept optional inputs use the \"-1\" special value and only for the tensors that they expect to be optional. Since this allow-list type approach is error-prone, it's advised upgrading to the patched code.", + "cve": "CVE-2020-15211", + "id": "pyup.io-39958", + "more_info_path": "/vulnerabilities/CVE-2020-15211/39958", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151033,10 +151545,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15202: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the 'Shard' API in TensorFlow expects the last argument to be a function taking two 'int64' (i.e., 'long long') arguments. However, there are several places in TensorFlow where a lambda taking 'int' or 'int32' arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6fg-mjxg-hqq4", - "cve": "CVE-2020-15202", - "id": "pyup.io-39943", - "more_info_path": "/vulnerabilities/CVE-2020-15202/39943", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15208: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a \"DCHECK\" which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can craft cases where this is larger than that of the second tensor. In turn, this would result in reads/writes outside of bounds since the interpreter will wrongly assume that there is enough data in both tensors. The issue was patched in commit 8ee24e7949a203d234489f9da2c5bf45a7d5157d", + "cve": "CVE-2020-15208", + "id": "pyup.io-39937", + "more_info_path": "/vulnerabilities/CVE-2020-15208/39937", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151047,10 +151559,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15211: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices for the tensors, indexing into an array of tensors that is owned by the subgraph. This results in a pattern of double array indexing when trying to get the data of each tensor. However, some operators can have some tensors be optional. To handle this scenario, the flatbuffer model uses a negative \"-1\" value as index for these tensors. This results in special casing during validation at model loading time. Unfortunately, this means that the \"-1\" index is a valid tensor index for any operator, including those that don't expect optional inputs and including for output tensors. Thus, this allows writing and reading from outside the bounds of heap allocated arrays, although only at a specific offset from the start of these arrays. This results in both read and write gadgets, albeit very limited in scope. The issue was patched in several commits (46d5b0852, 00302787b7, e11f5558, cd31fd0ce, 1970c21, and fff2c83). A potential workaround would be to add a custom \"Verifier\" to the model loading code to ensure that only operators which accept optional inputs use the \"-1\" special value and only for the tensors that they expect to be optional. Since this allow-list type approach is error-prone, it's advised upgrading to the patched code.", - "cve": "CVE-2020-15211", - "id": "pyup.io-39958", - "more_info_path": "/vulnerabilities/CVE-2020-15211/39958", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15209: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a \"nullptr\" buffer. This can be achieved by changing a buffer index in the flatbuffer serialization to convert a read-only tensor to a read-write one. The runtime assumes that these buffers are written to before a possible read, hence they are initialized with \"nullptr\". However, by changing the buffer index for a tensor and implicitly converting that tensor to be a read-write one, as there is nothing in the model that writes to it, we get a null pointer dereference. The issue was patched in commit 0b5662bc.", + "cve": "CVE-2020-15209", + "id": "pyup.io-39960", + "more_info_path": "/vulnerabilities/CVE-2020-15209/39960", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151061,10 +151573,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-9327.", - "cve": "CVE-2020-9327", - "id": "pyup.io-39906", - "more_info_path": "/vulnerabilities/CVE-2020-9327/39906", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13630.", + "cve": "CVE-2020-13630", + "id": "pyup.io-39901", + "more_info_path": "/vulnerabilities/CVE-2020-13630/39901", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151074,10 +151586,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-11655.", - "cve": "CVE-2020-11655", - "id": "pyup.io-39932", - "more_info_path": "/vulnerabilities/CVE-2020-11655/39932", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13435.", + "cve": "CVE-2020-13435", + "id": "pyup.io-39902", + "more_info_path": "/vulnerabilities/CVE-2020-13435/39902", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151087,10 +151599,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13434.", - "cve": "CVE-2020-13434", - "id": "pyup.io-39903", - "more_info_path": "/vulnerabilities/CVE-2020-13434/39903", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13631.", + "cve": "CVE-2020-13631", + "id": "pyup.io-39900", + "more_info_path": "/vulnerabilities/CVE-2020-13631/39900", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151100,10 +151612,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13631.", - "cve": "CVE-2020-13631", - "id": "pyup.io-39900", - "more_info_path": "/vulnerabilities/CVE-2020-13631/39900", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-9327.", + "cve": "CVE-2020-9327", + "id": "pyup.io-39906", + "more_info_path": "/vulnerabilities/CVE-2020-9327/39906", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151113,10 +151625,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-11656.", - "cve": "CVE-2020-11656", - "id": "pyup.io-39904", - "more_info_path": "/vulnerabilities/CVE-2020-11656/39904", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13434.", + "cve": "CVE-2020-13434", + "id": "pyup.io-39903", + "more_info_path": "/vulnerabilities/CVE-2020-13434/39903", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151126,10 +151638,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13435.", - "cve": "CVE-2020-13435", - "id": "pyup.io-39902", - "more_info_path": "/vulnerabilities/CVE-2020-13435/39902", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13871.", + "cve": "CVE-2020-13871", + "id": "pyup.io-39899", + "more_info_path": "/vulnerabilities/CVE-2020-13871/39899", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151139,10 +151651,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13871.", - "cve": "CVE-2020-13871", - "id": "pyup.io-39899", - "more_info_path": "/vulnerabilities/CVE-2020-13871/39899", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-11656.", + "cve": "CVE-2020-11656", + "id": "pyup.io-39904", + "more_info_path": "/vulnerabilities/CVE-2020-11656/39904", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151152,10 +151664,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 updates its dependency \"SQLite\" to handle CVE-2020-13630.", - "cve": "CVE-2020-13630", - "id": "pyup.io-39901", - "more_info_path": "/vulnerabilities/CVE-2020-13630/39901", + "advisory": "Tensorflow versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-11655.", + "cve": "CVE-2020-11655", + "id": "pyup.io-39932", + "more_info_path": "/vulnerabilities/CVE-2020-11655/39932", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -151221,10 +151733,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2" }, { - "advisory": "Tensorflow versions 2.3.2, 2.2.2, 2.1.3, 2.0.4 and 1.15.5 update its dependency \"PCRE\" to fix CVE-2019-20838.", - "cve": "CVE-2019-20838", - "id": "pyup.io-39406", - "more_info_path": "/vulnerabilities/CVE-2019-20838/39406", + "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2 and 2.3.2 update its dependency \"PCRE\" to handle CVE-2020-14155.", + "cve": "CVE-2020-14155", + "id": "pyup.io-39725", + "more_info_path": "/vulnerabilities/CVE-2020-14155/39725", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -151235,10 +151747,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2" }, { - "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2 and 2.3.2 update its dependency \"PCRE\" to handle CVE-2020-14155.", - "cve": "CVE-2020-14155", - "id": "pyup.io-39725", - "more_info_path": "/vulnerabilities/CVE-2020-14155/39725", + "advisory": "Tensorflow versions 2.3.2, 2.2.2, 2.1.3, 2.0.4 and 1.15.5 update its dependency \"PCRE\" to fix CVE-2019-20838.", + "cve": "CVE-2019-20838", + "id": "pyup.io-39406", + "more_info_path": "/vulnerabilities/CVE-2019-20838/39406", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -151249,10 +151761,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2" }, { - "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26267: In affected versions, the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes.", - "cve": "CVE-2020-26267", - "id": "pyup.io-39722", - "more_info_path": "/vulnerabilities/CVE-2020-26267/39722", + "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26271: In affected versions, under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node (given by output_index) and the input slot of the dst node (given by input_index). This is only possible if the types of the tensors on both sides coincide, so the function begins by obtaining the corresponding DataType values and comparing these for equality. However, there is no check that the indices point to inside of the arrays they index into. Thus, this can result in accessing data out of bounds of the corresponding heap allocated arrays. In most scenarios, this can manifest as unitialized data access, but if the index points far away from the boundaries of the arrays this can be used to leak addresses from the library.", + "cve": "CVE-2020-26271", + "id": "pyup.io-39719", + "more_info_path": "/vulnerabilities/CVE-2020-26271/39719", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -151264,10 +151776,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2,>=2.4.0rc0,<2.4.0" }, { - "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26270: In affected versions, running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer.", - "cve": "CVE-2020-26270", - "id": "pyup.io-39720", - "more_info_path": "/vulnerabilities/CVE-2020-26270/39720", + "advisory": "TensorFlow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0 includes a fix for CVE-2020-26266: In affected versions and under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen.", + "cve": "CVE-2020-26266", + "id": "pyup.io-39408", + "more_info_path": "/vulnerabilities/CVE-2020-26266/39408", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -151279,10 +151791,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2,>=2.4.0rc0,<2.4.0" }, { - "advisory": "TensorFlow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0 includes a fix for CVE-2020-26266: In affected versions and under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen.", - "cve": "CVE-2020-26266", - "id": "pyup.io-39408", - "more_info_path": "/vulnerabilities/CVE-2020-26266/39408", + "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26268: In affected versions, the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault. This is because the allocator used to return the buffer data is not marked as returning an opaque handle since the needed virtual method is not overridden.", + "cve": "CVE-2020-26268", + "id": "pyup.io-39265", + "more_info_path": "/vulnerabilities/CVE-2020-26268/39265", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -151294,10 +151806,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2,>=2.4.0rc0,<2.4.0" }, { - "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26268: In affected versions, the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault. This is because the allocator used to return the buffer data is not marked as returning an opaque handle since the needed virtual method is not overridden.", - "cve": "CVE-2020-26268", - "id": "pyup.io-39265", - "more_info_path": "/vulnerabilities/CVE-2020-26268/39265", + "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26267: In affected versions, the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes.", + "cve": "CVE-2020-26267", + "id": "pyup.io-39722", + "more_info_path": "/vulnerabilities/CVE-2020-26267/39722", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -151309,10 +151821,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2,>=2.4.0rc0,<2.4.0" }, { - "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26271: In affected versions, under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node (given by output_index) and the input slot of the dst node (given by input_index). This is only possible if the types of the tensors on both sides coincide, so the function begins by obtaining the corresponding DataType values and comparing these for equality. However, there is no check that the indices point to inside of the arrays they index into. Thus, this can result in accessing data out of bounds of the corresponding heap allocated arrays. In most scenarios, this can manifest as unitialized data access, but if the index points far away from the boundaries of the arrays this can be used to leak addresses from the library.", - "cve": "CVE-2020-26271", - "id": "pyup.io-39719", - "more_info_path": "/vulnerabilities/CVE-2020-26271/39719", + "advisory": "Tensorflow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26270: In affected versions, running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer.", + "cve": "CVE-2020-26270", + "id": "pyup.io-39720", + "more_info_path": "/vulnerabilities/CVE-2020-26270/39720", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -151354,20 +151866,20 @@ "v": "<1.7.0a1" }, { - "advisory": "Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file. See CVE-2018-10055.", - "cve": "CVE-2018-10055", - "id": "pyup.io-40786", - "more_info_path": "/vulnerabilities/CVE-2018-10055/40786", + "advisory": "Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory. See CVE-2018-7577.", + "cve": "CVE-2018-7577", + "id": "pyup.io-40790", + "more_info_path": "/vulnerabilities/CVE-2018-7577/40790", "specs": [ "<1.7.1" ], "v": "<1.7.1" }, { - "advisory": "Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory. See CVE-2018-7577.", - "cve": "CVE-2018-7577", - "id": "pyup.io-40790", - "more_info_path": "/vulnerabilities/CVE-2018-7577/40790", + "advisory": "Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file. See CVE-2018-10055.", + "cve": "CVE-2018-10055", + "id": "pyup.io-40786", + "more_info_path": "/vulnerabilities/CVE-2018-10055/40786", "specs": [ "<1.7.1" ], @@ -151383,17 +151895,6 @@ ], "v": "<1.7.1" }, - { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25676: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.ParallelConcat' segfaults with a nullptr dereference when given a parameter 'shape' with rank that is not greater than zero.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq", - "cve": "CVE-2023-25676", - "id": "pyup.io-53862", - "more_info_path": "/vulnerabilities/CVE-2023-25676/53862", - "specs": [ - "<2.11.1", - ">=2.12.0rc0,<2.12.0" - ], - "v": "<2.11.1,>=2.12.0rc0,<2.12.0" - }, { "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25662: Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw", "cve": "CVE-2023-25662", @@ -151406,10 +151907,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25670: Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w", - "cve": "CVE-2023-25670", - "id": "pyup.io-53856", - "more_info_path": "/vulnerabilities/CVE-2023-25670/53856", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25661: In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the 'Convolution3DTranspose' function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a 'Convolution3DTranspose' call.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq", + "cve": "CVE-2023-25661", + "id": "pyup.io-53903", + "more_info_path": "/vulnerabilities/CVE-2023-25661/53903", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151417,10 +151918,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25675: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.Bincount' segfaults when given a parameter 'weights' that is neither the same shape as parameter 'arr' nor a length-0 tensor.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj", - "cve": "CVE-2023-25675", - "id": "pyup.io-53861", - "more_info_path": "/vulnerabilities/CVE-2023-25675/53861", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25674: Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579", + "cve": "CVE-2023-25674", + "id": "pyup.io-53860", + "more_info_path": "/vulnerabilities/CVE-2023-25674/53860", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151428,10 +151929,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-27579: Constructing a tflite model with a paramater 'filter_input_channel' of less than 1 gives a FPE.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8", - "cve": "CVE-2023-27579", - "id": "pyup.io-53864", - "more_info_path": "/vulnerabilities/CVE-2023-27579/53864", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25659: Prior to versions 2.12.0 and 2.11.1, if the parameter 'indices' for 'DynamicStitch' does not match the shape of the parameter 'data', it can trigger an stack OOB read.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p", + "cve": "CVE-2023-25659", + "id": "pyup.io-53846", + "more_info_path": "/vulnerabilities/CVE-2023-25659/53846", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151439,10 +151940,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25661: In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the 'Convolution3DTranspose' function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a 'Convolution3DTranspose' call.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq", - "cve": "CVE-2023-25661", - "id": "pyup.io-53903", - "more_info_path": "/vulnerabilities/CVE-2023-25661/53903", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25665: Prior to versions 2.12.0 and 2.11.1, when 'SparseSparseMaximum' is given invalid sparse tensors as inputs, it can give a null pointer error.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g", + "cve": "CVE-2023-25665", + "id": "pyup.io-53851", + "more_info_path": "/vulnerabilities/CVE-2023-25665/53851", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151450,10 +151951,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25666: Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2", - "cve": "CVE-2023-25666", - "id": "pyup.io-53852", - "more_info_path": "/vulnerabilities/CVE-2023-25666/53852", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-27579: Constructing a tflite model with a paramater 'filter_input_channel' of less than 1 gives a FPE.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8", + "cve": "CVE-2023-27579", + "id": "pyup.io-53864", + "more_info_path": "/vulnerabilities/CVE-2023-27579/53864", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151472,10 +151973,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25667: Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when '2^31 <= num_frames * height * width * channels < 2^32', for example Full HD screencast of at least 346 frames.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68", - "cve": "CVE-2023-25667", - "id": "pyup.io-53853", - "more_info_path": "/vulnerabilities/CVE-2023-25667/53853", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25672: The function 'tf.raw_ops.LookupTableImportV2' cannot handle scalars in the 'values' parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", + "cve": "CVE-2023-25672", + "id": "pyup.io-53858", + "more_info_path": "/vulnerabilities/CVE-2023-25672/53858", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151483,10 +151984,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25671: There is out-of-bounds access due to mismatched integer type sizes.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j5w9-hmfh-4cr6", - "cve": "CVE-2023-25671", - "id": "pyup.io-53857", - "more_info_path": "/vulnerabilities/CVE-2023-25671/53857", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25660: Prior to versions 2.12.0 and 2.11.1, when the parameter 'summarize' of 'tf.raw_ops.Print' is zero, the new method 'SummarizeArray' will reference to a nullptr, leading to a seg fault.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj", + "cve": "CVE-2023-25660", + "id": "pyup.io-53847", + "more_info_path": "/vulnerabilities/CVE-2023-25660/53847", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151494,10 +151995,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25801: Prior to versions 2.12.0 and 2.11.1, 'nn_ops.fractional_avg_pool_v2' and 'nn_ops.fractional_max_pool_v2' require the first and fourth elements of their parameter 'pooling_ratio' to be equal to 1.0, as pooling on batch and channel dimensions is not supported.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q", - "cve": "CVE-2023-25801", - "id": "pyup.io-53863", - "more_info_path": "/vulnerabilities/CVE-2023-25801/53863", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25668: Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96", + "cve": "CVE-2023-25668", + "id": "pyup.io-53854", + "more_info_path": "/vulnerabilities/CVE-2023-25668/53854", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151505,10 +152006,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25674: Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579", - "cve": "CVE-2023-25674", - "id": "pyup.io-53860", - "more_info_path": "/vulnerabilities/CVE-2023-25674/53860", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25669: Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for 'tf.raw_ops.AvgPoolGrad', it can give a floating point exception.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p", + "cve": "CVE-2023-25669", + "id": "pyup.io-53855", + "more_info_path": "/vulnerabilities/CVE-2023-25669/53855", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151516,10 +152017,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25663: Prior to versions 2.12.0 and 2.11.1, when 'ctx->step_containter()' is a null ptr, the Lookup function will be executed with a null pointer.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w", - "cve": "CVE-2023-25663", - "id": "pyup.io-53849", - "more_info_path": "/vulnerabilities/CVE-2023-25663/53849", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25667: Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when '2^31 <= num_frames * height * width * channels < 2^32', for example Full HD screencast of at least 346 frames.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68", + "cve": "CVE-2023-25667", + "id": "pyup.io-53853", + "more_info_path": "/vulnerabilities/CVE-2023-25667/53853", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151527,10 +152028,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25659: Prior to versions 2.12.0 and 2.11.1, if the parameter 'indices' for 'DynamicStitch' does not match the shape of the parameter 'data', it can trigger an stack OOB read.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p", - "cve": "CVE-2023-25659", - "id": "pyup.io-53846", - "more_info_path": "/vulnerabilities/CVE-2023-25659/53846", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25801: Prior to versions 2.12.0 and 2.11.1, 'nn_ops.fractional_avg_pool_v2' and 'nn_ops.fractional_max_pool_v2' require the first and fourth elements of their parameter 'pooling_ratio' to be equal to 1.0, as pooling on batch and channel dimensions is not supported.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q", + "cve": "CVE-2023-25801", + "id": "pyup.io-53863", + "more_info_path": "/vulnerabilities/CVE-2023-25801/53863", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151538,10 +152039,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25664: Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr", - "cve": "CVE-2023-25664", - "id": "pyup.io-53850", - "more_info_path": "/vulnerabilities/CVE-2023-25664/53850", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25676: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.ParallelConcat' segfaults with a nullptr dereference when given a parameter 'shape' with rank that is not greater than zero.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq", + "cve": "CVE-2023-25676", + "id": "pyup.io-53862", + "more_info_path": "/vulnerabilities/CVE-2023-25676/53862", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151549,10 +152050,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25668: Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96", - "cve": "CVE-2023-25668", - "id": "pyup.io-53854", - "more_info_path": "/vulnerabilities/CVE-2023-25668/53854", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25670: Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w", + "cve": "CVE-2023-25670", + "id": "pyup.io-53856", + "more_info_path": "/vulnerabilities/CVE-2023-25670/53856", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151560,10 +152061,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25665: Prior to versions 2.12.0 and 2.11.1, when 'SparseSparseMaximum' is given invalid sparse tensors as inputs, it can give a null pointer error.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g", - "cve": "CVE-2023-25665", - "id": "pyup.io-53851", - "more_info_path": "/vulnerabilities/CVE-2023-25665/53851", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25658: Prior to versions 2.12.0 and 2.11.1, an out of bounds read is in GRUBlockCellGrad.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6", + "cve": "CVE-2023-25658", + "id": "pyup.io-53845", + "more_info_path": "/vulnerabilities/CVE-2023-25658/53845", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151571,10 +152072,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25658: Prior to versions 2.12.0 and 2.11.1, an out of bounds read is in GRUBlockCellGrad.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6", - "cve": "CVE-2023-25658", - "id": "pyup.io-53845", - "more_info_path": "/vulnerabilities/CVE-2023-25658/53845", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25666: Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2", + "cve": "CVE-2023-25666", + "id": "pyup.io-53852", + "more_info_path": "/vulnerabilities/CVE-2023-25666/53852", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151582,10 +152083,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25669: Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for 'tf.raw_ops.AvgPoolGrad', it can give a floating point exception.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p", - "cve": "CVE-2023-25669", - "id": "pyup.io-53855", - "more_info_path": "/vulnerabilities/CVE-2023-25669/53855", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25675: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.Bincount' segfaults when given a parameter 'weights' that is neither the same shape as parameter 'arr' nor a length-0 tensor.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj", + "cve": "CVE-2023-25675", + "id": "pyup.io-53861", + "more_info_path": "/vulnerabilities/CVE-2023-25675/53861", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151593,10 +152094,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25672: The function 'tf.raw_ops.LookupTableImportV2' cannot handle scalars in the 'values' parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", - "cve": "CVE-2023-25672", - "id": "pyup.io-53858", - "more_info_path": "/vulnerabilities/CVE-2023-25672/53858", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25671: There is out-of-bounds access due to mismatched integer type sizes.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j5w9-hmfh-4cr6", + "cve": "CVE-2023-25671", + "id": "pyup.io-53857", + "more_info_path": "/vulnerabilities/CVE-2023-25671/53857", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151604,10 +152105,21 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25660: Prior to versions 2.12.0 and 2.11.1, when the parameter 'summarize' of 'tf.raw_ops.Print' is zero, the new method 'SummarizeArray' will reference to a nullptr, leading to a seg fault.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj", - "cve": "CVE-2023-25660", - "id": "pyup.io-53847", - "more_info_path": "/vulnerabilities/CVE-2023-25660/53847", + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25663: Prior to versions 2.12.0 and 2.11.1, when 'ctx->step_containter()' is a null ptr, the Lookup function will be executed with a null pointer.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w", + "cve": "CVE-2023-25663", + "id": "pyup.io-53849", + "more_info_path": "/vulnerabilities/CVE-2023-25663/53849", + "specs": [ + "<2.11.1", + ">=2.12.0rc0,<2.12.0" + ], + "v": "<2.11.1,>=2.12.0rc0,<2.12.0" + }, + { + "advisory": "Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25664: Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr", + "cve": "CVE-2023-25664", + "id": "pyup.io-53850", + "more_info_path": "/vulnerabilities/CVE-2023-25664/53850", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -151625,6 +152137,16 @@ ], "v": "<2.12.1,>=2.13.0rc0,<2.13.0" }, + { + "advisory": "TensorFlow 2.14.1 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", + "cve": "CVE-2023-38545", + "id": "pyup.io-72612", + "more_info_path": "/vulnerabilities/CVE-2023-38545/72612", + "specs": [ + "<2.14.1" + ], + "v": "<2.14.1" + }, { "advisory": "TensorFlow updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", "cve": "CVE-2023-38546", @@ -151636,14 +152158,14 @@ "v": "<2.14.1" }, { - "advisory": "TensorFlow updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", - "cve": "CVE-2023-38545", - "id": "pyup.io-72612", - "more_info_path": "/vulnerabilities/CVE-2023-38545/72612", + "advisory": "TensorFlow 2.4.0 includes a fix for CVE-2020-15266: In Tensorflow before version 2.4.0, when the 'boxes' argument of 'tf.image.crop_and_resize' has a very large value, the CPU kernel implementation receives it as a C++ 'nan' floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault.\r\nhttps://github.com/tensorflow/tensorflow/issues/42129\r\nhttps://github.com/tensorflow/tensorflow/pull/42143/commits/3ade2efec2e90c6237de32a19680caaa3ebc2845\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xwhf-g6j5-j5gc", + "cve": "CVE-2020-15266", + "id": "pyup.io-40795", + "more_info_path": "/vulnerabilities/CVE-2020-15266/40795", "specs": [ - "<2.14.1" + "<2.4.0" ], - "v": "<2.14.1" + "v": "<2.4.0" }, { "advisory": "TensorFlow 2.4.0 includes a fix for CVE-2020-15265: In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.", @@ -151656,20 +152178,34 @@ "v": "<2.4.0" }, { - "advisory": "TensorFlow 2.4.0 includes a fix for CVE-2020-15266: In Tensorflow before version 2.4.0, when the 'boxes' argument of 'tf.image.crop_and_resize' has a very large value, the CPU kernel implementation receives it as a C++ 'nan' floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault.\r\nhttps://github.com/tensorflow/tensorflow/issues/42129\r\nhttps://github.com/tensorflow/tensorflow/pull/42143/commits/3ade2efec2e90c6237de32a19680caaa3ebc2845\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xwhf-g6j5-j5gc", - "cve": "CVE-2020-15266", - "id": "pyup.io-40795", - "more_info_path": "/vulnerabilities/CVE-2020-15266/40795", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41202: In affected versions, while calculating the size of the output within the 'tf.range' kernel, there is a conditional statement of type 'int64 = condition ? int64 : double'. Due to C++ implicit conversion rules, both branches of the condition will be cast to 'double' and the result would be truncated before the assignment. This result in overflows. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx", + "cve": "CVE-2021-41202", + "id": "pyup.io-42449", + "more_info_path": "/vulnerabilities/CVE-2021-41202/42449", "specs": [ - "<2.4.0" + "<2.4.4", + ">=2.5.0rc0,<2.5.2", + ">=2.6.0rc0,<2.6.1" ], - "v": "<2.4.0" + "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22924.", - "cve": "CVE-2021-22924", - "id": "pyup.io-43748", - "more_info_path": "/vulnerabilities/CVE-2021-22924/43748", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41228: In affected versions, TensorFlow's 'saved_model_cli' tool is vulnerable to a code injection as it calls 'eval' on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given that the tool is always run manually, the impact of this is not severe. The issue has been patched by adding a 'safe' flag which defaults to 'True' and an explicit warning for users.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v\r\nhttps://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7", + "cve": "CVE-2021-41228", + "id": "pyup.io-42475", + "more_info_path": "/vulnerabilities/CVE-2021-41228/42475", + "specs": [ + "<2.4.4", + ">=2.5.0rc0,<2.5.2", + ">=2.6.0rc0,<2.6.1" + ], + "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" + }, + { + "advisory": "TensorFlow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41227: In affected versions, the 'ImmutableConst' operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the 'tstring' TensorFlow string class has a special case for memory mapped strings but the operation itself does not offer any support for this datatype. The fix is also included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7\r\nhttps://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b\r\nhttps://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585", + "cve": "CVE-2021-41227", + "id": "pyup.io-42474", + "more_info_path": "/vulnerabilities/CVE-2021-41227/42474", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151702,10 +152238,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41217: In affected versions, the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in the pairing (e.g., an 'Enter' node) always exists when encountering the second node (e.g., an 'Exit' node). When this is not the case, 'parent' is 'nullptr' so dereferencing it causes a crash. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq\r\nhttps://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff", - "cve": "CVE-2021-41217", - "id": "pyup.io-42464", - "more_info_path": "/vulnerabilities/CVE-2021-41217/42464", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41212: In affected versions, the shape inference code for 'tf.ragged.cross' can trigger a read outside of bounds of heap allocated array. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g\r\nhttps://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", + "cve": "CVE-2021-41212", + "id": "pyup.io-42459", + "more_info_path": "/vulnerabilities/CVE-2021-41212/42459", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151714,10 +152250,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41212: In affected versions, the shape inference code for 'tf.ragged.cross' can trigger a read outside of bounds of heap allocated array. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g\r\nhttps://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", - "cve": "CVE-2021-41212", - "id": "pyup.io-42459", - "more_info_path": "/vulnerabilities/CVE-2021-41212/42459", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41195: In affected versions, the implementation of 'tf.math.segment_*' operations results in a 'CHECK'-fail related abort (and denial of service) if a segment id in 'segment_ids' is large. This is similar to CVE-2021-29584 (and similar to other reported vulnerabilities in TensorFlow localized to specific APIs): the implementation (both on CPU and GPU) computes the output shape using 'AddDim'. However, if the number of elements in the tensor overflows an 'int64_t' value, 'AddDim' results in a 'CHECK' failure which provokes a 'std::abort'. Instead, code should use 'AddDimWithStatus'. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh", + "cve": "CVE-2021-41195", + "id": "pyup.io-42442", + "more_info_path": "/vulnerabilities/CVE-2021-41195/42442", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151738,10 +152274,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41223: In affected versions, the implementation of 'FusedBatchNorm' kernels is vulnerable to a heap OOB access. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr\r\nhttps://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda", - "cve": "CVE-2021-41223", - "id": "pyup.io-42470", - "more_info_path": "/vulnerabilities/CVE-2021-41223/42470", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41204: In affected versions, during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x\r\nhttps://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659", + "cve": "CVE-2021-41204", + "id": "pyup.io-42451", + "more_info_path": "/vulnerabilities/CVE-2021-41204/42451", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151750,10 +152286,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41222: In affected versions, the implementation of 'SplitV' can trigger a segfault if an attacker supplies negative arguments. This occurs whenever 'size_splits' contains more than one value and at least one value is negative. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6\r\nhttps://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6", - "cve": "CVE-2021-41222", - "id": "pyup.io-42469", - "more_info_path": "/vulnerabilities/CVE-2021-41222/42469", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41218: In affected versions, the shape inference code for 'AllToAll' can be made to execute a division by 0. This occurs whenever the 'split_count' argument is 0. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273\r\nhttps://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc", + "cve": "CVE-2021-41218", + "id": "pyup.io-42465", + "more_info_path": "/vulnerabilities/CVE-2021-41218/42465", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151762,10 +152298,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41213: In affected versions, the code behind 'tf.function' API can be made to deadlock when two 'tf.function' decorated Python functions are mutually recursive. This occurs due to using a non-reentrant 'Lock' Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive 'tf.function', although this is not a frequent scenario.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf\r\nhttps://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7", - "cve": "CVE-2021-41213", - "id": "pyup.io-42460", - "more_info_path": "/vulnerabilities/CVE-2021-41213/42460", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22926.", + "cve": "CVE-2021-22926", + "id": "pyup.io-43750", + "more_info_path": "/vulnerabilities/CVE-2021-22926/43750", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151774,10 +152310,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41196: In affected versions, the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window are not checked to be strictly positive. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8", - "cve": "CVE-2021-41196", - "id": "pyup.io-42443", - "more_info_path": "/vulnerabilities/CVE-2021-41196/42443", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41203: In affected versions, an attacker can trigger undefined behavior, integer overflows, segfaults and 'CHECK'-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure is missing validation for invalid file formats.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2", + "cve": "CVE-2021-41203", + "id": "pyup.io-42450", + "more_info_path": "/vulnerabilities/CVE-2021-41203/42450", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151786,10 +152322,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41204: In affected versions, during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x\r\nhttps://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659", - "cve": "CVE-2021-41204", - "id": "pyup.io-42451", - "more_info_path": "/vulnerabilities/CVE-2021-41204/42451", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41196: In affected versions, the Keras pooling layers can trigger a segfault if the size of the pool is 0 or if a dimension is negative. This is due to the TensorFlow's implementation of pooling operations where the values in the sliding window are not checked to be strictly positive. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8", + "cve": "CVE-2021-41196", + "id": "pyup.io-42443", + "more_info_path": "/vulnerabilities/CVE-2021-41196/42443", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151798,10 +152334,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41214: In affected versions, the shape inference code for 'tf.ragged.cross' has an undefined behavior due to binding a reference to 'nullptr'. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v\r\nhttps://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", - "cve": "CVE-2021-41214", - "id": "pyup.io-42461", - "more_info_path": "/vulnerabilities/CVE-2021-41214/42461", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41210: In affected versions, the shape inference functions for 'SparseCountSparseOutput' can trigger a read outside of bounds of heap allocated array. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc\r\nhttps://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2", + "cve": "CVE-2021-41210", + "id": "pyup.io-42457", + "more_info_path": "/vulnerabilities/CVE-2021-41210/42457", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151821,18 +152357,6 @@ ], "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, - { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41210: In affected versions, the shape inference functions for 'SparseCountSparseOutput' can trigger a read outside of bounds of heap allocated array. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc\r\nhttps://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2", - "cve": "CVE-2021-41210", - "id": "pyup.io-42457", - "more_info_path": "/vulnerabilities/CVE-2021-41210/42457", - "specs": [ - "<2.4.4", - ">=2.5.0rc0,<2.5.2", - ">=2.6.0rc0,<2.6.1" - ], - "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" - }, { "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41221: In affected versions, the shape inference code for the 'Cudnn*' operations can be tricked into accessing invalid memory via a heap buffer overflow. This occurs because the ranks of the 'input', 'input_h' and 'input_c' parameters are not validated, but code assumes they have certain values. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx\r\nhttps://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6", "cve": "CVE-2021-41221", @@ -151846,22 +152370,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41218: In affected versions, the shape inference code for 'AllToAll' can be made to execute a division by 0. This occurs whenever the 'split_count' argument is 0. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273\r\nhttps://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc", - "cve": "CVE-2021-41218", - "id": "pyup.io-42465", - "more_info_path": "/vulnerabilities/CVE-2021-41218/42465", - "specs": [ - "<2.4.4", - ">=2.5.0rc0,<2.5.2", - ">=2.6.0rc0,<2.6.1" - ], - "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" - }, - { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41195: In affected versions, the implementation of 'tf.math.segment_*' operations results in a 'CHECK'-fail related abort (and denial of service) if a segment id in 'segment_ids' is large. This is similar to CVE-2021-29584 (and similar to other reported vulnerabilities in TensorFlow localized to specific APIs): the implementation (both on CPU and GPU) computes the output shape using 'AddDim'. However, if the number of elements in the tensor overflows an 'int64_t' value, 'AddDim' results in a 'CHECK' failure which provokes a 'std::abort'. Instead, code should use 'AddDimWithStatus'. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh", - "cve": "CVE-2021-41195", - "id": "pyup.io-42442", - "more_info_path": "/vulnerabilities/CVE-2021-41195/42442", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41201: In affected versions, during execution, 'EinsumHelper::ParseEquation()' is supposed to set the flags in 'input_has_ellipsis' vector and '*output_has_ellipsis' boolean to indicate whether there is ellipsis in the corresponding inputs and output. However, the code only changes these flags to 'true' and never assigns 'false'. This results in unitialized variable access if callers assume that 'EinsumHelper::ParseEquation()' always sets these flags. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm\r\nhttps://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6", + "cve": "CVE-2021-41201", + "id": "pyup.io-42448", + "more_info_path": "/vulnerabilities/CVE-2021-41201/42448", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151882,10 +152394,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "TensorFlow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41227: In affected versions, the 'ImmutableConst' operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the 'tstring' TensorFlow string class has a special case for memory mapped strings but the operation itself does not offer any support for this datatype. The fix is also included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7\r\nhttps://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b\r\nhttps://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585", - "cve": "CVE-2021-41227", - "id": "pyup.io-42474", - "more_info_path": "/vulnerabilities/CVE-2021-41227/42474", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41214: In affected versions, the shape inference code for 'tf.ragged.cross' has an undefined behavior due to binding a reference to 'nullptr'. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v\r\nhttps://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", + "cve": "CVE-2021-41214", + "id": "pyup.io-42461", + "more_info_path": "/vulnerabilities/CVE-2021-41214/42461", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151894,10 +152406,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22923.", - "cve": "CVE-2021-22923", - "id": "pyup.io-43747", - "more_info_path": "/vulnerabilities/CVE-2021-22923/43747", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22922.", + "cve": "CVE-2021-22922", + "id": "pyup.io-43613", + "more_info_path": "/vulnerabilities/CVE-2021-22922/43613", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151906,10 +152418,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "TensorFlow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41225: In affected versions, TensorFlow's Grappler optimizer has a use of unitialized variable. If the 'train_nodes' vector (obtained from the saved model that gets optimized) does not contain a 'Dequeue' node, then 'dequeue_node' is left unitialized. The fix is also included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw\r\nhttps://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3", - "cve": "CVE-2021-41225", - "id": "pyup.io-42472", - "more_info_path": "/vulnerabilities/CVE-2021-41225/42472", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41215: In affected versions, the shape inference code for 'DeserializeSparse' can trigger a null pointer dereference. This is because the shape inference function assumes that the 'serialize_sparse' tensor is a tensor with positive rank (and having '3' as the last dimension). The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r\r\nhttps://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850", + "cve": "CVE-2021-41215", + "id": "pyup.io-42462", + "more_info_path": "/vulnerabilities/CVE-2021-41215/42462", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151918,10 +152430,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41203: In affected versions, an attacker can trigger undefined behavior, integer overflows, segfaults and 'CHECK'-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure is missing validation for invalid file formats.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2", - "cve": "CVE-2021-41203", - "id": "pyup.io-42450", - "more_info_path": "/vulnerabilities/CVE-2021-41203/42450", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41217: In affected versions, the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in the pairing (e.g., an 'Enter' node) always exists when encountering the second node (e.g., an 'Exit' node). When this is not the case, 'parent' is 'nullptr' so dereferencing it causes a crash. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq\r\nhttps://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff", + "cve": "CVE-2021-41217", + "id": "pyup.io-42464", + "more_info_path": "/vulnerabilities/CVE-2021-41217/42464", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151930,10 +152442,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41202: In affected versions, while calculating the size of the output within the 'tf.range' kernel, there is a conditional statement of type 'int64 = condition ? int64 : double'. Due to C++ implicit conversion rules, both branches of the condition will be cast to 'double' and the result would be truncated before the assignment. This result in overflows. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx", - "cve": "CVE-2021-41202", - "id": "pyup.io-42449", - "more_info_path": "/vulnerabilities/CVE-2021-41202/42449", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22924.", + "cve": "CVE-2021-22924", + "id": "pyup.io-43748", + "more_info_path": "/vulnerabilities/CVE-2021-22924/43748", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151942,10 +152454,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22925.", - "cve": "CVE-2021-22925", - "id": "pyup.io-43749", - "more_info_path": "/vulnerabilities/CVE-2021-22925/43749", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22923.", + "cve": "CVE-2021-22923", + "id": "pyup.io-43747", + "more_info_path": "/vulnerabilities/CVE-2021-22923/43747", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151954,10 +152466,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22926.", - "cve": "CVE-2021-22926", - "id": "pyup.io-43750", - "more_info_path": "/vulnerabilities/CVE-2021-22926/43750", + "advisory": "TensorFlow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41225: In affected versions, TensorFlow's Grappler optimizer has a use of unitialized variable. If the 'train_nodes' vector (obtained from the saved model that gets optimized) does not contain a 'Dequeue' node, then 'dequeue_node' is left unitialized. The fix is also included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw\r\nhttps://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3", + "cve": "CVE-2021-41225", + "id": "pyup.io-42472", + "more_info_path": "/vulnerabilities/CVE-2021-41225/42472", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151966,10 +152478,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41224: In affected versions, the implementation of 'SparseFillEmptyRows' can be made to trigger a heap OOB access. This occurs whenever the size of 'indices' does not match the size of 'values'. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v\r\nhttps://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b", - "cve": "CVE-2021-41224", - "id": "pyup.io-42471", - "more_info_path": "/vulnerabilities/CVE-2021-41224/42471", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22925.", + "cve": "CVE-2021-22925", + "id": "pyup.io-43749", + "more_info_path": "/vulnerabilities/CVE-2021-22925/43749", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151978,10 +152490,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "TensorFlow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41226: In affected versions, the implementation of 'SparseBinCount' is vulnerable to a heap OOB access. This is because of missing validation between the elements of the 'values' argument and the shape of the sparse output. The fix is also included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8\r\nhttps://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba", - "cve": "CVE-2021-41226", - "id": "pyup.io-42473", - "more_info_path": "/vulnerabilities/CVE-2021-41226/42473", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41213: In affected versions, the code behind 'tf.function' API can be made to deadlock when two 'tf.function' decorated Python functions are mutually recursive. This occurs due to using a non-reentrant 'Lock' Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive 'tf.function', although this is not a frequent scenario.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf\r\nhttps://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7", + "cve": "CVE-2021-41213", + "id": "pyup.io-42460", + "more_info_path": "/vulnerabilities/CVE-2021-41213/42460", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -151990,10 +152502,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41228: In affected versions, TensorFlow's 'saved_model_cli' tool is vulnerable to a code injection as it calls 'eval' on user supplied strings. This can be used by attackers to run arbitrary code on the plaform where the CLI tool runs. However, given that the tool is always run manually, the impact of this is not severe. The issue has been patched by adding a 'safe' flag which defaults to 'True' and an explicit warning for users.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v\r\nhttps://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7", - "cve": "CVE-2021-41228", - "id": "pyup.io-42475", - "more_info_path": "/vulnerabilities/CVE-2021-41228/42475", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41224: In affected versions, the implementation of 'SparseFillEmptyRows' can be made to trigger a heap OOB access. This occurs whenever the size of 'indices' does not match the size of 'values'. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v\r\nhttps://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b", + "cve": "CVE-2021-41224", + "id": "pyup.io-42471", + "more_info_path": "/vulnerabilities/CVE-2021-41224/42471", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -152002,10 +152514,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22922.", - "cve": "CVE-2021-22922", - "id": "pyup.io-43613", - "more_info_path": "/vulnerabilities/CVE-2021-22922/43613", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41223: In affected versions, the implementation of 'FusedBatchNorm' kernels is vulnerable to a heap OOB access. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr\r\nhttps://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda", + "cve": "CVE-2021-41223", + "id": "pyup.io-42470", + "more_info_path": "/vulnerabilities/CVE-2021-41223/42470", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -152014,10 +152526,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41215: In affected versions, the shape inference code for 'DeserializeSparse' can trigger a null pointer dereference. This is because the shape inference function assumes that the 'serialize_sparse' tensor is a tensor with positive rank (and having '3' as the last dimension). The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r\r\nhttps://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850", - "cve": "CVE-2021-41215", - "id": "pyup.io-42462", - "more_info_path": "/vulnerabilities/CVE-2021-41215/42462", + "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41222: In affected versions, the implementation of 'SplitV' can trigger a segfault if an attacker supplies negative arguments. This occurs whenever 'size_splits' contains more than one value and at least one value is negative. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6\r\nhttps://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6", + "cve": "CVE-2021-41222", + "id": "pyup.io-42469", + "more_info_path": "/vulnerabilities/CVE-2021-41222/42469", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -152026,10 +152538,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41201: In affected versions, during execution, 'EinsumHelper::ParseEquation()' is supposed to set the flags in 'input_has_ellipsis' vector and '*output_has_ellipsis' boolean to indicate whether there is ellipsis in the corresponding inputs and output. However, the code only changes these flags to 'true' and never assigns 'false'. This results in unitialized variable access if callers assume that 'EinsumHelper::ParseEquation()' always sets these flags. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm\r\nhttps://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6", - "cve": "CVE-2021-41201", - "id": "pyup.io-42448", - "more_info_path": "/vulnerabilities/CVE-2021-41201/42448", + "advisory": "TensorFlow versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41226: In affected versions, the implementation of 'SparseBinCount' is vulnerable to a heap OOB access. This is because of missing validation between the elements of the 'values' argument and the shape of the sparse output. The fix is also included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8\r\nhttps://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba", + "cve": "CVE-2021-41226", + "id": "pyup.io-42473", + "more_info_path": "/vulnerabilities/CVE-2021-41226/42473", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -152123,10 +152635,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments, if the tensors have an invalid `dtype` and 0 elements or an invalid shape. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23571", - "id": "pyup.io-44856", - "more_info_path": "/vulnerabilities/CVE-2022-23571/44856", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23580: During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7", + "cve": "CVE-2022-23580", + "id": "pyup.io-44865", + "more_info_path": "/vulnerabilities/CVE-2022-23580/44865", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152136,10 +152648,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23581: The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a 'SavedModel' such that 'IsSimplifiableReshape' would trigger 'CHECK' failures.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c", - "cve": "CVE-2022-23581", - "id": "pyup.io-44866", - "more_info_path": "/vulnerabilities/CVE-2022-23581/44866", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21731: The implementation of shape inference for 'ConcatV2' can be used to trigger a denial of service attack via a segfault caused by a type confusion. The 'axis' argument is translated into 'concat_dim' in the 'ConcatShapeHelper' helper function. Then, a value for 'min_rank' is computed based on 'concat_dim'. This is then used to validate that the 'values' tensor has at least the required rank. However, 'WithRankAtLeast' receives the lower bound as a 64-bits value and then compares it against the maximum 32-bits integer value that could be represented. Due to the fact that 'min_rank' is a 32-bits value and the value of 'axis', the 'rank' argument is a negative value, so the error check is bypassed.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m4hf-j54p-p353", + "cve": "CVE-2022-21731", + "id": "pyup.io-44783", + "more_info_path": "/vulnerabilities/CVE-2022-21731/44783", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152149,10 +152661,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23563: In multiple places, TensorFlow uses 'tempfile.mktemp' to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in 'mktemp' and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness). In several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the 'mktemp' function usage. It was replaced 'mktemp' with the safer 'mkstemp'/'mkdtemp' functions, according to the usage pattern.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm", - "cve": "CVE-2022-23563", - "id": "pyup.io-44851", - "more_info_path": "/vulnerabilities/CVE-2022-23563/44851", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments, if the tensors have an invalid `dtype` and 0 elements or an invalid shape. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23571", + "id": "pyup.io-44856", + "more_info_path": "/vulnerabilities/CVE-2022-23571/44856", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152162,10 +152674,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateOutputSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number of dimensions in `output_shape.dim()` or just a small number of dimensions being large enough to cause an overflow in the multiplication. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23576", - "id": "pyup.io-44861", - "more_info_path": "/vulnerabilities/CVE-2022-23576/44861", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21735: The implementation of 'FractionalMaxPool' can be made to crash a TensorFlow process via a division by 0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj", + "cve": "CVE-2022-21735", + "id": "pyup.io-44787", + "more_info_path": "/vulnerabilities/CVE-2022-21735/44787", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152175,10 +152687,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23575", - "id": "pyup.io-44860", - "more_info_path": "/vulnerabilities/CVE-2022-23575/44860", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23557: An attacker can craft a TFLite model that would trigger a division by zero in 'BiasAndClamp' implementation. There is no check that the 'bias_size' is non zero.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v", + "cve": "CVE-2022-23557", + "id": "pyup.io-44845", + "more_info_path": "/vulnerabilities/CVE-2022-23557/44845", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152188,10 +152700,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23569: Multiple operations in TensorFlow can be used to trigger a denial of service via 'CHECK'-fails (i.e., assertion failures). This is similar to CVE-2021-41197 and has a similar fix. It is possible that other similar instances exist.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh", - "cve": "CVE-2022-23569", - "id": "pyup.io-44796", - "more_info_path": "/vulnerabilities/CVE-2022-23569/44796", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21730: The implementation of 'FractionalAvgPoolGrad' does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vjg4-v33c-ggc4", + "cve": "CVE-2022-21730", + "id": "pyup.io-44782", + "more_info_path": "/vulnerabilities/CVE-2022-21730/44782", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152201,10 +152713,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23570", - "id": "pyup.io-44855", - "more_info_path": "/vulnerabilities/CVE-2022-23570/44855", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21737: The implementation of '*Bincount' operations allows malicious users to cause denial of service by passing in arguments which would trigger a 'CHECK'-fail. There are several conditions that the input arguments must satisfy. Some are not caught during shape inference and others are not caught during kernel implementation. This results in 'CHECK' failures later when the output tensors get allocated.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7", + "cve": "CVE-2022-21737", + "id": "pyup.io-44789", + "more_info_path": "/vulnerabilities/CVE-2022-21737/44789", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152214,10 +152726,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23574", - "id": "pyup.io-44859", - "more_info_path": "/vulnerabilities/CVE-2022-23574/44859", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23562: The implementation of 'Range' suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr", + "cve": "CVE-2022-23562", + "id": "pyup.io-44850", + "more_info_path": "/vulnerabilities/CVE-2022-23562/44850", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152227,10 +152739,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21734: The implementation of 'MapStage' is vulnerable to a 'CHECK'-fail if the key tensor is not a scalar.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gcvh-66ff-4mwm", - "cve": "CVE-2022-21734", - "id": "pyup.io-44786", - "more_info_path": "/vulnerabilities/CVE-2022-21734/44786", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23565: An attacker can trigger denial of service via assertion failure by altering a 'SavedModel' on disk such that 'AttrDef's of some operation are duplicated.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx", + "cve": "CVE-2022-23565", + "id": "pyup.io-44853", + "more_info_path": "/vulnerabilities/CVE-2022-23565/44853", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152240,10 +152752,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21729: The implementation of 'UnravelIndex' is vulnerable to a division by zero caused by an integer overflow bug.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-34f9-hjfq-rr8j", - "cve": "CVE-2022-21729", - "id": "pyup.io-44781", - "more_info_path": "/vulnerabilities/CVE-2022-21729/44781", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23567: The implementations of 'Sparse*Cwise*' ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based denial of service) or 'CHECK'-fails when building new 'TensorShape' objects (so, assert failures based denial of service). There are missing some validation on the shapes of the input tensors as well as directly constructing a large 'TensorShape' with user-provided dimensions.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrx2-r989-2c43", + "cve": "CVE-2022-23567", + "id": "pyup.io-44794", + "more_info_path": "/vulnerabilities/CVE-2022-23567/44794", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152253,10 +152765,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21741: An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj", - "cve": "CVE-2022-21741", - "id": "pyup.io-44793", - "more_info_path": "/vulnerabilities/CVE-2022-21741/44793", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23581: The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a 'SavedModel' such that 'IsSimplifiableReshape' would trigger 'CHECK' failures.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c", + "cve": "CVE-2022-23581", + "id": "pyup.io-44866", + "more_info_path": "/vulnerabilities/CVE-2022-23581/44866", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152266,10 +152778,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a reference `dtype`. This would result in a crash due to a `CHECK`-fail in the `Tensor` constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23588", - "id": "pyup.io-44873", - "more_info_path": "/vulnerabilities/CVE-2022-23588/44873", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23561: An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c78-vcq7-7vxq", + "cve": "CVE-2022-23561", + "id": "pyup.io-44849", + "more_info_path": "/vulnerabilities/CVE-2022-23561/44849", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152279,10 +152791,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23591: The 'GraphDef' format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a 'GraphDef' containing a fragment such as the following can be consumed when loading a 'SavedModel'. This would result in a stack overflow during execution as resolving each 'NodeDef' means resolving the function itself and its nodes.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7", - "cve": "CVE-2022-23591", - "id": "pyup.io-44876", - "more_info_path": "/vulnerabilities/CVE-2022-23591/44876", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23587", + "id": "pyup.io-44872", + "more_info_path": "/vulnerabilities/CVE-2022-23587/44872", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152292,10 +152804,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23561: An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c78-vcq7-7vxq", - "cve": "CVE-2022-23561", - "id": "pyup.io-44849", - "more_info_path": "/vulnerabilities/CVE-2022-23561/44849", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., &decode)`, the `decode` value contains allocated buffers which can only be freed by calling `png::CommonFreeDecode(&decode)`. However, several error case in the function implementation invoke the `OP_REQUIRES` macro which immediately terminates the execution of the function, without allowing for the memory free to occur. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23585", + "id": "pyup.io-44870", + "more_info_path": "/vulnerabilities/CVE-2022-23585/44870", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152305,10 +152817,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23577", - "id": "pyup.io-44862", - "more_info_path": "/vulnerabilities/CVE-2022-23577/44862", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23568: The implementation of 'AddManySparseToTensorsMap' is vulnerable to an integer overflow which results in a 'CHECK'-fail when building new 'TensorShape' objects (so, an assert failure based denial of service). There are missing some validation on the shapes of the input tensors as well as directly constructing a large 'TensorShape' with user-provided dimensions.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6445-fm66-fvq2", + "cve": "CVE-2022-23568", + "id": "pyup.io-44795", + "more_info_path": "/vulnerabilities/CVE-2022-23568/44795", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152318,10 +152830,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21739: The implementation of 'QuantizedMaxPool' has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5", - "cve": "CVE-2022-21739", - "id": "pyup.io-44791", - "more_info_path": "/vulnerabilities/CVE-2022-21739/44791", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23560: An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v", + "cve": "CVE-2022-23560", + "id": "pyup.io-44848", + "more_info_path": "/vulnerabilities/CVE-2022-23560/44848", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152331,10 +152843,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21736: The implementation of 'SparseTensorSliceDataset' has an undefined behavior: under certain conditions, it can be made to dereference a 'nullptr' value. The 3 input arguments to 'SparseTensorSliceDataset' represent a sparse tensor. However, there are some preconditions that these arguments must satisfy, but these are not validated in the implementation.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9", - "cve": "CVE-2022-21736", - "id": "pyup.io-44788", - "more_info_path": "/vulnerabilities/CVE-2022-21736/44788", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the 'DCHECK' function however, 'DCHECK' is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the 'ValueOrDie' line. This results in an assertion failure as 'ret' contains an error 'Status', not a value. In the second case we also get a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23572", + "id": "pyup.io-44857", + "more_info_path": "/vulnerabilities/CVE-2022-23572/44857", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152344,10 +152856,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23582: A malicious user can cause a denial of service by altering a 'SavedModel' such that 'TensorByteSize' would trigger 'CHECK' failures. 'TensorShape' constructor throws a 'CHECK'-fail if shape is partial or has a number of elements that would overflow the size of an 'int'. The 'PartialTensorShape' constructor instead does not cause a 'CHECK'-abort if the shape is partial, which is exactly what this function needs to be able to return '-1'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4j82-5ccr-4r8v", - "cve": "CVE-2022-23582", - "id": "pyup.io-44867", - "more_info_path": "/vulnerabilities/CVE-2022-23582/44867", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item->kernel` to `nullptr` but it is a simple `OpKernel*` pointer so the memory that was previously allocated to it would leak. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23578", + "id": "pyup.io-44863", + "more_info_path": "/vulnerabilities/CVE-2022-23578/44863", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152357,10 +152869,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23587", - "id": "pyup.io-44872", - "more_info_path": "/vulnerabilities/CVE-2022-23587/44872", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21729: The implementation of 'UnravelIndex' is vulnerable to a division by zero caused by an integer overflow bug.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-34f9-hjfq-rr8j", + "cve": "CVE-2022-21729", + "id": "pyup.io-44781", + "more_info_path": "/vulnerabilities/CVE-2022-21729/44781", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152370,10 +152882,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23573", - "id": "pyup.io-44858", - "more_info_path": "/vulnerabilities/CVE-2022-23573/44858", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a reference `dtype`. This would result in a crash due to a `CHECK`-fail in the `Tensor` constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23588", + "id": "pyup.io-44873", + "more_info_path": "/vulnerabilities/CVE-2022-23588/44873", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152383,10 +152895,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23566", - "id": "pyup.io-44854", - "more_info_path": "/vulnerabilities/CVE-2022-23566/44854", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23591: The 'GraphDef' format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a 'GraphDef' containing a fragment such as the following can be consumed when loading a 'SavedModel'. This would result in a stack overflow during execution as resolving each 'NodeDef' means resolving the function itself and its nodes.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-247x-2f9f-5wp7", + "cve": "CVE-2022-23591", + "id": "pyup.io-44876", + "more_info_path": "/vulnerabilities/CVE-2022-23591/44876", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152396,10 +152908,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23579: The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a 'SavedModel' such that 'SafeToRemoveIdentity' would trigger 'CHECK' failures.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5f2r-qp73-37mr", - "cve": "CVE-2022-23579", - "id": "pyup.io-44864", - "more_info_path": "/vulnerabilities/CVE-2022-23579/44864", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23559: An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both 'embedding_size' and 'lookup_size' are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5", + "cve": "CVE-2022-23559", + "id": "pyup.io-44847", + "more_info_path": "/vulnerabilities/CVE-2022-23559/44847", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152409,10 +152921,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21733: The implementation of 'StringNGrams' can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. There is missing a validation on 'pad_witdh' and that result in computing a negative value for 'ngram_width' which is later used to allocate parts of the output.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-98j8-c9q4-r38g", - "cve": "CVE-2022-21733", - "id": "pyup.io-44785", - "more_info_path": "/vulnerabilities/CVE-2022-21733/44785", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a 'SavedModel' such that any binary op would trigger 'CHECK' failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the 'dtype' no longer matches the 'dtype' expected by the op. In that case, calling the templated binary operator for the binary op would receive corrupted data, due to the type confusion involved. If 'Tin' and 'Tout' don't match the type of data in 'out' and 'input_*' tensors then 'flat<*>' would interpret it wrongly. In most cases, this would be a silent failure, but we have noticed scenarios where this results in a 'CHECK' crash, hence a denial of service. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23583", + "id": "pyup.io-44868", + "more_info_path": "/vulnerabilities/CVE-2022-23583/44868", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152422,10 +152934,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., &decode)`, the `decode` value contains allocated buffers which can only be freed by calling `png::CommonFreeDecode(&decode)`. However, several error case in the function implementation invoke the `OP_REQUIRES` macro which immediately terminates the execution of the function, without allowing for the memory free to occur. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23585", - "id": "pyup.io-44870", - "more_info_path": "/vulnerabilities/CVE-2022-23585/44870", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23575", + "id": "pyup.io-44860", + "more_info_path": "/vulnerabilities/CVE-2022-23575/44860", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152435,10 +152947,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23565: An attacker can trigger denial of service via assertion failure by altering a 'SavedModel' on disk such that 'AttrDef's of some operation are duplicated.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx", - "cve": "CVE-2022-23565", - "id": "pyup.io-44853", - "more_info_path": "/vulnerabilities/CVE-2022-23565/44853", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23570", + "id": "pyup.io-44855", + "more_info_path": "/vulnerabilities/CVE-2022-23570/44855", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152448,10 +152960,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23568: The implementation of 'AddManySparseToTensorsMap' is vulnerable to an integer overflow which results in a 'CHECK'-fail when building new 'TensorShape' objects (so, an assert failure based denial of service). There are missing some validation on the shapes of the input tensors as well as directly constructing a large 'TensorShape' with user-provided dimensions.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6445-fm66-fvq2", - "cve": "CVE-2022-23568", - "id": "pyup.io-44795", - "more_info_path": "/vulnerabilities/CVE-2022-23568/44795", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21738: The implementation of 'SparseCountSparseOutput' can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6", + "cve": "CVE-2022-21738", + "id": "pyup.io-44790", + "more_info_path": "/vulnerabilities/CVE-2022-21738/44790", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152461,10 +152973,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23562: The implementation of 'Range' suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr", - "cve": "CVE-2022-23562", - "id": "pyup.io-44850", - "more_info_path": "/vulnerabilities/CVE-2022-23562/44850", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23589", + "id": "pyup.io-44874", + "more_info_path": "/vulnerabilities/CVE-2022-23589/44874", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152474,10 +152986,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23567: The implementations of 'Sparse*Cwise*' ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based denial of service) or 'CHECK'-fails when building new 'TensorShape' objects (so, assert failures based denial of service). There are missing some validation on the shapes of the input tensors as well as directly constructing a large 'TensorShape' with user-provided dimensions.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrx2-r989-2c43", - "cve": "CVE-2022-23567", - "id": "pyup.io-44794", - "more_info_path": "/vulnerabilities/CVE-2022-23567/44794", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21728: The implementation of shape inference for 'ReverseSequence' does not fully validate the value of 'batch_dim' and can result in a heap OOB read. There is a check to make sure the value of 'batch_dim' does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of 'Dim' would access elements before the start of an array.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gmv-pjp9-p8w8", + "cve": "CVE-2022-21728", + "id": "pyup.io-44780", + "more_info_path": "/vulnerabilities/CVE-2022-21728/44780", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152487,10 +152999,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21738: The implementation of 'SparseCountSparseOutput' can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6", - "cve": "CVE-2022-21738", - "id": "pyup.io-44790", - "more_info_path": "/vulnerabilities/CVE-2022-21738/44790", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23558: An attacker can craft a TFLite model that would cause an integer overflow in 'TfLiteIntArrayCreate'. The 'TfLiteIntArrayGetSizeInBytes' returns an 'int' instead of a 'size_t'. An attacker can control model inputs such that 'computed_size' overflows the size of 'int' datatype.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9gwq-6cwj-47h3", + "cve": "CVE-2022-23558", + "id": "pyup.io-44846", + "more_info_path": "/vulnerabilities/CVE-2022-23558/44846", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152500,10 +153012,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21732: The implementation of 'ThreadPoolHandle' can be used to trigger a denial of service attack by allocating too much memory. This is because the 'num_threads' argument is only checked to not be negative, but there is no upper bound on its value.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq", - "cve": "CVE-2022-21732", - "id": "pyup.io-44784", - "more_info_path": "/vulnerabilities/CVE-2022-21732/44784", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23579: The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a 'SavedModel' such that 'SafeToRemoveIdentity' would trigger 'CHECK' failures.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5f2r-qp73-37mr", + "cve": "CVE-2022-23579", + "id": "pyup.io-44864", + "more_info_path": "/vulnerabilities/CVE-2022-23579/44864", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152513,10 +153025,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23559: An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both 'embedding_size' and 'lookup_size' are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5", - "cve": "CVE-2022-23559", - "id": "pyup.io-44847", - "more_info_path": "/vulnerabilities/CVE-2022-23559/44847", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21733: The implementation of 'StringNGrams' can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. There is missing a validation on 'pad_witdh' and that result in computing a negative value for 'ngram_width' which is later used to allocate parts of the output.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-98j8-c9q4-r38g", + "cve": "CVE-2022-21733", + "id": "pyup.io-44785", + "more_info_path": "/vulnerabilities/CVE-2022-21733/44785", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152526,10 +153038,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23560: An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v", - "cve": "CVE-2022-23560", - "id": "pyup.io-44848", - "more_info_path": "/vulnerabilities/CVE-2022-23560/44848", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23563: In multiple places, TensorFlow uses 'tempfile.mktemp' to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in 'mktemp' and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness). In several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the 'mktemp' function usage. It was replaced 'mktemp' with the safer 'mkstemp'/'mkdtemp' functions, according to the usage pattern.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm", + "cve": "CVE-2022-23563", + "id": "pyup.io-44851", + "more_info_path": "/vulnerabilities/CVE-2022-23563/44851", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152539,10 +153051,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a 'SavedModel' such that any binary op would trigger 'CHECK' failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the 'dtype' no longer matches the 'dtype' expected by the op. In that case, calling the templated binary operator for the binary op would receive corrupted data, due to the type confusion involved. If 'Tin' and 'Tout' don't match the type of data in 'out' and 'input_*' tensors then 'flat<*>' would interpret it wrongly. In most cases, this would be a silent failure, but we have noticed scenarios where this results in a 'CHECK' crash, hence a denial of service. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23583", - "id": "pyup.io-44868", - "more_info_path": "/vulnerabilities/CVE-2022-23583/44868", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateOutputSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number of dimensions in `output_shape.dim()` or just a small number of dimensions being large enough to cause an overflow in the multiplication. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23576", + "id": "pyup.io-44861", + "more_info_path": "/vulnerabilities/CVE-2022-23576/44861", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152552,10 +153064,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23564: When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a 'CHECK' assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3", - "cve": "CVE-2022-23564", - "id": "pyup.io-44852", - "more_info_path": "/vulnerabilities/CVE-2022-23564/44852", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23586", + "id": "pyup.io-44871", + "more_info_path": "/vulnerabilities/CVE-2022-23586/44871", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152565,10 +153077,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21725: The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f", - "cve": "CVE-2022-21725", - "id": "pyup.io-44777", - "more_info_path": "/vulnerabilities/CVE-2022-21725/44777", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23564: When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a 'CHECK' assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3", + "cve": "CVE-2022-23564", + "id": "pyup.io-44852", + "more_info_path": "/vulnerabilities/CVE-2022-23564/44852", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152578,10 +153090,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23586", - "id": "pyup.io-44871", - "more_info_path": "/vulnerabilities/CVE-2022-23586/44871", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21725: The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f", + "cve": "CVE-2022-21725", + "id": "pyup.io-44777", + "more_info_path": "/vulnerabilities/CVE-2022-21725/44777", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152591,10 +153103,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23557: An attacker can craft a TFLite model that would trigger a division by zero in 'BiasAndClamp' implementation. There is no check that the 'bias_size' is non zero.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v", - "cve": "CVE-2022-23557", - "id": "pyup.io-44845", - "more_info_path": "/vulnerabilities/CVE-2022-23557/44845", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21727: The implementation of shape inference for 'Dequantize' is vulnerable to an integer overflow weakness. The 'axis' argument can be '-1' (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes 'axis + 1', an attacker can trigger an integer overflow.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-c6fh-56w7-fvjw", + "cve": "CVE-2022-21727", + "id": "pyup.io-44779", + "more_info_path": "/vulnerabilities/CVE-2022-21727/44779", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152604,10 +153116,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23589", - "id": "pyup.io-44874", - "more_info_path": "/vulnerabilities/CVE-2022-23589/44874", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23595: When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so 'flr->config_proto' is 'nullptr'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx", + "cve": "CVE-2022-23595", + "id": "pyup.io-44880", + "more_info_path": "/vulnerabilities/CVE-2022-23595/44880", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152617,10 +153129,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21731: The implementation of shape inference for 'ConcatV2' can be used to trigger a denial of service attack via a segfault caused by a type confusion. The 'axis' argument is translated into 'concat_dim' in the 'ConcatShapeHelper' helper function. Then, a value for 'min_rank' is computed based on 'concat_dim'. This is then used to validate that the 'values' tensor has at least the required rank. However, 'WithRankAtLeast' receives the lower bound as a 64-bits value and then compares it against the maximum 32-bits integer value that could be represented. Due to the fact that 'min_rank' is a 32-bits value and the value of 'axis', the 'rank' argument is a negative value, so the error check is bypassed.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m4hf-j54p-p353", - "cve": "CVE-2022-21731", - "id": "pyup.io-44783", - "more_info_path": "/vulnerabilities/CVE-2022-21731/44783", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23573", + "id": "pyup.io-44858", + "more_info_path": "/vulnerabilities/CVE-2022-23573/44858", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152630,10 +153142,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21728: The implementation of shape inference for 'ReverseSequence' does not fully validate the value of 'batch_dim' and can result in a heap OOB read. There is a check to make sure the value of 'batch_dim' does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of 'Dim' would access elements before the start of an array.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gmv-pjp9-p8w8", - "cve": "CVE-2022-21728", - "id": "pyup.io-44780", - "more_info_path": "/vulnerabilities/CVE-2022-21728/44780", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21736: The implementation of 'SparseTensorSliceDataset' has an undefined behavior: under certain conditions, it can be made to dereference a 'nullptr' value. The 3 input arguments to 'SparseTensorSliceDataset' represent a sparse tensor. However, there are some preconditions that these arguments must satisfy, but these are not validated in the implementation.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9", + "cve": "CVE-2022-21736", + "id": "pyup.io-44788", + "more_info_path": "/vulnerabilities/CVE-2022-21736/44788", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152656,10 +153168,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21735: The implementation of 'FractionalMaxPool' can be made to crash a TensorFlow process via a division by 0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj", - "cve": "CVE-2022-21735", - "id": "pyup.io-44787", - "more_info_path": "/vulnerabilities/CVE-2022-21735/44787", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21726: The implementation of 'Dequantize' does not fully validate the value of 'axis' and can result in heap OOB accesses. The 'axis' argument can be '-1' (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-23hm-7w47-xw72", + "cve": "CVE-2022-21726", + "id": "pyup.io-44778", + "more_info_path": "/vulnerabilities/CVE-2022-21726/44778", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152669,10 +153181,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23558: An attacker can craft a TFLite model that would cause an integer overflow in 'TfLiteIntArrayCreate'. The 'TfLiteIntArrayGetSizeInBytes' returns an 'int' instead of a 'size_t'. An attacker can control model inputs such that 'computed_size' overflows the size of 'int' datatype.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9gwq-6cwj-47h3", - "cve": "CVE-2022-23558", - "id": "pyup.io-44846", - "more_info_path": "/vulnerabilities/CVE-2022-23558/44846", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21740: The implementation of 'SparseCountSparseOutput' is vulnerable to a heap overflow.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r", + "cve": "CVE-2022-21740", + "id": "pyup.io-44792", + "more_info_path": "/vulnerabilities/CVE-2022-21740/44792", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152682,10 +153194,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the 'DCHECK' function however, 'DCHECK' is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the 'ValueOrDie' line. This results in an assertion failure as 'ret' contains an error 'Status', not a value. In the second case we also get a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23572", - "id": "pyup.io-44857", - "more_info_path": "/vulnerabilities/CVE-2022-23572/44857", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23574", + "id": "pyup.io-44859", + "more_info_path": "/vulnerabilities/CVE-2022-23574/44859", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152695,10 +153207,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item->kernel` to `nullptr` but it is a simple `OpKernel*` pointer so the memory that was previously allocated to it would leak. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23578", - "id": "pyup.io-44863", - "more_info_path": "/vulnerabilities/CVE-2022-23578/44863", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21734: The implementation of 'MapStage' is vulnerable to a 'CHECK'-fail if the key tensor is not a scalar.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gcvh-66ff-4mwm", + "cve": "CVE-2022-21734", + "id": "pyup.io-44786", + "more_info_path": "/vulnerabilities/CVE-2022-21734/44786", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152708,10 +153220,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21726: The implementation of 'Dequantize' does not fully validate the value of 'axis' and can result in heap OOB accesses. The 'axis' argument can be '-1' (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-23hm-7w47-xw72", - "cve": "CVE-2022-21726", - "id": "pyup.io-44778", - "more_info_path": "/vulnerabilities/CVE-2022-21726/44778", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23569: Multiple operations in TensorFlow can be used to trigger a denial of service via 'CHECK'-fails (i.e., assertion failures). This is similar to CVE-2021-41197 and has a similar fix. It is possible that other similar instances exist.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh", + "cve": "CVE-2022-23569", + "id": "pyup.io-44796", + "more_info_path": "/vulnerabilities/CVE-2022-23569/44796", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152721,10 +153233,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21730: The implementation of 'FractionalAvgPoolGrad' does not consider cases where the input tensors are invalid allowing an attacker to read from outside of bounds of heap.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vjg4-v33c-ggc4", - "cve": "CVE-2022-21730", - "id": "pyup.io-44782", - "more_info_path": "/vulnerabilities/CVE-2022-21730/44782", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21741: An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj", + "cve": "CVE-2022-21741", + "id": "pyup.io-44793", + "more_info_path": "/vulnerabilities/CVE-2022-21741/44793", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152734,10 +153246,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21737: The implementation of '*Bincount' operations allows malicious users to cause denial of service by passing in arguments which would trigger a 'CHECK'-fail. There are several conditions that the input arguments must satisfy. Some are not caught during shape inference and others are not caught during kernel implementation. This results in 'CHECK' failures later when the output tensors get allocated.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7", - "cve": "CVE-2022-21737", - "id": "pyup.io-44789", - "more_info_path": "/vulnerabilities/CVE-2022-21737/44789", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23577", + "id": "pyup.io-44862", + "more_info_path": "/vulnerabilities/CVE-2022-23577/44862", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152747,10 +153259,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21727: The implementation of shape inference for 'Dequantize' is vulnerable to an integer overflow weakness. The 'axis' argument can be '-1' (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes 'axis + 1', an attacker can trigger an integer overflow.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-c6fh-56w7-fvjw", - "cve": "CVE-2022-21727", - "id": "pyup.io-44779", - "more_info_path": "/vulnerabilities/CVE-2022-21727/44779", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21739: The implementation of 'QuantizedMaxPool' has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5", + "cve": "CVE-2022-21739", + "id": "pyup.io-44791", + "more_info_path": "/vulnerabilities/CVE-2022-21739/44791", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152760,10 +153272,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21740: The implementation of 'SparseCountSparseOutput' is vulnerable to a heap overflow.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r", - "cve": "CVE-2022-21740", - "id": "pyup.io-44792", - "more_info_path": "/vulnerabilities/CVE-2022-21740/44792", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23582: A malicious user can cause a denial of service by altering a 'SavedModel' such that 'TensorByteSize' would trigger 'CHECK' failures. 'TensorShape' constructor throws a 'CHECK'-fail if shape is partial or has a number of elements that would overflow the size of an 'int'. The 'PartialTensorShape' constructor instead does not cause a 'CHECK'-abort if the shape is partial, which is exactly what this function needs to be able to return '-1'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4j82-5ccr-4r8v", + "cve": "CVE-2022-23582", + "id": "pyup.io-44867", + "more_info_path": "/vulnerabilities/CVE-2022-23582/44867", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152773,10 +153285,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23580: During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7", - "cve": "CVE-2022-23580", - "id": "pyup.io-44865", - "more_info_path": "/vulnerabilities/CVE-2022-23580/44865", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23566", + "id": "pyup.io-44854", + "more_info_path": "/vulnerabilities/CVE-2022-23566/44854", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152786,10 +153298,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23595: When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so 'flr->config_proto' is 'nullptr'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx", - "cve": "CVE-2022-23595", - "id": "pyup.io-44880", - "more_info_path": "/vulnerabilities/CVE-2022-23595/44880", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21732: The implementation of 'ThreadPoolHandle' can be used to trigger a denial of service attack by allocating too much memory. This is because the 'num_threads' argument is only checked to not be negative, but there is no upper bound on its value.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq", + "cve": "CVE-2022-21732", + "id": "pyup.io-44784", + "more_info_path": "/vulnerabilities/CVE-2022-21732/44784", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -152799,10 +153311,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3 and 2.7.1 include a fix for CVE-2021-41206: In affected versions, several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or 'CHECK'-fail related crashes but in some scenarios writes and reads from heap populated arrays are also possible. These issues were discovered internally via tooling while working on improving/testing GPU op determinism. As such, there aren't reproducers and there will be multiple fixes for these issues.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-43q8-3fv7-pr5x", - "cve": "CVE-2021-41206", - "id": "pyup.io-42453", - "more_info_path": "/vulnerabilities/CVE-2021-41206/42453", + "advisory": "Tensorflow versions 2.5.3, 2.6.3 and 2.7.1 include a fix for CVE-2021-41208: In affected versions, the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service (via dereferencing 'nullptr's or via 'CHECK'-failures) as well as abuse undefined behavior (binding references to 'nullptr's). An attacker can also read and write from heap buffers, depending on the API that gets used and the arguments that are passed to the call. Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs. TensorFlow's boosted trees APIs will be deprecated in subsequent releases.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88\r\nhttps://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r", + "cve": "CVE-2021-41208", + "id": "pyup.io-42455", + "more_info_path": "/vulnerabilities/CVE-2021-41208/42455", "specs": [ "<2.5.3", ">=2.6.0rc0,<2.6.3", @@ -152811,10 +153323,10 @@ "v": "<2.5.3,>=2.6.0rc0,<2.6.3,>=2.7.0rc0,<2.7.1" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3 and 2.7.1 include a fix for CVE-2021-41208: In affected versions, the code for boosted trees in TensorFlow is still missing validation. As a result, attackers can trigger denial of service (via dereferencing 'nullptr's or via 'CHECK'-failures) as well as abuse undefined behavior (binding references to 'nullptr's). An attacker can also read and write from heap buffers, depending on the API that gets used and the arguments that are passed to the call. Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs. TensorFlow's boosted trees APIs will be deprecated in subsequent releases.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88\r\nhttps://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r", - "cve": "CVE-2021-41208", - "id": "pyup.io-42455", - "more_info_path": "/vulnerabilities/CVE-2021-41208/42455", + "advisory": "Tensorflow versions 2.5.3, 2.6.3 and 2.7.1 include a fix for CVE-2021-41206: In affected versions, several TensorFlow operations are missing validation for the shapes of the tensor arguments involved in the call. Depending on the API, this can result in undefined behavior and segfault or 'CHECK'-fail related crashes but in some scenarios writes and reads from heap populated arrays are also possible. These issues were discovered internally via tooling while working on improving/testing GPU op determinism. As such, there aren't reproducers and there will be multiple fixes for these issues.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-43q8-3fv7-pr5x", + "cve": "CVE-2021-41206", + "id": "pyup.io-42453", + "more_info_path": "/vulnerabilities/CVE-2021-41206/42453", "specs": [ "<2.5.3", ">=2.6.0rc0,<2.6.3", @@ -152862,10 +153374,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Affected versions of Tensorflow are vulnerable to Denial of Service in the implementation of depthwise ops via CHECK-failure (assertion failure) caused by overflowing the number of elements in a tensor. This is another instance of TFSA-2021-198 (CVE-2021-41197).", - "cve": "PVE-2024-71511", - "id": "pyup.io-71511", - "more_info_path": "/vulnerabilities/PVE-2024-71511/71511", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29206: Missing validation which results in undefined behavior in 'SparseTensorDenseAdd'.", + "cve": "CVE-2022-29206", + "id": "pyup.io-48645", + "more_info_path": "/vulnerabilities/CVE-2022-29206/48645", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152888,10 +153400,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29208: Segfault and OOB write due to incomplete validation in 'EditDistance'.", - "cve": "CVE-2022-29208", - "id": "pyup.io-48649", - "more_info_path": "/vulnerabilities/CVE-2022-29208/48649", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27779.", + "cve": "CVE-2022-27779", + "id": "pyup.io-48660", + "more_info_path": "/vulnerabilities/CVE-2022-27779/48660", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152901,10 +153413,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-22576.", - "cve": "CVE-2022-22576", - "id": "pyup.io-48655", - "more_info_path": "/vulnerabilities/CVE-2022-22576/48655", + "advisory": "Affected versions of Tensorflow are vulnerable to Denial of Service in the implementation of depthwise ops via CHECK-failure (assertion failure) caused by overflowing the number of elements in a tensor. This is another instance of TFSA-2021-198 (CVE-2021-41197).", + "cve": "PVE-2024-71511", + "id": "pyup.io-71511", + "more_info_path": "/vulnerabilities/PVE-2024-71511/71511", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152914,10 +153426,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29193: missing validation which causes 'TensorSummaryV2' to crash.", - "cve": "CVE-2022-29193", - "id": "pyup.io-48633", - "more_info_path": "/vulnerabilities/CVE-2022-29193/48633", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29212: Core dump when loading TFLite models with quantization.", + "cve": "CVE-2022-29212", + "id": "pyup.io-48652", + "more_info_path": "/vulnerabilities/CVE-2022-29212/48652", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152927,10 +153439,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29204: Missing validation which causes denial of service via 'Conv3DBackpropFilterV2'.", - "cve": "CVE-2022-29204", - "id": "pyup.io-48647", - "more_info_path": "/vulnerabilities/CVE-2022-29204/48647", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29203: Integer overflow in 'SpaceToBatchND'.", + "cve": "CVE-2022-29203", + "id": "pyup.io-48648", + "more_info_path": "/vulnerabilities/CVE-2022-29203/48648", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152940,10 +153452,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29209: Type confusion leading to 'CHECK'-failure based denial of service.", - "cve": "CVE-2022-29209", - "id": "pyup.io-48654", - "more_info_path": "/vulnerabilities/CVE-2022-29209/48654", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29198: Missing validation which causes denial of service via 'SparseTensorToCSRSparseMatrix'.", + "cve": "CVE-2022-29198", + "id": "pyup.io-48640", + "more_info_path": "/vulnerabilities/CVE-2022-29198/48640", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152953,10 +153465,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29211: Segfault when 'tf.histogram_fixed_width' is called with NaN values.", - "cve": "CVE-2022-29211", - "id": "pyup.io-48651", - "more_info_path": "/vulnerabilities/CVE-2022-29211/48651", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29195: Missing validation which causes denial of service via 'StagePeek'.", + "cve": "CVE-2022-29195", + "id": "pyup.io-48637", + "more_info_path": "/vulnerabilities/CVE-2022-29195/48637", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152966,10 +153478,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29212: Core dump when loading TFLite models with quantization.", - "cve": "CVE-2022-29212", - "id": "pyup.io-48652", - "more_info_path": "/vulnerabilities/CVE-2022-29212/48652", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29197: Missing validation which causes denial of service via 'UnsortedSegmentJoin'.", + "cve": "CVE-2022-29197", + "id": "pyup.io-48638", + "more_info_path": "/vulnerabilities/CVE-2022-29197/48638", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152979,10 +153491,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29213: Crashes stemming from incomplete validation in signal ops.", - "cve": "CVE-2022-29213", - "id": "pyup.io-48653", - "more_info_path": "/vulnerabilities/CVE-2022-29213/48653", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29205: Segfault due to missing support for quantized types.", + "cve": "CVE-2022-29205", + "id": "pyup.io-48644", + "more_info_path": "/vulnerabilities/CVE-2022-29205/48644", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -152992,10 +153504,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29195: Missing validation which causes denial of service via 'StagePeek'.", - "cve": "CVE-2022-29195", - "id": "pyup.io-48637", - "more_info_path": "/vulnerabilities/CVE-2022-29195/48637", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29192: missing validation which crashes 'QuantizeAndDequantizeV4Grad'.", + "cve": "CVE-2022-29192", + "id": "pyup.io-48634", + "more_info_path": "/vulnerabilities/CVE-2022-29192/48634", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153005,10 +153517,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27774.", - "cve": "CVE-2022-27774", - "id": "pyup.io-48656", - "more_info_path": "/vulnerabilities/CVE-2022-27774/48656", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29209: Type confusion leading to 'CHECK'-failure based denial of service.", + "cve": "CVE-2022-29209", + "id": "pyup.io-48654", + "more_info_path": "/vulnerabilities/CVE-2022-29209/48654", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153018,10 +153530,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27775.", - "cve": "CVE-2022-27775", - "id": "pyup.io-48657", - "more_info_path": "/vulnerabilities/CVE-2022-27775/48657", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29208: Segfault and OOB write due to incomplete validation in 'EditDistance'.", + "cve": "CVE-2022-29208", + "id": "pyup.io-48649", + "more_info_path": "/vulnerabilities/CVE-2022-29208/48649", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153031,10 +153543,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27782.", - "cve": "CVE-2022-27782", - "id": "pyup.io-48663", - "more_info_path": "/vulnerabilities/CVE-2022-27782/48663", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-22576.", + "cve": "CVE-2022-22576", + "id": "pyup.io-48655", + "more_info_path": "/vulnerabilities/CVE-2022-22576/48655", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153044,10 +153556,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29197: Missing validation which causes denial of service via 'UnsortedSegmentJoin'.", - "cve": "CVE-2022-29197", - "id": "pyup.io-48638", - "more_info_path": "/vulnerabilities/CVE-2022-29197/48638", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29211: Segfault when 'tf.histogram_fixed_width' is called with NaN values.", + "cve": "CVE-2022-29211", + "id": "pyup.io-48651", + "more_info_path": "/vulnerabilities/CVE-2022-29211/48651", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153057,10 +153569,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27780.", - "cve": "CVE-2022-27780", - "id": "pyup.io-48661", - "more_info_path": "/vulnerabilities/CVE-2022-27780/48661", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27781.", + "cve": "CVE-2022-27781", + "id": "pyup.io-48662", + "more_info_path": "/vulnerabilities/CVE-2022-27781/48662", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153070,10 +153582,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29205: Segfault due to missing support for quantized types.", - "cve": "CVE-2022-29205", - "id": "pyup.io-48644", - "more_info_path": "/vulnerabilities/CVE-2022-29205/48644", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27780.", + "cve": "CVE-2022-27780", + "id": "pyup.io-48661", + "more_info_path": "/vulnerabilities/CVE-2022-27780/48661", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153083,10 +153595,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27781.", - "cve": "CVE-2022-27781", - "id": "pyup.io-48662", - "more_info_path": "/vulnerabilities/CVE-2022-27781/48662", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27776.", + "cve": "CVE-2022-27776", + "id": "pyup.io-48658", + "more_info_path": "/vulnerabilities/CVE-2022-27776/48658", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153096,10 +153608,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29202: Denial of service in 'tf.ragged.constant' due to lack of validation.", - "cve": "CVE-2022-29202", - "id": "pyup.io-48650", - "more_info_path": "/vulnerabilities/CVE-2022-29202/48650", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27774.", + "cve": "CVE-2022-27774", + "id": "pyup.io-48656", + "more_info_path": "/vulnerabilities/CVE-2022-27774/48656", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153109,10 +153621,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29198: Missing validation which causes denial of service via 'SparseTensorToCSRSparseMatrix'.", - "cve": "CVE-2022-29198", - "id": "pyup.io-48640", - "more_info_path": "/vulnerabilities/CVE-2022-29198/48640", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29199: Missing validation which causes denial of service via 'LoadAndRemapMatrix'.", + "cve": "CVE-2022-29199", + "id": "pyup.io-48639", + "more_info_path": "/vulnerabilities/CVE-2022-29199/48639", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153122,10 +153634,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27776.", - "cve": "CVE-2022-27776", - "id": "pyup.io-48658", - "more_info_path": "/vulnerabilities/CVE-2022-27776/48658", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'zlib' to v1.2.12 to handle CVE-2018-25032.", + "cve": "CVE-2018-25032", + "id": "pyup.io-48665", + "more_info_path": "/vulnerabilities/CVE-2018-25032/48665", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153135,10 +153647,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29199: Missing validation which causes denial of service via 'LoadAndRemapMatrix'.", - "cve": "CVE-2022-29199", - "id": "pyup.io-48639", - "more_info_path": "/vulnerabilities/CVE-2022-29199/48639", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27775.", + "cve": "CVE-2022-27775", + "id": "pyup.io-48657", + "more_info_path": "/vulnerabilities/CVE-2022-27775/48657", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153148,10 +153660,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27779.", - "cve": "CVE-2022-27779", - "id": "pyup.io-48660", - "more_info_path": "/vulnerabilities/CVE-2022-27779/48660", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27782.", + "cve": "CVE-2022-27782", + "id": "pyup.io-48663", + "more_info_path": "/vulnerabilities/CVE-2022-27782/48663", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153161,10 +153673,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'zlib' to v1.2.12 to handle CVE-2018-25032.", - "cve": "CVE-2018-25032", - "id": "pyup.io-48665", - "more_info_path": "/vulnerabilities/CVE-2018-25032/48665", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27778.", + "cve": "CVE-2022-27778", + "id": "pyup.io-48659", + "more_info_path": "/vulnerabilities/CVE-2022-27778/48659", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153174,10 +153686,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29203: Integer overflow in 'SpaceToBatchND'.", - "cve": "CVE-2022-29203", - "id": "pyup.io-48648", - "more_info_path": "/vulnerabilities/CVE-2022-29203/48648", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-30115.", + "cve": "CVE-2022-30115", + "id": "pyup.io-48664", + "more_info_path": "/vulnerabilities/CVE-2022-30115/48664", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153187,10 +153699,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27778.", - "cve": "CVE-2022-27778", - "id": "pyup.io-48659", - "more_info_path": "/vulnerabilities/CVE-2022-27778/48659", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29207: Issues arising from undefined behavior stemming from users supplying invalid resource handles.", + "cve": "CVE-2022-29207", + "id": "pyup.io-48643", + "more_info_path": "/vulnerabilities/CVE-2022-29207/48643", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153200,10 +153712,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29192: missing validation which crashes 'QuantizeAndDequantizeV4Grad'.", - "cve": "CVE-2022-29192", - "id": "pyup.io-48634", - "more_info_path": "/vulnerabilities/CVE-2022-29192/48634", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29194: Missing validation which causes denial of service via 'DeleteSessionTensor'.", + "cve": "CVE-2022-29194", + "id": "pyup.io-48635", + "more_info_path": "/vulnerabilities/CVE-2022-29194/48635", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153213,10 +153725,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29207: Issues arising from undefined behavior stemming from users supplying invalid resource handles.", - "cve": "CVE-2022-29207", - "id": "pyup.io-48643", - "more_info_path": "/vulnerabilities/CVE-2022-29207/48643", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29213: Crashes stemming from incomplete validation in signal ops.", + "cve": "CVE-2022-29213", + "id": "pyup.io-48653", + "more_info_path": "/vulnerabilities/CVE-2022-29213/48653", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153226,10 +153738,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-30115.", - "cve": "CVE-2022-30115", - "id": "pyup.io-48664", - "more_info_path": "/vulnerabilities/CVE-2022-30115/48664", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29216: Code injection in 'saved_model_cli'.", + "cve": "CVE-2022-29216", + "id": "pyup.io-48629", + "more_info_path": "/vulnerabilities/CVE-2022-29216/48629", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153239,10 +153751,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29194: Missing validation which causes denial of service via 'DeleteSessionTensor'.", - "cve": "CVE-2022-29194", - "id": "pyup.io-48635", - "more_info_path": "/vulnerabilities/CVE-2022-29194/48635", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29191: Missing validation which causes denial of service via 'GetSessionTensor'.", + "cve": "CVE-2022-29191", + "id": "pyup.io-48636", + "more_info_path": "/vulnerabilities/CVE-2022-29191/48636", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153252,10 +153764,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29216: Code injection in 'saved_model_cli'.", - "cve": "CVE-2022-29216", - "id": "pyup.io-48629", - "more_info_path": "/vulnerabilities/CVE-2022-29216/48629", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29193: missing validation which causes 'TensorSummaryV2' to crash.", + "cve": "CVE-2022-29193", + "id": "pyup.io-48633", + "more_info_path": "/vulnerabilities/CVE-2022-29193/48633", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153265,10 +153777,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29191: Missing validation which causes denial of service via 'GetSessionTensor'.", - "cve": "CVE-2022-29191", - "id": "pyup.io-48636", - "more_info_path": "/vulnerabilities/CVE-2022-29191/48636", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29204: Missing validation which causes denial of service via 'Conv3DBackpropFilterV2'.", + "cve": "CVE-2022-29204", + "id": "pyup.io-48647", + "more_info_path": "/vulnerabilities/CVE-2022-29204/48647", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153278,10 +153790,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29206: Missing validation which results in undefined behavior in 'SparseTensorDenseAdd'.", - "cve": "CVE-2022-29206", - "id": "pyup.io-48645", - "more_info_path": "/vulnerabilities/CVE-2022-29206/48645", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29202: Denial of service in 'tf.ragged.constant' due to lack of validation.", + "cve": "CVE-2022-29202", + "id": "pyup.io-48650", + "more_info_path": "/vulnerabilities/CVE-2022-29202/48650", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -153303,10 +153815,10 @@ "v": "<2.7.2,>=2.8.0,<2.8.1,>=2.9.0,<2.9.1" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35996: Floating point exception in 'Conv2D'. \r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q5jv-m6qw-5g37", - "cve": "CVE-2022-35996", - "id": "pyup.io-51085", - "more_info_path": "/vulnerabilities/CVE-2022-35996/51085", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35937: OOB read in 'Gather_nd' op in TF Lite.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pxrw-j2fv-hx3h", + "cve": "CVE-2022-35937", + "id": "pyup.io-51049", + "more_info_path": "/vulnerabilities/CVE-2022-35937/51049", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153315,10 +153827,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36016: 'CHECK'-fail in 'tensorflow::full_type::SubstituteFromAttrs'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g468-qj8g-vcjc", - "cve": "CVE-2022-36016", - "id": "pyup.io-51100", - "more_info_path": "/vulnerabilities/CVE-2022-36016/51100", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35969: 'CHECK' fail in 'Conv2DBackpropInput'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q2c3-jpmc-gfjx", + "cve": "CVE-2022-35969", + "id": "pyup.io-51063", + "more_info_path": "/vulnerabilities/CVE-2022-35969/51063", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153327,10 +153839,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35937: OOB read in 'Gather_nd' op in TF Lite.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pxrw-j2fv-hx3h", - "cve": "CVE-2022-35937", - "id": "pyup.io-51049", - "more_info_path": "/vulnerabilities/CVE-2022-35937/51049", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35995: 'CHECK' fail in 'AudioSummaryV2'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9h5-vr8m-x2h4", + "cve": "CVE-2022-35995", + "id": "pyup.io-51084", + "more_info_path": "/vulnerabilities/CVE-2022-35995/51084", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153339,10 +153851,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36003: 'CHECK' fail in 'RandomPoissonV2'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cv2p-32v3-vhwq", - "cve": "CVE-2022-36003", - "id": "pyup.io-51092", - "more_info_path": "/vulnerabilities/CVE-2022-36003/51092", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35993: 'CHECK' fail in 'SetSize'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wq6q-6m32-9rv9", + "cve": "CVE-2022-35993", + "id": "pyup.io-51082", + "more_info_path": "/vulnerabilities/CVE-2022-35993/51082", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153351,10 +153863,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35952: 'CHECK' failures in 'UnbatchGradOp'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h5vq-gw2c-pq47", - "cve": "CVE-2022-35952", - "id": "pyup.io-51054", - "more_info_path": "/vulnerabilities/CVE-2022-35952/51054", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35983: 'CHECK' fail in 'Save' and 'SaveSlices'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6vp-8q9j-whx4", + "cve": "CVE-2022-35983", + "id": "pyup.io-51072", + "more_info_path": "/vulnerabilities/CVE-2022-35983/51072", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153363,10 +153875,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35964: Segfault in 'BlockLSTMGradV2'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f7r5-q7cx-h668", - "cve": "CVE-2022-35964", - "id": "pyup.io-51058", - "more_info_path": "/vulnerabilities/CVE-2022-35964/51058", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36011: Null dereference on MLIR on empty function attributes.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fv43-93gv-vm8f", + "cve": "CVE-2022-36011", + "id": "pyup.io-51095", + "more_info_path": "/vulnerabilities/CVE-2022-36011/51095", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153375,10 +153887,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36018: 'CHECK' fail in 'RaggedTensorToVariant'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6cv-4fmf-66xf", - "cve": "CVE-2022-36018", - "id": "pyup.io-51102", - "more_info_path": "/vulnerabilities/CVE-2022-36018/51102", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35979: Segfault in 'QuantizedRelu' and 'QuantizedRelu6'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v7vw-577f-vp8x", + "cve": "CVE-2022-35979", + "id": "pyup.io-51069", + "more_info_path": "/vulnerabilities/CVE-2022-35979/51069", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153387,10 +153899,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35939: OOB write in 'scatter_nd' op in TF Lite.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-ffjm-4qwc-7cmf", - "cve": "CVE-2022-35939", - "id": "pyup.io-51051", - "more_info_path": "/vulnerabilities/CVE-2022-35939/51051", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35985: 'CHECK' fail in 'LRNGrad'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9942-r22v-78cp", + "cve": "CVE-2022-35985", + "id": "pyup.io-51074", + "more_info_path": "/vulnerabilities/CVE-2022-35985/51074", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153399,10 +153911,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35974: Segfault in 'QuantizeDownAndShrinkRange'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vgvh-2pf4-jr2x", - "cve": "CVE-2022-35974", - "id": "pyup.io-51068", - "more_info_path": "/vulnerabilities/CVE-2022-35974/51068", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35989: 'CHECK' fail in 'MaxPool'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j43h-pgmg-5hjq", + "cve": "CVE-2022-35989", + "id": "pyup.io-51078", + "more_info_path": "/vulnerabilities/CVE-2022-35989/51078", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153411,10 +153923,34 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35970: Segfault in 'QuantizedInstanceNorm'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g35r-369w-3fqp", - "cve": "CVE-2022-35970", - "id": "pyup.io-51064", - "more_info_path": "/vulnerabilities/CVE-2022-35970/51064", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35986: Segfault in 'RaggedBincount'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wr9v-g9vf-c74v", + "cve": "CVE-2022-35986", + "id": "pyup.io-51075", + "more_info_path": "/vulnerabilities/CVE-2022-35986/51075", + "specs": [ + "<2.7.4", + ">=2.8.0rc0,<2.8.3", + ">=2.9.0rc0,<2.9.2" + ], + "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" + }, + { + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35966: Segfault in 'QuantizedAvgPool'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4w68-4x85-mjj9", + "cve": "CVE-2022-35966", + "id": "pyup.io-51060", + "more_info_path": "/vulnerabilities/CVE-2022-35966/51060", + "specs": [ + "<2.7.4", + ">=2.8.0rc0,<2.8.3", + ">=2.9.0rc0,<2.9.2" + ], + "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" + }, + { + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36000: 'CHECK' fail in 'Eig'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqxc-pvf8-2w9v", + "cve": "CVE-2022-36000", + "id": "pyup.io-51089", + "more_info_path": "/vulnerabilities/CVE-2022-36000/51089", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153447,10 +153983,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35993: 'CHECK' fail in 'SetSize'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wq6q-6m32-9rv9", - "cve": "CVE-2022-35993", - "id": "pyup.io-51082", - "more_info_path": "/vulnerabilities/CVE-2022-35993/51082", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35960: 'CHECK' failure in 'TensorListReserve' via missing validation.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v5xg-3q2c-c2r4", + "cve": "CVE-2022-35960", + "id": "pyup.io-51056", + "more_info_path": "/vulnerabilities/CVE-2022-35960/51056", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153459,10 +153995,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36026: 'CHECK' fail in 'QuantizeAndDequantizeV3'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9cr2-8pwr-fhfq", - "cve": "CVE-2022-36026", - "id": "pyup.io-51104", - "more_info_path": "/vulnerabilities/CVE-2022-36026/51104", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36015: Integer overflow in math ops. \r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rh87-q4vg-m45j", + "cve": "CVE-2022-36015", + "id": "pyup.io-51099", + "more_info_path": "/vulnerabilities/CVE-2022-36015/51099", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153471,10 +154007,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35941: 'CHECK' failure in 'AvgPoolOp'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mgmh-g2v6-mqw5", - "cve": "CVE-2022-35941", - "id": "pyup.io-51053", - "more_info_path": "/vulnerabilities/CVE-2022-35941/51053", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35959: 'CHECK' failures in 'AvgPool3DGrad'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wxjj-cgcx-r3vq", + "cve": "CVE-2022-35959", + "id": "pyup.io-51055", + "more_info_path": "/vulnerabilities/CVE-2022-35959/51055", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153483,10 +154019,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36000: 'CHECK' fail in 'Eig'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqxc-pvf8-2w9v", - "cve": "CVE-2022-36000", - "id": "pyup.io-51089", - "more_info_path": "/vulnerabilities/CVE-2022-36000/51089", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35994: 'CHECK' fail in 'CollectiveGather'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fhfc-2q7x-929f", + "cve": "CVE-2022-35994", + "id": "pyup.io-51083", + "more_info_path": "/vulnerabilities/CVE-2022-35994/51083", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153495,10 +154031,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35940: Int overflow in 'RaggedRangeOp'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x989-q2pq-4q5x", - "cve": "CVE-2022-35940", - "id": "pyup.io-51052", - "more_info_path": "/vulnerabilities/CVE-2022-35940/51052", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35999: 'CHECK' fail in 'Conv2DBackpropInput'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-37jf-mjv6-xfqw", + "cve": "CVE-2022-35999", + "id": "pyup.io-51088", + "more_info_path": "/vulnerabilities/CVE-2022-35999/51088", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153507,10 +154043,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35983: 'CHECK' fail in 'Save' and 'SaveSlices'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6vp-8q9j-whx4", - "cve": "CVE-2022-35983", - "id": "pyup.io-51072", - "more_info_path": "/vulnerabilities/CVE-2022-35983/51072", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36001: 'CHECK' fail in 'DrawBoundingBoxes'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jqm7-m5q7-3hm5", + "cve": "CVE-2022-36001", + "id": "pyup.io-51090", + "more_info_path": "/vulnerabilities/CVE-2022-36001/51090", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153519,10 +154055,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35992: 'CHECK' fail in 'TensorListFromTensor'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9v8w-xmr4-wgxp", - "cve": "CVE-2022-35992", - "id": "pyup.io-51081", - "more_info_path": "/vulnerabilities/CVE-2022-35992/51081", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35940: Int overflow in 'RaggedRangeOp'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x989-q2pq-4q5x", + "cve": "CVE-2022-35940", + "id": "pyup.io-51052", + "more_info_path": "/vulnerabilities/CVE-2022-35940/51052", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153531,10 +154067,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36004: 'CHECK' fail in 'tf.random.gamma'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv8m-8x97-937q", - "cve": "CVE-2022-36004", - "id": "pyup.io-51093", - "more_info_path": "/vulnerabilities/CVE-2022-36004/51093", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35988: 'CHECK' fail in 'tf.linalg.matrix_rank'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vqj-64pv-w55c", + "cve": "CVE-2022-35988", + "id": "pyup.io-51077", + "more_info_path": "/vulnerabilities/CVE-2022-35988/51077", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153555,22 +154091,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35967: Segfault in 'QuantizedAdd'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6h3-348g-6h5x", - "cve": "CVE-2022-35967", - "id": "pyup.io-51061", - "more_info_path": "/vulnerabilities/CVE-2022-35967/51061", - "specs": [ - "<2.7.4", - ">=2.8.0rc0,<2.8.3", - ">=2.9.0rc0,<2.9.2" - ], - "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" - }, - { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36017: Segfault in 'Requantize'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wqmc-pm8c-2jhc", - "cve": "CVE-2022-36017", - "id": "pyup.io-51101", - "more_info_path": "/vulnerabilities/CVE-2022-36017/51101", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36019: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannel'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9j4v-pp28-mxv7", + "cve": "CVE-2022-36019", + "id": "pyup.io-51103", + "more_info_path": "/vulnerabilities/CVE-2022-36019/51103", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153579,10 +154103,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35972: Segfault in 'QuantizedBiasAdd'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4pc4-m9mj-v2r9", - "cve": "CVE-2022-35972", - "id": "pyup.io-51066", - "more_info_path": "/vulnerabilities/CVE-2022-35972/51066", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36016: 'CHECK'-fail in 'tensorflow::full_type::SubstituteFromAttrs'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g468-qj8g-vcjc", + "cve": "CVE-2022-36016", + "id": "pyup.io-51100", + "more_info_path": "/vulnerabilities/CVE-2022-36016/51100", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153591,10 +154115,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35981: 'CHECK' fail in 'FractionalMaxPoolGrad'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vxv8-r8q2-63xw", - "cve": "CVE-2022-35981", - "id": "pyup.io-51070", - "more_info_path": "/vulnerabilities/CVE-2022-35981/51070", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36018: 'CHECK' fail in 'RaggedTensorToVariant'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6cv-4fmf-66xf", + "cve": "CVE-2022-36018", + "id": "pyup.io-51102", + "more_info_path": "/vulnerabilities/CVE-2022-36018/51102", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153603,10 +154127,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36011: Null dereference on MLIR on empty function attributes.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fv43-93gv-vm8f", - "cve": "CVE-2022-36011", - "id": "pyup.io-51095", - "more_info_path": "/vulnerabilities/CVE-2022-36011/51095", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36004: 'CHECK' fail in 'tf.random.gamma'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv8m-8x97-937q", + "cve": "CVE-2022-36004", + "id": "pyup.io-51093", + "more_info_path": "/vulnerabilities/CVE-2022-36004/51093", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153615,10 +154139,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36013: Null-dereference in 'mlir::tfg::GraphDefImporter::ConvertNodeDef'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-828c-5j5q-vrjq", - "cve": "CVE-2022-36013", - "id": "pyup.io-51097", - "more_info_path": "/vulnerabilities/CVE-2022-36013/51097", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35967: Segfault in 'QuantizedAdd'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6h3-348g-6h5x", + "cve": "CVE-2022-35967", + "id": "pyup.io-51061", + "more_info_path": "/vulnerabilities/CVE-2022-35967/51061", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153627,10 +154151,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35982: Segfault in 'SparseBincount'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv", - "cve": "CVE-2022-35982", - "id": "pyup.io-51071", - "more_info_path": "/vulnerabilities/CVE-2022-35982/51071", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35981: 'CHECK' fail in 'FractionalMaxPoolGrad'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vxv8-r8q2-63xw", + "cve": "CVE-2022-35981", + "id": "pyup.io-51070", + "more_info_path": "/vulnerabilities/CVE-2022-35981/51070", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153639,10 +154163,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35984: 'CHECK' fail in 'ParameterizedTruncatedNormal'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p2xf-8hgm-hpw5", - "cve": "CVE-2022-35984", - "id": "pyup.io-51073", - "more_info_path": "/vulnerabilities/CVE-2022-35984/51073", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35970: Segfault in 'QuantizedInstanceNorm'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g35r-369w-3fqp", + "cve": "CVE-2022-35970", + "id": "pyup.io-51064", + "more_info_path": "/vulnerabilities/CVE-2022-35970/51064", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153651,10 +154175,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35979: Segfault in 'QuantizedRelu' and 'QuantizedRelu6'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v7vw-577f-vp8x", - "cve": "CVE-2022-35979", - "id": "pyup.io-51069", - "more_info_path": "/vulnerabilities/CVE-2022-35979/51069", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36003: 'CHECK' fail in 'RandomPoissonV2'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cv2p-32v3-vhwq", + "cve": "CVE-2022-36003", + "id": "pyup.io-51092", + "more_info_path": "/vulnerabilities/CVE-2022-36003/51092", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153663,10 +154187,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35985: 'CHECK' fail in 'LRNGrad'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9942-r22v-78cp", - "cve": "CVE-2022-35985", - "id": "pyup.io-51074", - "more_info_path": "/vulnerabilities/CVE-2022-35985/51074", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36014: Null-dereference in 'mlir::tfg::TFOp::nameAttr'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7j3m-8g3c-9qqq", + "cve": "CVE-2022-36014", + "id": "pyup.io-51098", + "more_info_path": "/vulnerabilities/CVE-2022-36014/51098", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153675,10 +154199,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35960: 'CHECK' failure in 'TensorListReserve' via missing validation.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v5xg-3q2c-c2r4", - "cve": "CVE-2022-35960", - "id": "pyup.io-51056", - "more_info_path": "/vulnerabilities/CVE-2022-35960/51056", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35965: Segfault in 'LowerBound' and 'UpperBound'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qxpx-j395-pw36", + "cve": "CVE-2022-35965", + "id": "pyup.io-51059", + "more_info_path": "/vulnerabilities/CVE-2022-35965/51059", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153687,10 +154211,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35989: 'CHECK' fail in 'MaxPool'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j43h-pgmg-5hjq", - "cve": "CVE-2022-35989", - "id": "pyup.io-51078", - "more_info_path": "/vulnerabilities/CVE-2022-35989/51078", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35996: Floating point exception in 'Conv2D'. \r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q5jv-m6qw-5g37", + "cve": "CVE-2022-35996", + "id": "pyup.io-51085", + "more_info_path": "/vulnerabilities/CVE-2022-35996/51085", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153699,10 +154223,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35987: 'CHECK' fail in 'DenseBincount'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-w62h-8xjm-fv49", - "cve": "CVE-2022-35987", - "id": "pyup.io-51076", - "more_info_path": "/vulnerabilities/CVE-2022-35987/51076", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35952: 'CHECK' failures in 'UnbatchGradOp'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h5vq-gw2c-pq47", + "cve": "CVE-2022-35952", + "id": "pyup.io-51054", + "more_info_path": "/vulnerabilities/CVE-2022-35952/51054", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153711,10 +154235,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35999: 'CHECK' fail in 'Conv2DBackpropInput'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-37jf-mjv6-xfqw", - "cve": "CVE-2022-35999", - "id": "pyup.io-51088", - "more_info_path": "/vulnerabilities/CVE-2022-35999/51088", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35964: Segfault in 'BlockLSTMGradV2'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f7r5-q7cx-h668", + "cve": "CVE-2022-35964", + "id": "pyup.io-51058", + "more_info_path": "/vulnerabilities/CVE-2022-35964/51058", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153723,10 +154247,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36002: 'CHECK' fail in 'Unbatch'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mh3m-62v7-68xg", - "cve": "CVE-2022-36002", - "id": "pyup.io-51091", - "more_info_path": "/vulnerabilities/CVE-2022-36002/51091", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35941: 'CHECK' failure in 'AvgPoolOp'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mgmh-g2v6-mqw5", + "cve": "CVE-2022-35941", + "id": "pyup.io-51053", + "more_info_path": "/vulnerabilities/CVE-2022-35941/51053", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153735,10 +154259,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36001: 'CHECK' fail in 'DrawBoundingBoxes'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jqm7-m5q7-3hm5", - "cve": "CVE-2022-36001", - "id": "pyup.io-51090", - "more_info_path": "/vulnerabilities/CVE-2022-36001/51090", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35984: 'CHECK' fail in 'ParameterizedTruncatedNormal'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p2xf-8hgm-hpw5", + "cve": "CVE-2022-35984", + "id": "pyup.io-51073", + "more_info_path": "/vulnerabilities/CVE-2022-35984/51073", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153747,10 +154271,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35973: Segfault in 'QuantizedMatMul'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-689c-r7h2-fv9v", - "cve": "CVE-2022-35973", - "id": "pyup.io-51067", - "more_info_path": "/vulnerabilities/CVE-2022-35973/51067", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35987: 'CHECK' fail in 'DenseBincount'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-w62h-8xjm-fv49", + "cve": "CVE-2022-35987", + "id": "pyup.io-51076", + "more_info_path": "/vulnerabilities/CVE-2022-35987/51076", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153771,10 +154295,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35988: 'CHECK' fail in 'tf.linalg.matrix_rank'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vqj-64pv-w55c", - "cve": "CVE-2022-35988", - "id": "pyup.io-51077", - "more_info_path": "/vulnerabilities/CVE-2022-35988/51077", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35974: Segfault in 'QuantizeDownAndShrinkRange'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vgvh-2pf4-jr2x", + "cve": "CVE-2022-35974", + "id": "pyup.io-51068", + "more_info_path": "/vulnerabilities/CVE-2022-35974/51068", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153783,10 +154307,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35986: Segfault in 'RaggedBincount'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wr9v-g9vf-c74v", - "cve": "CVE-2022-35986", - "id": "pyup.io-51075", - "more_info_path": "/vulnerabilities/CVE-2022-35986/51075", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35990: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannelGradient'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h7ff-cfc9-wmmh", + "cve": "CVE-2022-35990", + "id": "pyup.io-51079", + "more_info_path": "/vulnerabilities/CVE-2022-35990/51079", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153795,10 +154319,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35969: 'CHECK' fail in 'Conv2DBackpropInput'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q2c3-jpmc-gfjx", - "cve": "CVE-2022-35969", - "id": "pyup.io-51063", - "more_info_path": "/vulnerabilities/CVE-2022-35969/51063", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35992: 'CHECK' fail in 'TensorListFromTensor'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9v8w-xmr4-wgxp", + "cve": "CVE-2022-35992", + "id": "pyup.io-51081", + "more_info_path": "/vulnerabilities/CVE-2022-35992/51081", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153807,10 +154331,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36014: Null-dereference in 'mlir::tfg::TFOp::nameAttr'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7j3m-8g3c-9qqq", - "cve": "CVE-2022-36014", - "id": "pyup.io-51098", - "more_info_path": "/vulnerabilities/CVE-2022-36014/51098", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36017: Segfault in 'Requantize'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wqmc-pm8c-2jhc", + "cve": "CVE-2022-36017", + "id": "pyup.io-51101", + "more_info_path": "/vulnerabilities/CVE-2022-36017/51101", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153819,10 +154343,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35990: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannelGradient'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h7ff-cfc9-wmmh", - "cve": "CVE-2022-35990", - "id": "pyup.io-51079", - "more_info_path": "/vulnerabilities/CVE-2022-35990/51079", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35972: Segfault in 'QuantizedBiasAdd'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4pc4-m9mj-v2r9", + "cve": "CVE-2022-35972", + "id": "pyup.io-51066", + "more_info_path": "/vulnerabilities/CVE-2022-35972/51066", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153831,10 +154355,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35966: Segfault in 'QuantizedAvgPool'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4w68-4x85-mjj9", - "cve": "CVE-2022-35966", - "id": "pyup.io-51060", - "more_info_path": "/vulnerabilities/CVE-2022-35966/51060", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36013: Null-dereference in 'mlir::tfg::GraphDefImporter::ConvertNodeDef'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-828c-5j5q-vrjq", + "cve": "CVE-2022-36013", + "id": "pyup.io-51097", + "more_info_path": "/vulnerabilities/CVE-2022-36013/51097", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153855,10 +154379,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36015: Integer overflow in math ops. \r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rh87-q4vg-m45j", - "cve": "CVE-2022-36015", - "id": "pyup.io-51099", - "more_info_path": "/vulnerabilities/CVE-2022-36015/51099", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35939: OOB write in 'scatter_nd' op in TF Lite.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-ffjm-4qwc-7cmf", + "cve": "CVE-2022-35939", + "id": "pyup.io-51051", + "more_info_path": "/vulnerabilities/CVE-2022-35939/51051", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153867,10 +154391,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35959: 'CHECK' failures in 'AvgPool3DGrad'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wxjj-cgcx-r3vq", - "cve": "CVE-2022-35959", - "id": "pyup.io-51055", - "more_info_path": "/vulnerabilities/CVE-2022-35959/51055", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36012: Assertion fail on MLIR empty edge names.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jvhc-5hhr-w3v5", + "cve": "CVE-2022-36012", + "id": "pyup.io-51096", + "more_info_path": "/vulnerabilities/CVE-2022-36012/51096", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153879,10 +154403,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35995: 'CHECK' fail in 'AudioSummaryV2'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9h5-vr8m-x2h4", - "cve": "CVE-2022-35995", - "id": "pyup.io-51084", - "more_info_path": "/vulnerabilities/CVE-2022-35995/51084", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35968: 'CHECK' fail in 'AvgPoolGrad'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2475-53vw-vp25", + "cve": "CVE-2022-35968", + "id": "pyup.io-51062", + "more_info_path": "/vulnerabilities/CVE-2022-35968/51062", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153891,10 +154415,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36012: Assertion fail on MLIR empty edge names.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jvhc-5hhr-w3v5", - "cve": "CVE-2022-36012", - "id": "pyup.io-51096", - "more_info_path": "/vulnerabilities/CVE-2022-36012/51096", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35971: 'CHECK' fail in 'FakeQuantWithMinMaxVars'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9fpg-838v-wpv7", + "cve": "CVE-2022-35971", + "id": "pyup.io-51065", + "more_info_path": "/vulnerabilities/CVE-2022-35971/51065", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153903,10 +154427,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35968: 'CHECK' fail in 'AvgPoolGrad'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2475-53vw-vp25", - "cve": "CVE-2022-35968", - "id": "pyup.io-51062", - "more_info_path": "/vulnerabilities/CVE-2022-35968/51062", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35934: 'CHECK' failure in tf.reshape via overflows.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f4w6-h4f5-wx45", + "cve": "CVE-2022-35934", + "id": "pyup.io-51047", + "more_info_path": "/vulnerabilities/CVE-2022-35934/51047", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153915,10 +154439,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36019: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannel'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9j4v-pp28-mxv7", - "cve": "CVE-2022-36019", - "id": "pyup.io-51103", - "more_info_path": "/vulnerabilities/CVE-2022-36019/51103", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36026: 'CHECK' fail in 'QuantizeAndDequantizeV3'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9cr2-8pwr-fhfq", + "cve": "CVE-2022-36026", + "id": "pyup.io-51104", + "more_info_path": "/vulnerabilities/CVE-2022-36026/51104", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153927,10 +154451,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35971: 'CHECK' fail in 'FakeQuantWithMinMaxVars'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9fpg-838v-wpv7", - "cve": "CVE-2022-35971", - "id": "pyup.io-51065", - "more_info_path": "/vulnerabilities/CVE-2022-35971/51065", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35982: Segfault in 'SparseBincount'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv", + "cve": "CVE-2022-35982", + "id": "pyup.io-51071", + "more_info_path": "/vulnerabilities/CVE-2022-35982/51071", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153939,10 +154463,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35934: 'CHECK' failure in tf.reshape via overflows.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f4w6-h4f5-wx45", - "cve": "CVE-2022-35934", - "id": "pyup.io-51047", - "more_info_path": "/vulnerabilities/CVE-2022-35934/51047", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36002: 'CHECK' fail in 'Unbatch'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mh3m-62v7-68xg", + "cve": "CVE-2022-36002", + "id": "pyup.io-51091", + "more_info_path": "/vulnerabilities/CVE-2022-36002/51091", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153951,10 +154475,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35994: 'CHECK' fail in 'CollectiveGather'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fhfc-2q7x-929f", - "cve": "CVE-2022-35994", - "id": "pyup.io-51083", - "more_info_path": "/vulnerabilities/CVE-2022-35994/51083", + "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35973: Segfault in 'QuantizedMatMul'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-689c-r7h2-fv9v", + "cve": "CVE-2022-35973", + "id": "pyup.io-51067", + "more_info_path": "/vulnerabilities/CVE-2022-35973/51067", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -153963,16 +154487,16 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35965: Segfault in 'LowerBound' and 'UpperBound'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qxpx-j395-pw36", - "cve": "CVE-2022-35965", - "id": "pyup.io-51059", - "more_info_path": "/vulnerabilities/CVE-2022-35965/51059", + "advisory": "The effect of CVE-2022-35991 was seen once more, where TensorListScatter and TensorListScatterV2 could potentially crash due to non scalar inputs in the element_shape parameter while in eager mode. This issue has been identified and resolved. The issue was identified when the following Python code was executed:\r\n\r\n```python \r\nimport tensorflow as tf \r\narg_0=tf.random.uniform(shape=(2, 2, 2), dtype=tf.float16, maxval=None) \r\narg_1=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) \r\narg_2=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) \r\narg_3='' \r\ntf.raw_ops.TensorListScatter(tensor=arg_0, indices=arg_1, element_shape=arg_2, name=arg_3) \r\n```\r\n\r\nA patch to resolve this issue is available in the GitHub commit bf9932fc907aff0e9e8cccf769e8b00d30fd81a1. This fix will be part of TensorFlow 2.11. Additionally, the commitment will be selected for TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these versions are also known to be affected and still under supported range.\r\n\r\nFor further details, please refer to TensorFlow's security guide. If there is any issue or question, contact us please.\r\n\r\nThe person who brought this vulnerability to our attention is Pattarakrit Rattankul.", + "cve": "PVE-2023-99920", + "id": "pyup.io-61991", + "more_info_path": "/vulnerabilities/PVE-2023-99920/61991", "specs": [ - "<2.7.4", - ">=2.8.0rc0,<2.8.3", - ">=2.9.0rc0,<2.9.2" + "<2.8.4", + ">=2.10.0,<2.10.1", + ">=2.9.0,<2.9.3" ], - "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" + "v": "<2.8.4,>=2.10.0,<2.10.1,>=2.9.0,<2.9.3" }, { "advisory": "Impact: A recurring instance of CVE-2022-35935 has been observed and addressed. In this case, `SobolSample` is prone to denial of service due to assumed scalar inputs. You can replicate this using the following code in Python:\r\n\r\n```python \r\nimport tensorflow as tf \r\ntf.raw_ops.SobolSample(dim=tf.constant([1,0]), num_results=tf.constant([1]), skip=tf.constant([1])) \r\n```\r\n\r\nPatches: Corrective measures have been taken and the issue has been patched via GitHub commits c65c67f88ad770662e8f191269a907bf2b94b1bf and 02400ea266bd811fc016a848445de1bbff3a23a0. These fixes will be integrated in the forthcoming TensorFlow 2.11 release and will also be added to TensorFlow 2.10.1, 2.9.3, and 2.8.4 as they fall within the supported range. Furthermore, the initial commit will be incorporated into TensorFlow 2.7.4.\r\n\r\nFor more information: You can refer to the TensorFlow's security guide for comprehensive insights into the security model and for details on how to contact them for queries or issues.\r\n\r\nAttribution: This vulnerability was reported by Kang Hong Jin from Singapore Management University, Neophytos Christou from Secure Systems Labs at Brown University, Liu Liyuan from the Information System & Security and Countermeasures Experiments Center at Beijing Institute of Technology, and Pattarakrit Rattankul.", @@ -153987,22 +154511,22 @@ "v": "<2.8.4,>=2.10.0,<2.10.1,>=2.9.0,<2.9.3" }, { - "advisory": "The effect of CVE-2022-35991 was seen once more, where TensorListScatter and TensorListScatterV2 could potentially crash due to non scalar inputs in the element_shape parameter while in eager mode. This issue has been identified and resolved. The issue was identified when the following Python code was executed:\r\n\r\n```python \r\nimport tensorflow as tf \r\narg_0=tf.random.uniform(shape=(2, 2, 2), dtype=tf.float16, maxval=None) \r\narg_1=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) \r\narg_2=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) \r\narg_3='' \r\ntf.raw_ops.TensorListScatter(tensor=arg_0, indices=arg_1, element_shape=arg_2, name=arg_3) \r\n```\r\n\r\nA patch to resolve this issue is available in the GitHub commit bf9932fc907aff0e9e8cccf769e8b00d30fd81a1. This fix will be part of TensorFlow 2.11. Additionally, the commitment will be selected for TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these versions are also known to be affected and still under supported range.\r\n\r\nFor further details, please refer to TensorFlow's security guide. If there is any issue or question, contact us please.\r\n\r\nThe person who brought this vulnerability to our attention is Pattarakrit Rattankul.", - "cve": "PVE-2023-99920", - "id": "pyup.io-61991", - "more_info_path": "/vulnerabilities/PVE-2023-99920/61991", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41902: The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cg88-rpvp-cjv5", + "cve": "CVE-2022-41902", + "id": "pyup.io-52347", + "more_info_path": "/vulnerabilities/CVE-2022-41902/52347", "specs": [ "<2.8.4", - ">=2.10.0,<2.10.1", - ">=2.9.0,<2.9.3" + ">=2.9.0rc0,<2.9.3", + ">=2.10.0rc0,<2.10.1" ], - "v": "<2.8.4,>=2.10.0,<2.10.1,>=2.9.0,<2.9.3" + "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41907: When 'tf.raw_ops.ResizeNearestNeighborGrad' is given a large 'size' input, it overflows.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx", - "cve": "CVE-2022-41907", - "id": "pyup.io-51960", - "more_info_path": "/vulnerabilities/CVE-2022-41907/51960", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41895: If 'MirrorPadGrad' is given outsize input 'paddings', TensorFlow will give a heap OOB error.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx", + "cve": "CVE-2022-41895", + "id": "pyup.io-51953", + "more_info_path": "/vulnerabilities/CVE-2022-41895/51953", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154011,10 +154535,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41908: TensorFlow is an open source platform for machine learning. An input 'token' that is not a UTF-8 bytestring will trigger a 'CHECK' fail in 'tf.raw_ops.PyFunc'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3", - "cve": "CVE-2022-41908", - "id": "pyup.io-51961", - "more_info_path": "/vulnerabilities/CVE-2022-41908/51961", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41890: If 'BCast::ToShape' is given input larger than an 'int32', it will crash, despite being supposed to handle up to an 'int64'. An example can be seen in 'tf.experimental.numpy.outer' by passing in large input to the input 'b'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475", + "cve": "CVE-2022-41890", + "id": "pyup.io-51949", + "more_info_path": "/vulnerabilities/CVE-2022-41890/51949", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154023,10 +154547,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41884: If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. \r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636", - "cve": "CVE-2022-41884", - "id": "pyup.io-51943", - "more_info_path": "/vulnerabilities/CVE-2022-41884/51943", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41897: If 'FractionMaxPoolGrad' is given outsize inputs 'row_pooling_sequence' and 'col_pooling_sequence', TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j", + "cve": "CVE-2022-41897", + "id": "pyup.io-51955", + "more_info_path": "/vulnerabilities/CVE-2022-41897/51955", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154035,10 +154559,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41909: An input 'encoded' that is not a valid 'CompositeTensorVariant' tensor will trigger a segfault in 'tf.raw_ops.CompositeTensorVariantToComponents'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9", - "cve": "CVE-2022-41909", - "id": "pyup.io-51962", - "more_info_path": "/vulnerabilities/CVE-2022-41909/51962", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41880: When the 'BaseCandidateSamplerOp' function receives a value in 'true_classes' larger than 'range_max', a heap oob read occurs.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j", + "cve": "CVE-2022-41880", + "id": "pyup.io-51941", + "more_info_path": "/vulnerabilities/CVE-2022-41880/51941", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154047,10 +154571,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41891: If 'tf.raw_ops.TensorListConcat' is given 'element_shape=[]', it results segmentation fault which can be used to trigger a denial of service attack.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv", - "cve": "CVE-2022-41891", - "id": "pyup.io-51950", - "more_info_path": "/vulnerabilities/CVE-2022-41891/51950", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41907: When 'tf.raw_ops.ResizeNearestNeighborGrad' is given a large 'size' input, it overflows.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx", + "cve": "CVE-2022-41907", + "id": "pyup.io-51960", + "more_info_path": "/vulnerabilities/CVE-2022-41907/51960", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154071,10 +154595,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41897: If 'FractionMaxPoolGrad' is given outsize inputs 'row_pooling_sequence' and 'col_pooling_sequence', TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j", - "cve": "CVE-2022-41897", - "id": "pyup.io-51955", - "more_info_path": "/vulnerabilities/CVE-2022-41897/51955", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41886: When 'tf.raw_ops.ImageProjectiveTransformV2' is given a large output shape, it overflows.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx", + "cve": "CVE-2022-41886", + "id": "pyup.io-51945", + "more_info_path": "/vulnerabilities/CVE-2022-41886/51945", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154083,10 +154607,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41911: When printing a tensor, we get it's data as a 'const char*' array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from 'char' to 'bool' are undefined if the 'char' is not '0' or '1', so sanitizers/fuzzers will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j", - "cve": "CVE-2022-41911", - "id": "pyup.io-51963", - "more_info_path": "/vulnerabilities/CVE-2022-41911/51963", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41888: When running on GPU, 'tf.image.generate_bounding_box_proposals' receives a 'scores' input that must be of rank 4 but is not checked.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v", + "cve": "CVE-2022-41888", + "id": "pyup.io-51947", + "more_info_path": "/vulnerabilities/CVE-2022-41888/51947", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154107,10 +154631,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41900: The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472", - "cve": "CVE-2022-41900", - "id": "pyup.io-51958", - "more_info_path": "/vulnerabilities/CVE-2022-41900/51958", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41896: If 'ThreadUnsafeUnigramCandidateSampler' is given input 'filterbank_channel_count' greater than the allowed max size, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35", + "cve": "CVE-2022-41896", + "id": "pyup.io-51954", + "more_info_path": "/vulnerabilities/CVE-2022-41896/51954", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154119,10 +154643,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41893: If 'tf.raw_ops.TensorListResize' is given a nonscalar value for input 'size', it results 'CHECK' fail which can be used to trigger a denial of service attack.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m", - "cve": "CVE-2022-41893", - "id": "pyup.io-51951", - "more_info_path": "/vulnerabilities/CVE-2022-41893/51951", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41910: The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-frqp-wp83-qggv", + "cve": "CVE-2022-41910", + "id": "pyup.io-52348", + "more_info_path": "/vulnerabilities/CVE-2022-41910/52348", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154131,10 +154655,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41886: When 'tf.raw_ops.ImageProjectiveTransformV2' is given a large output shape, it overflows.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx", - "cve": "CVE-2022-41886", - "id": "pyup.io-51945", - "more_info_path": "/vulnerabilities/CVE-2022-41886/51945", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41885: When 'tf.raw_ops.FusedResizeAndPadConv2D' is given a large tensor shape, it overflows.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx", + "cve": "CVE-2022-41885", + "id": "pyup.io-51944", + "more_info_path": "/vulnerabilities/CVE-2022-41885/51944", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154143,10 +154667,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41895: If 'MirrorPadGrad' is given outsize input 'paddings', TensorFlow will give a heap OOB error.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx", - "cve": "CVE-2022-41895", - "id": "pyup.io-51953", - "more_info_path": "/vulnerabilities/CVE-2022-41895/51953", + "advisory": "TensorFlow is an open source platform for machine learning. An input 'sparse_matrix' that is not a matrix with a shape with rank 0 will trigger a 'CHECK' fail in 'tf.raw_ops.SparseMatrixNNZ'. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.", + "cve": "CVE-2022-41901", + "id": "pyup.io-51959", + "more_info_path": "/vulnerabilities/CVE-2022-41901/51959", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154155,10 +154679,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41899: TensorFlow is an open source platform for machine learning. Inputs 'dense_features' or 'example_state_data' not of rank 2 will trigger a 'CHECK' fail in 'SdcaOptimizer'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2", - "cve": "CVE-2022-41899", - "id": "pyup.io-51957", - "more_info_path": "/vulnerabilities/CVE-2022-41899/51957", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41893: If 'tf.raw_ops.TensorListResize' is given a nonscalar value for input 'size', it results 'CHECK' fail which can be used to trigger a denial of service attack.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m", + "cve": "CVE-2022-41893", + "id": "pyup.io-51951", + "more_info_path": "/vulnerabilities/CVE-2022-41893/51951", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154167,10 +154691,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41890: If 'BCast::ToShape' is given input larger than an 'int32', it will crash, despite being supposed to handle up to an 'int64'. An example can be seen in 'tf.experimental.numpy.outer' by passing in large input to the input 'b'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475", - "cve": "CVE-2022-41890", - "id": "pyup.io-51949", - "more_info_path": "/vulnerabilities/CVE-2022-41890/51949", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41908: TensorFlow is an open source platform for machine learning. An input 'token' that is not a UTF-8 bytestring will trigger a 'CHECK' fail in 'tf.raw_ops.PyFunc'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3", + "cve": "CVE-2022-41908", + "id": "pyup.io-51961", + "more_info_path": "/vulnerabilities/CVE-2022-41908/51961", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154179,10 +154703,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41880: When the 'BaseCandidateSamplerOp' function receives a value in 'true_classes' larger than 'range_max', a heap oob read occurs.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j", - "cve": "CVE-2022-41880", - "id": "pyup.io-51941", - "more_info_path": "/vulnerabilities/CVE-2022-41880/51941", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41899: TensorFlow is an open source platform for machine learning. Inputs 'dense_features' or 'example_state_data' not of rank 2 will trigger a 'CHECK' fail in 'SdcaOptimizer'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2", + "cve": "CVE-2022-41899", + "id": "pyup.io-51957", + "more_info_path": "/vulnerabilities/CVE-2022-41899/51957", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154191,10 +154715,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41910: The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-frqp-wp83-qggv", - "cve": "CVE-2022-41910", - "id": "pyup.io-52348", - "more_info_path": "/vulnerabilities/CVE-2022-41910/52348", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41909: An input 'encoded' that is not a valid 'CompositeTensorVariant' tensor will trigger a segfault in 'tf.raw_ops.CompositeTensorVariantToComponents'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9", + "cve": "CVE-2022-41909", + "id": "pyup.io-51962", + "more_info_path": "/vulnerabilities/CVE-2022-41909/51962", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154203,10 +154727,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41902: The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cg88-rpvp-cjv5", - "cve": "CVE-2022-41902", - "id": "pyup.io-52347", - "more_info_path": "/vulnerabilities/CVE-2022-41902/52347", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41894: The reference kernel of the 'CONV_3D_TRANSPOSE' TensorFlow Lite operator wrongly increments the data_ptr when adding the bias to the result. Instead of 'data_ptr += num_channels;' it should be 'data_ptr += output_num_channels;' as if the number of input channels is different than the number of output channels, the wrong result will be returned and a buffer overflow will occur if num_channels > output_num_channels. An attacker can craft a model with a specific number of input channels. It is then possible to write specific values through the bias of the layer outside the bounds of the buffer. This attack only works if the reference kernel resolver is used in the interpreter.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6q3-vv32-2cq5", + "cve": "CVE-2022-41894", + "id": "pyup.io-51952", + "more_info_path": "/vulnerabilities/CVE-2022-41894/51952", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154215,10 +154739,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41885: When 'tf.raw_ops.FusedResizeAndPadConv2D' is given a large tensor shape, it overflows.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx", - "cve": "CVE-2022-41885", - "id": "pyup.io-51944", - "more_info_path": "/vulnerabilities/CVE-2022-41885/51944", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41891: If 'tf.raw_ops.TensorListConcat' is given 'element_shape=[]', it results segmentation fault which can be used to trigger a denial of service attack.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv", + "cve": "CVE-2022-41891", + "id": "pyup.io-51950", + "more_info_path": "/vulnerabilities/CVE-2022-41891/51950", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154227,10 +154751,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41894: The reference kernel of the 'CONV_3D_TRANSPOSE' TensorFlow Lite operator wrongly increments the data_ptr when adding the bias to the result. Instead of 'data_ptr += num_channels;' it should be 'data_ptr += output_num_channels;' as if the number of input channels is different than the number of output channels, the wrong result will be returned and a buffer overflow will occur if num_channels > output_num_channels. An attacker can craft a model with a specific number of input channels. It is then possible to write specific values through the bias of the layer outside the bounds of the buffer. This attack only works if the reference kernel resolver is used in the interpreter.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6q3-vv32-2cq5", - "cve": "CVE-2022-41894", - "id": "pyup.io-51952", - "more_info_path": "/vulnerabilities/CVE-2022-41894/51952", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41911: When printing a tensor, we get it's data as a 'const char*' array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from 'char' to 'bool' are undefined if the 'char' is not '0' or '1', so sanitizers/fuzzers will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j", + "cve": "CVE-2022-41911", + "id": "pyup.io-51963", + "more_info_path": "/vulnerabilities/CVE-2022-41911/51963", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154239,10 +154763,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41888: When running on GPU, 'tf.image.generate_bounding_box_proposals' receives a 'scores' input that must be of rank 4 but is not checked.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v", - "cve": "CVE-2022-41888", - "id": "pyup.io-51947", - "more_info_path": "/vulnerabilities/CVE-2022-41888/51947", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41884: If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. \r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636", + "cve": "CVE-2022-41884", + "id": "pyup.io-51943", + "more_info_path": "/vulnerabilities/CVE-2022-41884/51943", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154251,10 +154775,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "TensorFlow is an open source platform for machine learning. An input 'sparse_matrix' that is not a matrix with a shape with rank 0 will trigger a 'CHECK' fail in 'tf.raw_ops.SparseMatrixNNZ'. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.", - "cve": "CVE-2022-41901", - "id": "pyup.io-51959", - "more_info_path": "/vulnerabilities/CVE-2022-41901/51959", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41900: The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472", + "cve": "CVE-2022-41900", + "id": "pyup.io-51958", + "more_info_path": "/vulnerabilities/CVE-2022-41900/51958", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -154263,16 +154787,17 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41896: If 'ThreadUnsafeUnigramCandidateSampler' is given input 'filterbank_channel_count' greater than the allowed max size, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35", - "cve": "CVE-2022-41896", - "id": "pyup.io-51954", - "more_info_path": "/vulnerabilities/CVE-2022-41896/51954", + "advisory": "TensorFlow 2.8.4, 2.9.3, 2.10.1 and 2.11.0 include a fix for CVE-2022-35991: 'CHECK' fail in 'TensorListScatter' and 'TensorListScatterV2'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vm7x-4qhj-rrcq\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xf83-q765-xm6m", + "cve": "CVE-2022-35991", + "id": "pyup.io-51080", + "more_info_path": "/vulnerabilities/CVE-2022-35991/51080", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", - ">=2.10.0rc0,<2.10.1" + ">=2.10.0rc0,<2.10.1", + ">=2.11.0rc0,<2.11.0" ], - "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" + "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1,>=2.11.0rc0,<2.11.0" }, { "advisory": "TensorFlow 2.8.4, 2.9.3, 2.10.1 and 2.11.0 include a fix for CVE-2022-35935: 'CHECK' failure in 'SobolSample' via missing validation.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-97p7-w86h-vcf9\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqvq-fvhr-v6hc", @@ -154287,19 +154812,6 @@ ], "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1,>=2.11.0rc0,<2.11.0" }, - { - "advisory": "TensorFlow 2.8.4, 2.9.3, 2.10.1 and 2.11.0 include a fix for CVE-2022-35991: 'CHECK' fail in 'TensorListScatter' and 'TensorListScatterV2'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vm7x-4qhj-rrcq\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xf83-q765-xm6m", - "cve": "CVE-2022-35991", - "id": "pyup.io-51080", - "more_info_path": "/vulnerabilities/CVE-2022-35991/51080", - "specs": [ - "<2.8.4", - ">=2.9.0rc0,<2.9.3", - ">=2.10.0rc0,<2.10.1", - ">=2.11.0rc0,<2.11.0" - ], - "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1,>=2.11.0rc0,<2.11.0" - }, { "advisory": "Tensorflow 2.9.3 and 2.10.1 include a fix for CVE-2022-41887: 'tf.keras.losses.poisson' receives a 'y_pred' and 'y_true' that are passed through 'functor::mul' in 'BinaryOp'. If the resulting dimensions overflow an 'int32', TensorFlow will crash due to a size mismatch during broadcast assignment.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fvv-46hw-vpg3", "cve": "CVE-2022-41887", @@ -154342,10 +154854,10 @@ "v": ">=0,<2.0.0" }, { - "advisory": "Various versions of tensorflow are susceptible to a Denial of Service (DoS) attack stemming from a vulnerability similar to CVE-2022-35935, which occurs in SobolSample due to the handling of scalar inputs.", - "cve": "PVE-2024-99853", - "id": "pyup.io-65567", - "more_info_path": "/vulnerabilities/PVE-2024-99853/65567", + "advisory": "Affected versions of TensorFlow are susceptible to a Denial of Service (DoS) attack caused by an issue similar to CVE-2022-35991, occurring in TensorListScatter and TensorListScatterV2 when non-scalar inputs are used.", + "cve": "PVE-2024-99852", + "id": "pyup.io-65568", + "more_info_path": "/vulnerabilities/PVE-2024-99852/65568", "specs": [ ">=0,<2.8.4", ">=2.9.0,<2.9.3", @@ -154354,10 +154866,10 @@ "v": ">=0,<2.8.4,>=2.9.0,<2.9.3,>=2.10.0,<2.10.1" }, { - "advisory": "Affected versions of TensorFlow are susceptible to a Denial of Service (DoS) attack caused by an issue similar to CVE-2022-35991, occurring in TensorListScatter and TensorListScatterV2 when non-scalar inputs are used.", - "cve": "PVE-2024-99852", - "id": "pyup.io-65568", - "more_info_path": "/vulnerabilities/PVE-2024-99852/65568", + "advisory": "Various versions of tensorflow are susceptible to a Denial of Service (DoS) attack stemming from a vulnerability similar to CVE-2022-35935, which occurs in SobolSample due to the handling of scalar inputs.", + "cve": "PVE-2024-99853", + "id": "pyup.io-65567", + "more_info_path": "/vulnerabilities/PVE-2024-99853/65567", "specs": [ ">=0,<2.8.4", ">=2.9.0,<2.9.3", @@ -154380,10 +154892,10 @@ "v": ">=1.15.0rc0,<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow versions 1.15.2 and 2.0.1 update its dependency \"SQLite\" to handle CVE-2019-19646.", - "cve": "CVE-2019-19646", - "id": "pyup.io-39537", - "more_info_path": "/vulnerabilities/CVE-2019-19646/39537", + "advisory": "Tensorflow versions 1.15.2 and 2.0.1 includes a fix for CVE-2020-5215: In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which contains a string instead of a tf.float16 value. Similar effects can be obtained by manipulating saved models and checkpoints whereby replacing a scalar tf.float16 value with a scalar string will trigger this issue due to automatic conversions. This can be easily reproduced by tf.constant(\"hello\", tf.float16), if eager execution is enabled.", + "cve": "CVE-2020-5215", + "id": "pyup.io-37776", + "more_info_path": "/vulnerabilities/CVE-2020-5215/37776", "specs": [ ">=2.0.0a0,<2.0.1", "<1.15.2" @@ -154402,10 +154914,10 @@ "v": ">=2.0.0a0,<2.0.1,<1.15.2" }, { - "advisory": "Tensorflow versions 1.15.2 and 2.0.1 updates its dependency \"curl\" to handle CVE-2019-5481.", - "cve": "CVE-2019-5481", - "id": "pyup.io-39570", - "more_info_path": "/vulnerabilities/CVE-2019-5481/39570", + "advisory": "Tensorflow versions 1.15.2 and 2.0.1 update its dependency \"SQLite\" to handle CVE-2019-19646.", + "cve": "CVE-2019-19646", + "id": "pyup.io-39537", + "more_info_path": "/vulnerabilities/CVE-2019-19646/39537", "specs": [ ">=2.0.0a0,<2.0.1", "<1.15.2" @@ -154413,10 +154925,10 @@ "v": ">=2.0.0a0,<2.0.1,<1.15.2" }, { - "advisory": "Tensorflow versions 1.15.2 and 2.0.1 includes a fix for CVE-2020-5215: In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which contains a string instead of a tf.float16 value. Similar effects can be obtained by manipulating saved models and checkpoints whereby replacing a scalar tf.float16 value with a scalar string will trigger this issue due to automatic conversions. This can be easily reproduced by tf.constant(\"hello\", tf.float16), if eager execution is enabled.", - "cve": "CVE-2020-5215", - "id": "pyup.io-37776", - "more_info_path": "/vulnerabilities/CVE-2020-5215/37776", + "advisory": "Tensorflow versions 1.15.2 and 2.0.1 updates its dependency \"curl\" to handle CVE-2019-5481.", + "cve": "CVE-2019-5481", + "id": "pyup.io-39570", + "more_info_path": "/vulnerabilities/CVE-2019-5481/39570", "specs": [ ">=2.0.0a0,<2.0.1", "<1.15.2" @@ -154459,10 +154971,10 @@ "v": ">=2.10.0rc0,<2.10.1" }, { - "advisory": "TensorFlow versions 2.2.1 and 2.3.1 includes a fix for CVE-2020-15212: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to \"segment_ids_data\" can alter \"output_index\" and then write to outside of \"output_data\" buffer. This might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits. The issue was patched in commit 204945b19e44b57906c9344c0d00120eeeae178a. A potential workaround is to add a custom \"Verifier\" to the model loading code to ensure that the segment ids are all positive, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.", - "cve": "CVE-2020-15212", - "id": "pyup.io-39852", - "more_info_path": "/vulnerabilities/CVE-2020-15212/39852", + "advisory": "Tensorflow versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15193: In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of \"dlpack.to_dlpack\" can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing in a Python object instead of a tensor. The uninitialized memory address is due to a \"reinterpret_cast\". Since the \"PyObject\" is a Python object, not a Tensorflow tensor, the cast to \"EagerTensor\" fails. The issue was patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjjg-hgv6-h69v", + "cve": "CVE-2020-15193", + "id": "pyup.io-38823", + "more_info_path": "/vulnerabilities/CVE-2020-15193/38823", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -154470,10 +154982,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15191: In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to 'dlpack.to_dlpack' the expected validations will cause variables to bind to 'nullptr' while setting a 'status' variable to the error condition. However, this 'status' argument is not properly checked. Hence, code following these methods will bind references to null pointers. This is undefined behavior and reported as an error if compiling with '-fsanitize=null'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q8qj-fc9q-cphr", - "cve": "CVE-2020-15191", - "id": "pyup.io-39872", - "more_info_path": "/vulnerabilities/CVE-2020-15191/39872", + "advisory": "Tensorflow versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15192: In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to 'dlpack.to_dlpack' there is a memory leak following an expected validation failure. The issue occurs because the 'status' argument during validation failures is not properly checked. Since each of the above methods can return an error status, the 'status' value must be checked before continuing.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv", + "cve": "CVE-2020-15192", + "id": "pyup.io-39871", + "more_info_path": "/vulnerabilities/CVE-2020-15192/39871", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -154492,10 +155004,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15192: In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to 'dlpack.to_dlpack' there is a memory leak following an expected validation failure. The issue occurs because the 'status' argument during validation failures is not properly checked. Since each of the above methods can return an error status, the 'status' value must be checked before continuing.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv", - "cve": "CVE-2020-15192", - "id": "pyup.io-39871", - "more_info_path": "/vulnerabilities/CVE-2020-15192/39871", + "advisory": "TensorFlow versions 2.2.1 and 2.3.1 includes a fix for CVE-2020-15213: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimension of the output tensor, attackers can use a very large value to trigger a large allocation. The issue was patched in commit 204945b19e44b57906c9344c0d00120eeeae178a. A potential workaround is to add a custom \"Verifier\" to limit the maximum value in the segment ids tensor. This only handles the case when the segment ids are stored statically in the model, but a similar validation could be done if the segment ids are generated at runtime, between inference steps. However, if the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hjmq-236j-8m87", + "cve": "CVE-2020-15213", + "id": "pyup.io-39851", + "more_info_path": "/vulnerabilities/CVE-2020-15213/39851", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -154503,10 +155015,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "TensorFlow versions 2.2.1 and 2.3.1 includes a fix for CVE-2020-15213: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimension of the output tensor, attackers can use a very large value to trigger a large allocation. The issue was patched in commit 204945b19e44b57906c9344c0d00120eeeae178a. A potential workaround is to add a custom \"Verifier\" to limit the maximum value in the segment ids tensor. This only handles the case when the segment ids are stored statically in the model, but a similar validation could be done if the segment ids are generated at runtime, between inference steps. However, if the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hjmq-236j-8m87", - "cve": "CVE-2020-15213", - "id": "pyup.io-39851", - "more_info_path": "/vulnerabilities/CVE-2020-15213/39851", + "advisory": "TensorFlow versions 2.2.1 and 2.3.1 includes a fix for CVE-2020-15212: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. Users having access to \"segment_ids_data\" can alter \"output_index\" and then write to outside of \"output_data\" buffer. This might result in a segmentation fault but it can also be used to further corrupt the memory and can be chained with other vulnerabilities to create more advanced exploits. The issue was patched in commit 204945b19e44b57906c9344c0d00120eeeae178a. A potential workaround is to add a custom \"Verifier\" to the model loading code to ensure that the segment ids are all positive, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.", + "cve": "CVE-2020-15212", + "id": "pyup.io-39852", + "more_info_path": "/vulnerabilities/CVE-2020-15212/39852", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -154514,10 +155026,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15193: In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of \"dlpack.to_dlpack\" can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing in a Python object instead of a tensor. The uninitialized memory address is due to a \"reinterpret_cast\". Since the \"PyObject\" is a Python object, not a Tensorflow tensor, the cast to \"EagerTensor\" fails. The issue was patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjjg-hgv6-h69v", - "cve": "CVE-2020-15193", - "id": "pyup.io-38823", - "more_info_path": "/vulnerabilities/CVE-2020-15193/38823", + "advisory": "Tensorflow versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15191: In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to 'dlpack.to_dlpack' the expected validations will cause variables to bind to 'nullptr' while setting a 'status' variable to the error condition. However, this 'status' argument is not properly checked. Hence, code following these methods will bind references to null pointers. This is undefined behavior and reported as an error if compiling with '-fsanitize=null'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q8qj-fc9q-cphr", + "cve": "CVE-2020-15191", + "id": "pyup.io-39872", + "more_info_path": "/vulnerabilities/CVE-2020-15191/39872", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -154525,10 +155037,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "TensorFlow version 2.3.1 includes a fix for CVE-2020-15197: In Tensorflow before version 2.3.1, the \"SparseCountSparseOutput\" implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the \"indices\" tensor has rank 2. This tensor must be a matrix because code assumes its elements are accessed as elements of a matrix. However, malicious users can pass in tensors of different rank, resulting in a \"CHECK\" assertion failure and a crash. This can be used to cause denial of service in serving installations, if users are allowed to control the components of the input sparse tensor. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.", - "cve": "CVE-2020-15197", - "id": "pyup.io-39866", - "more_info_path": "/vulnerabilities/CVE-2020-15197/39866", + "advisory": "TensorFlow 2.3.1 includes a fix for CVE-2020-15198: In Tensorflow before version 2.3.1, the \"SparseCountSparseOutput\" implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the \"indices\" tensor has the same shape as the \"values\" one. The values in these tensors are always accessed in parallel. Thus, a shape mismatch can result in accesses outside the bounds of heap allocated buffers. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jc87-6vpp-7ff3", + "cve": "CVE-2020-15198", + "id": "pyup.io-39865", + "more_info_path": "/vulnerabilities/CVE-2020-15198/39865", "specs": [ ">=2.3.0rc0,<2.3.1" ], @@ -154555,40 +155067,40 @@ "v": ">=2.3.0rc0,<2.3.1" }, { - "advisory": "TensorFlow version 2.3.1 includes a fix for CVE-2020-15196: In Tensorflow version 2.3.0, the \"SparseCountSparseOutput\" and \"RaggedCountSparseOutput\" implementations don't validate that the \"weights\" tensor has the same shape as the data. The check exists for \"DenseCountSparseOutput\", where both tensors are fully specified. In the sparse and ragged count weights are still accessed in parallel with the data. But, since there is no validation, a user passing fewer weights than the values for the tensors can generate a read from outside the bounds of the heap buffer allocated for the weights. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pg59-2f92-5cph", - "cve": "CVE-2020-15196", - "id": "pyup.io-39867", - "more_info_path": "/vulnerabilities/CVE-2020-15196/39867", + "advisory": "TensorFlow 2.3.1 includes a fix for CVE-2020-15200: In Tensorflow before version 2.3.1, the \"RaggedCountSparseOutput\" implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the \"splits\" tensor generate a valid partitioning of the \"values\" tensor. Thus, the code sets up conditions to cause a heap buffer overflow. A \"BatchedMap\" is equivalent to a vector where each element is a hashmap. However, if the first element of \"splits_values\" is not 0, \"batch_idx\" will never be 1, hence there will be no hashmap at index 0 in \"per_batch_counts\". Trying to access that in the user code results in a segmentation fault. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x7rp-74x2-mjf3", + "cve": "CVE-2020-15200", + "id": "pyup.io-39863", + "more_info_path": "/vulnerabilities/CVE-2020-15200/39863", "specs": [ ">=2.3.0rc0,<2.3.1" ], "v": ">=2.3.0rc0,<2.3.1" }, { - "advisory": "TensorFlow 2.3.1 includes a fix for CVE-2020-15198: In Tensorflow before version 2.3.1, the \"SparseCountSparseOutput\" implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the \"indices\" tensor has the same shape as the \"values\" one. The values in these tensors are always accessed in parallel. Thus, a shape mismatch can result in accesses outside the bounds of heap allocated buffers. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jc87-6vpp-7ff3", - "cve": "CVE-2020-15198", - "id": "pyup.io-39865", - "more_info_path": "/vulnerabilities/CVE-2020-15198/39865", + "advisory": "TensorFlow version 2.3.1 includes a fix for CVE-2020-15197: In Tensorflow before version 2.3.1, the \"SparseCountSparseOutput\" implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the \"indices\" tensor has rank 2. This tensor must be a matrix because code assumes its elements are accessed as elements of a matrix. However, malicious users can pass in tensors of different rank, resulting in a \"CHECK\" assertion failure and a crash. This can be used to cause denial of service in serving installations, if users are allowed to control the components of the input sparse tensor. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.", + "cve": "CVE-2020-15197", + "id": "pyup.io-39866", + "more_info_path": "/vulnerabilities/CVE-2020-15197/39866", "specs": [ ">=2.3.0rc0,<2.3.1" ], "v": ">=2.3.0rc0,<2.3.1" }, { - "advisory": "TensorFlow 2.3.1 includes a fix for CVE-2020-15200: In Tensorflow before version 2.3.1, the \"RaggedCountSparseOutput\" implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the \"splits\" tensor generate a valid partitioning of the \"values\" tensor. Thus, the code sets up conditions to cause a heap buffer overflow. A \"BatchedMap\" is equivalent to a vector where each element is a hashmap. However, if the first element of \"splits_values\" is not 0, \"batch_idx\" will never be 1, hence there will be no hashmap at index 0 in \"per_batch_counts\". Trying to access that in the user code results in a segmentation fault. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x7rp-74x2-mjf3", - "cve": "CVE-2020-15200", - "id": "pyup.io-39863", - "more_info_path": "/vulnerabilities/CVE-2020-15200/39863", + "advisory": "TensorFlow version 2.3.1 includes a fix for CVE-2020-15196: In Tensorflow version 2.3.0, the \"SparseCountSparseOutput\" and \"RaggedCountSparseOutput\" implementations don't validate that the \"weights\" tensor has the same shape as the data. The check exists for \"DenseCountSparseOutput\", where both tensors are fully specified. In the sparse and ragged count weights are still accessed in parallel with the data. But, since there is no validation, a user passing fewer weights than the values for the tensors can generate a read from outside the bounds of the heap buffer allocated for the weights. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pg59-2f92-5cph", + "cve": "CVE-2020-15196", + "id": "pyup.io-39867", + "more_info_path": "/vulnerabilities/CVE-2020-15196/39867", "specs": [ ">=2.3.0rc0,<2.3.1" ], "v": ">=2.3.0rc0,<2.3.1" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37635: In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_reduce_op.cc#L217-L228) fails to validate that each reduction group does not overflow and that each corresponding index does not point to outside the bounds of the input tensor. The Tensorflow team has patched the issue in GitHub commit 87158f43f05f2720a374f3e6d22a7aaa3a33f750.", - "cve": "CVE-2021-37635", - "id": "pyup.io-41110", - "more_info_path": "/vulnerabilities/CVE-2021-37635/41110", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37667: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.UnicodeEncode'. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unicode_ops.cc#L533-L539) reads the first dimension of the 'input_splits' tensor before validating that this tensor is not empty. The Tensorflow team has patched the issue in GitHub commit 2e0ee46f1a47675152d3d865797a18358881d7a6.", + "cve": "CVE-2021-37667", + "id": "pyup.io-41142", + "more_info_path": "/vulnerabilities/CVE-2021-37667/41142", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -154598,10 +155110,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37636: In affected versions the implementation of 'tf.raw_ops.SparseDenseCwiseDiv' is vulnerable to a division by 0 error. The implementation (https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc#L56) uses a common class for all binary operations but fails to treat the division by 0 case separately. The Tensorflow team has patched the issue in GitHub commit d9204be9f49520cdaaeb2541d1dc5187b23f31d9.", - "cve": "CVE-2021-37636", - "id": "pyup.io-41111", - "more_info_path": "/vulnerabilities/CVE-2021-37636/41111", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37648: In affected versions the code for 'tf.raw_ops.SaveV2' does not properly validate the inputs and an attacker can trigger a null pointer dereference. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/save_restore_v2_ops.cc) uses 'ValidateInputs' to check that the input arguments are valid. This validation would have caught the illegal state represented by the reproducer above. However, the validation uses 'OP_REQUIRES' which translates to setting the 'Status' object of the current 'OpKernelContext' to an error status, followed by an empty 'return' statement which just terminates the execution of the function it is present in. However, this does not mean that the kernel execution is finalized: instead, execution continues from the nQext line in 'Compute' that follows the call to 'ValidateInputs'. This is equivalent to lacking the validation. The Tensorflow team has patched the issue in GitHub commit 9728c60e136912a12d99ca56e106b7cce7af5986.", + "cve": "CVE-2021-37648", + "id": "pyup.io-41123", + "more_info_path": "/vulnerabilities/CVE-2021-37648/41123", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -154624,23 +155136,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37683: In affected versions the implementation of division in TFLite is vulnerable to a division by 0 error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/div.cc). There is no check that the divisor tensor does not contain zero elements. The Tensorflow team has patched the issue in GitHub commit 1e206baedf8bef0334cca3eb92bab134ef525a28.", - "cve": "CVE-2021-37683", - "id": "pyup.io-41158", - "more_info_path": "/vulnerabilities/CVE-2021-37683/41158", - "specs": [ - ">=2.3.0rc0,<2.3.4", - ">=2.4.0rc0,<2.4.3", - ">=2.5.0rc0,<2.5.1", - ">=2.6.0rc0,<2.6.0" - ], - "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" - }, - { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37671: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.Map*' and 'tf.raw_ops.OrderedMap*' operations. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/map_stage_op.cc#L222-L248) has a check in place to ensure that 'indices' is in ascending order, but does not check that 'indices' is not empty. The Tensorflow team has patched the issue in GitHub commit 532f5c5a547126c634fefd43bbad1dc6417678ac.", - "cve": "CVE-2021-37671", - "id": "pyup.io-41146", - "more_info_path": "/vulnerabilities/CVE-2021-37671/41146", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37636: In affected versions the implementation of 'tf.raw_ops.SparseDenseCwiseDiv' is vulnerable to a division by 0 error. The implementation (https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc#L56) uses a common class for all binary operations but fails to treat the division by 0 case separately. The Tensorflow team has patched the issue in GitHub commit d9204be9f49520cdaaeb2541d1dc5187b23f31d9.", + "cve": "CVE-2021-37636", + "id": "pyup.io-41111", + "more_info_path": "/vulnerabilities/CVE-2021-37636/41111", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -154650,10 +155149,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37637: It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to `tf.raw_ops.CompressElement`. The [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/data/compression_utils.cc#L34) was accessing the size of a buffer obtained from the return of a separate function call before validating that said buffer is valid. The Tensorflow team has patched the issue in GitHub commit 5dc7f6981fdaf74c8c5be41f393df705841fb7c5.", - "cve": "CVE-2021-37637", - "id": "pyup.io-41112", - "more_info_path": "/vulnerabilities/CVE-2021-37637/41112", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37642: In affected versions the implementation of 'tf.raw_ops.ResourceScatterDiv' is vulnerable to a division by 0 error. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/resource_variable_ops.cc#L865) uses a common class for all binary operations but fails to treat the division by 0 case separately. The Tensorflow team has patched the issue in GitHub commit 4aacb30888638da75023e6601149415b39763d76.", + "cve": "CVE-2021-37642", + "id": "pyup.io-41117", + "more_info_path": "/vulnerabilities/CVE-2021-37642/41117", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -154663,10 +155162,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37667: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.UnicodeEncode'. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unicode_ops.cc#L533-L539) reads the first dimension of the 'input_splits' tensor before validating that this tensor is not empty. The Tensorflow team has patched the issue in GitHub commit 2e0ee46f1a47675152d3d865797a18358881d7a6.", - "cve": "CVE-2021-37667", - "id": "pyup.io-41142", - "more_info_path": "/vulnerabilities/CVE-2021-37667/41142", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37683: In affected versions the implementation of division in TFLite is vulnerable to a division by 0 error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/div.cc). There is no check that the divisor tensor does not contain zero elements. The Tensorflow team has patched the issue in GitHub commit 1e206baedf8bef0334cca3eb92bab134ef525a28.", + "cve": "CVE-2021-37683", + "id": "pyup.io-41158", + "more_info_path": "/vulnerabilities/CVE-2021-37683/41158", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -154676,10 +155175,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37648: In affected versions the code for 'tf.raw_ops.SaveV2' does not properly validate the inputs and an attacker can trigger a null pointer dereference. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/save_restore_v2_ops.cc) uses 'ValidateInputs' to check that the input arguments are valid. This validation would have caught the illegal state represented by the reproducer above. However, the validation uses 'OP_REQUIRES' which translates to setting the 'Status' object of the current 'OpKernelContext' to an error status, followed by an empty 'return' statement which just terminates the execution of the function it is present in. However, this does not mean that the kernel execution is finalized: instead, execution continues from the nQext line in 'Compute' that follows the call to 'ValidateInputs'. This is equivalent to lacking the validation. The Tensorflow team has patched the issue in GitHub commit 9728c60e136912a12d99ca56e106b7cce7af5986.", - "cve": "CVE-2021-37648", - "id": "pyup.io-41123", - "more_info_path": "/vulnerabilities/CVE-2021-37648/41123", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37635: In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_reduce_op.cc#L217-L228) fails to validate that each reduction group does not overflow and that each corresponding index does not point to outside the bounds of the input tensor. The Tensorflow team has patched the issue in GitHub commit 87158f43f05f2720a374f3e6d22a7aaa3a33f750.", + "cve": "CVE-2021-37635", + "id": "pyup.io-41110", + "more_info_path": "/vulnerabilities/CVE-2021-37635/41110", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -154689,10 +155188,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37642: In affected versions the implementation of 'tf.raw_ops.ResourceScatterDiv' is vulnerable to a division by 0 error. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/resource_variable_ops.cc#L865) uses a common class for all binary operations but fails to treat the division by 0 case separately. The Tensorflow team has patched the issue in GitHub commit 4aacb30888638da75023e6601149415b39763d76.", - "cve": "CVE-2021-37642", - "id": "pyup.io-41117", - "more_info_path": "/vulnerabilities/CVE-2021-37642/41117", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37637: It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to `tf.raw_ops.CompressElement`. The [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/data/compression_utils.cc#L34) was accessing the size of a buffer obtained from the return of a separate function call before validating that said buffer is valid. The Tensorflow team has patched the issue in GitHub commit 5dc7f6981fdaf74c8c5be41f393df705841fb7c5.", + "cve": "CVE-2021-37637", + "id": "pyup.io-41112", + "more_info_path": "/vulnerabilities/CVE-2021-37637/41112", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -154715,23 +155214,23 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37638: Sending invalid argument for 'row_partition_types' of 'tf.raw_ops.RaggedTensorToTensor' API results in a null pointer dereference and undefined behavior. The implementation (https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L328) accesses the first element of a user supplied list of values without validating that the provided list is not empty. The Tensorflow team has patched the issue in GitHub commit 301ae88b331d37a2a16159b65b255f4f9eb39314.", - "cve": "CVE-2021-37638", - "id": "pyup.io-41113", - "more_info_path": "/vulnerabilities/CVE-2021-37638/41113", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37671: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.Map*' and 'tf.raw_ops.OrderedMap*' operations. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/map_stage_op.cc#L222-L248) has a check in place to ensure that 'indices' is in ascending order, but does not check that 'indices' is not empty. The Tensorflow team has patched the issue in GitHub commit 532f5c5a547126c634fefd43bbad1dc6417678ac.", + "cve": "CVE-2021-37671", + "id": "pyup.io-41146", + "more_info_path": "/vulnerabilities/CVE-2021-37671/41146", "specs": [ ">=2.3.0rc0,<2.3.4", - ">=2.5.0rc0,<2.5.1", ">=2.4.0rc0,<2.4.3", + ">=2.5.0rc0,<2.5.1", ">=2.6.0rc0,<2.6.0" ], - "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" + "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37649: The code for 'tf.raw_ops.UncompressElement' can be made to trigger a null pointer dereference. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/data/experimental/compression_ops.cc#L50-L53) obtains a pointer to a 'CompressedElement' from a 'Variant' tensor and then proceeds to dereference it for decompressing. There is no check that the 'Variant' tensor contained a 'CompressedElement', so the pointer is actually 'nullptr'. The Tensorflow team has patched the issue in GitHub commit 7bdf50bb4f5c54a4997c379092888546c97c3ebd.", - "cve": "CVE-2021-37649", - "id": "pyup.io-41124", - "more_info_path": "/vulnerabilities/CVE-2021-37649/41124", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37639: When restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer. Alternatively, attackers can read memory outside the bounds of heap allocated data by providing some tensor names but not enough for a successful restoration. The implementation (https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/save_restore_tensor.cc#L158-L159) retrieves the tensor list corresponding to the 'tensor_name' user controlled input and immediately retrieves the tensor at the restoration index (controlled via 'preferred_shard' argument). This occurs without validating that the provided list has enough values. If the list is empty this results in dereferencing a null pointer (undefined behavior). If, however, the list has some elements and if the restoration index is outside the bounds, this results in heap OOB read. The Tensorflow team has patched the issue in GitHub commit 9e82dce6e6bd1f36a57e08fa85af213e2b2f2622.", + "cve": "CVE-2021-37639", + "id": "pyup.io-41114", + "more_info_path": "/vulnerabilities/CVE-2021-37639/41114", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -154741,10 +155240,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37652: In affected versions the implementation for 'tf.raw_ops.BoostedTreesCreateEnsemble' can result in a use after free error if an attacker supplies specially crafted arguments. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/boosted_trees/resource_ops.cc#L55) uses a reference counted resource and decrements the refcount if the initialization fails, as it should. However, when the code was written, the resource was represented as a naked pointer but later refactoring has changed it to be a smart pointer. Thus, when the pointer leaves the scope, a subsequent 'free'-ing of the resource occurs, but this fails to take into account that the refcount has already reached 0, thus the resource has been already freed. During this double-free process, members of the resource object are accessed for cleanup but they are invalid as the entire resource has been freed. The Tensorflow team has patched the issue in GitHub commit 5ecec9c6fbdbc6be03295685190a45e7eee726ab.", - "cve": "CVE-2021-37652", - "id": "pyup.io-41127", - "more_info_path": "/vulnerabilities/CVE-2021-37652/41127", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37654: In affected versions an attacker can trigger a crash via a 'CHECK'-fail in debug builds of TensorFlow using 'tf.raw_ops.ResourceGather' or a read from outside the bounds of heap allocated data in the same API in a release build. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L660-L668) does not check that the 'batch_dims' value that the user supplies is less than the rank of the input tensor. Since the implementation uses several for loops over the dimensions of 'tensor', this results in reading data from outside the bounds of heap allocated buffer backing the tensor. The Tensorflow team has patched the issue in GitHub commit bc9c546ce7015c57c2f15c168b3d9201de679a1d.", + "cve": "CVE-2021-37654", + "id": "pyup.io-41129", + "more_info_path": "/vulnerabilities/CVE-2021-37654/41129", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -154767,10 +155266,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37654: In affected versions an attacker can trigger a crash via a 'CHECK'-fail in debug builds of TensorFlow using 'tf.raw_ops.ResourceGather' or a read from outside the bounds of heap allocated data in the same API in a release build. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L660-L668) does not check that the 'batch_dims' value that the user supplies is less than the rank of the input tensor. Since the implementation uses several for loops over the dimensions of 'tensor', this results in reading data from outside the bounds of heap allocated buffer backing the tensor. The Tensorflow team has patched the issue in GitHub commit bc9c546ce7015c57c2f15c168b3d9201de679a1d.", - "cve": "CVE-2021-37654", - "id": "pyup.io-41129", - "more_info_path": "/vulnerabilities/CVE-2021-37654/41129", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37656: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.RaggedTensorToSparse'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/ragged_tensor_to_sparse_kernel.cc#L30) has an incomplete validation of the splits values: it does not check that they are in increasing order. The Tensorflow team has patched the issue in GitHub commit 1071f554dbd09f7e101324d366eec5f4fe5a3ece.", + "cve": "CVE-2021-37656", + "id": "pyup.io-41131", + "more_info_path": "/vulnerabilities/CVE-2021-37656/41131", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -154780,10 +155279,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37639: When restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer. Alternatively, attackers can read memory outside the bounds of heap allocated data by providing some tensor names but not enough for a successful restoration. The implementation (https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/save_restore_tensor.cc#L158-L159) retrieves the tensor list corresponding to the 'tensor_name' user controlled input and immediately retrieves the tensor at the restoration index (controlled via 'preferred_shard' argument). This occurs without validating that the provided list has enough values. If the list is empty this results in dereferencing a null pointer (undefined behavior). If, however, the list has some elements and if the restoration index is outside the bounds, this results in heap OOB read. The Tensorflow team has patched the issue in GitHub commit 9e82dce6e6bd1f36a57e08fa85af213e2b2f2622.", - "cve": "CVE-2021-37639", - "id": "pyup.io-41114", - "more_info_path": "/vulnerabilities/CVE-2021-37639/41114", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37651: In affected versions the implementation for 'tf.raw_ops.FractionalAvgPoolGrad' can be tricked into accessing data outside of bounds of heap allocated buffers. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/fractional_avg_pool_op.cc#L205) does not validate that the input tensor is non-empty. Thus, code constructs an empty 'EigenDoubleMatrixMap' and then accesses this buffer with indices that are outside of the empty area. The Tensorflow team has patched the issue in GitHub commit 0f931751fb20f565c4e94aa6df58d54a003cdb30.", + "cve": "CVE-2021-37651", + "id": "pyup.io-41126", + "more_info_path": "/vulnerabilities/CVE-2021-37651/41126", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -154793,10 +155292,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37647: When a user does not supply arguments that determine a valid sparse tensor, 'tf.raw_ops.SparseTensorSliceDataset' implementation can be made to dereference a null pointer. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L240-L251) has some argument validation but fails to consider the case when either 'indices' or 'values' are provided for an empty sparse tensor when the other is not. If 'indices' is empty, then code that performs validation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L260-L261) (i.e., checking that the indices are monotonically increasing) results in a null pointer dereference. If 'indices' as provided by the user is empty, then 'indices' in the C++ code above is backed by an empty 'std::vector', hence calling 'indices->dim_size(0)' results in null pointer dereferencing (same as calling 'std::vector::at()' on an empty vector). The Tensorflow team has patched the issue in GitHub commit 02cc160e29d20631de3859c6653184e3f876b9d7.", - "cve": "CVE-2021-37647", - "id": "pyup.io-41122", - "more_info_path": "/vulnerabilities/CVE-2021-37647/41122", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37659: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting (e.g., gradients of binary cwise operations). The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/cwise_ops_common.h#L264) assumes that the two inputs have exactly the same number of elements but does not check that. Hence, when the eigen functor executes it triggers heap OOB reads and undefined behavior due to binding to nullptr. We have patched the issue in GitHub commit 93f428fd1768df147171ed674fee1fc5ab8309ec.", + "cve": "CVE-2021-37659", + "id": "pyup.io-41134", + "more_info_path": "/vulnerabilities/CVE-2021-37659/41134", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -154806,10 +155305,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37656: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.RaggedTensorToSparse'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/ragged_tensor_to_sparse_kernel.cc#L30) has an incomplete validation of the splits values: it does not check that they are in increasing order. The Tensorflow team has patched the issue in GitHub commit 1071f554dbd09f7e101324d366eec5f4fe5a3ece.", - "cve": "CVE-2021-37656", - "id": "pyup.io-41131", - "more_info_path": "/vulnerabilities/CVE-2021-37656/41131", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37649: The code for 'tf.raw_ops.UncompressElement' can be made to trigger a null pointer dereference. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/data/experimental/compression_ops.cc#L50-L53) obtains a pointer to a 'CompressedElement' from a 'Variant' tensor and then proceeds to dereference it for decompressing. There is no check that the 'Variant' tensor contained a 'CompressedElement', so the pointer is actually 'nullptr'. The Tensorflow team has patched the issue in GitHub commit 7bdf50bb4f5c54a4997c379092888546c97c3ebd.", + "cve": "CVE-2021-37649", + "id": "pyup.io-41124", + "more_info_path": "/vulnerabilities/CVE-2021-37649/41124", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -154819,10 +155318,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37651: In affected versions the implementation for 'tf.raw_ops.FractionalAvgPoolGrad' can be tricked into accessing data outside of bounds of heap allocated buffers. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/fractional_avg_pool_op.cc#L205) does not validate that the input tensor is non-empty. Thus, code constructs an empty 'EigenDoubleMatrixMap' and then accesses this buffer with indices that are outside of the empty area. The Tensorflow team has patched the issue in GitHub commit 0f931751fb20f565c4e94aa6df58d54a003cdb30.", - "cve": "CVE-2021-37651", - "id": "pyup.io-41126", - "more_info_path": "/vulnerabilities/CVE-2021-37651/41126", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37647: When a user does not supply arguments that determine a valid sparse tensor, 'tf.raw_ops.SparseTensorSliceDataset' implementation can be made to dereference a null pointer. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L240-L251) has some argument validation but fails to consider the case when either 'indices' or 'values' are provided for an empty sparse tensor when the other is not. If 'indices' is empty, then code that performs validation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L260-L261) (i.e., checking that the indices are monotonically increasing) results in a null pointer dereference. If 'indices' as provided by the user is empty, then 'indices' in the C++ code above is backed by an empty 'std::vector', hence calling 'indices->dim_size(0)' results in null pointer dereferencing (same as calling 'std::vector::at()' on an empty vector). The Tensorflow team has patched the issue in GitHub commit 02cc160e29d20631de3859c6653184e3f876b9d7.", + "cve": "CVE-2021-37647", + "id": "pyup.io-41122", + "more_info_path": "/vulnerabilities/CVE-2021-37647/41122", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -154845,10 +155344,23 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37659: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting (e.g., gradients of binary cwise operations). The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/cwise_ops_common.h#L264) assumes that the two inputs have exactly the same number of elements but does not check that. Hence, when the eigen functor executes it triggers heap OOB reads and undefined behavior due to binding to nullptr. We have patched the issue in GitHub commit 93f428fd1768df147171ed674fee1fc5ab8309ec.", - "cve": "CVE-2021-37659", - "id": "pyup.io-41134", - "more_info_path": "/vulnerabilities/CVE-2021-37659/41134", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37638: Sending invalid argument for 'row_partition_types' of 'tf.raw_ops.RaggedTensorToTensor' API results in a null pointer dereference and undefined behavior. The implementation (https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L328) accesses the first element of a user supplied list of values without validating that the provided list is not empty. The Tensorflow team has patched the issue in GitHub commit 301ae88b331d37a2a16159b65b255f4f9eb39314.", + "cve": "CVE-2021-37638", + "id": "pyup.io-41113", + "more_info_path": "/vulnerabilities/CVE-2021-37638/41113", + "specs": [ + ">=2.3.0rc0,<2.3.4", + ">=2.5.0rc0,<2.5.1", + ">=2.4.0rc0,<2.4.3", + ">=2.6.0rc0,<2.6.0" + ], + "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" + }, + { + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37652: In affected versions the implementation for 'tf.raw_ops.BoostedTreesCreateEnsemble' can result in a use after free error if an attacker supplies specially crafted arguments. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/boosted_trees/resource_ops.cc#L55) uses a reference counted resource and decrements the refcount if the initialization fails, as it should. However, when the code was written, the resource was represented as a naked pointer but later refactoring has changed it to be a smart pointer. Thus, when the pointer leaves the scope, a subsequent 'free'-ing of the resource occurs, but this fails to take into account that the refcount has already reached 0, thus the resource has been already freed. During this double-free process, members of the resource object are accessed for cleanup but they are invalid as the entire resource has been freed. The Tensorflow team has patched the issue in GitHub commit 5ecec9c6fbdbc6be03295685190a45e7eee726ab.", + "cve": "CVE-2021-37652", + "id": "pyup.io-41127", + "more_info_path": "/vulnerabilities/CVE-2021-37652/41127", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -154895,10 +155407,10 @@ "v": ">=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4,>=2.5.0rc0,<2.5.0" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix vulnerabilities where session operations in eager mode lead to null pointer dereferences. See CVE-2021-29518.", - "cve": "CVE-2021-29518", - "id": "pyup.io-40677", - "more_info_path": "/vulnerabilities/CVE-2021-29518/40677", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29513: Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++ array (https://github.com/tensorflow/tensorflow/blob/ff70c47a396ef1e3cb73c90513da4f5cb71bebba/tensorflow/python/lib/core/ndarray_tensor.cc#L113-L169) is vulnerable to a type confusion.", + "cve": "CVE-2021-29513", + "id": "pyup.io-40465", + "more_info_path": "/vulnerabilities/CVE-2021-29513/40465", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -154909,10 +155421,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a 'CHECK'-fail in 'tf.raw_ops.EncodePng'. See CVE-2021-29531.", - "cve": "CVE-2021-29531", - "id": "pyup.io-40690", - "more_info_path": "/vulnerabilities/CVE-2021-29531/40690", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix vulnerabilities where session operations in eager mode lead to null pointer dereferences. See CVE-2021-29518.", + "cve": "CVE-2021-29518", + "id": "pyup.io-40677", + "more_info_path": "/vulnerabilities/CVE-2021-29518/40677", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -154923,10 +155435,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by invalid validation in 'SparseMatrixSparseCholesky'. See CVE-2021-29530.", - "cve": "CVE-2021-29530", - "id": "pyup.io-40688", - "more_info_path": "/vulnerabilities/CVE-2021-29530/40688", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a 'CHECK'-fail in 'SparseCross' caused by type confusion. See CVE-2021-29519.", + "cve": "CVE-2021-29519", + "id": "pyup.io-40678", + "more_info_path": "/vulnerabilities/CVE-2021-29519/40678", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -154937,10 +155449,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a stack overflow in 'ParseAttrValue' with nested tensors. See CVE-2021-29615.", - "cve": "CVE-2021-29615", - "id": "pyup.io-40767", - "more_info_path": "/vulnerabilities/CVE-2021-29615/40767", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29549: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L289-L295) computes a modulo operation without validating that the divisor is not zero. Since `vector_num_elements` is determined based on input shapes (https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L522-L544), a user can trigger scenarios where this quantity is 0.", + "cve": "CVE-2021-29549", + "id": "pyup.io-40706", + "more_info_path": "/vulnerabilities/CVE-2021-29549/40706", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -154951,10 +155463,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a heap buffer overflow in 'Conv3DBackprop*'. See CVE-2021-29520.", - "cve": "CVE-2021-29520", - "id": "pyup.io-40680", - "more_info_path": "/vulnerabilities/CVE-2021-29520/40680", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by invalid validation in 'SparseMatrixSparseCholesky'. See CVE-2021-29530.", + "cve": "CVE-2021-29530", + "id": "pyup.io-40688", + "more_info_path": "/vulnerabilities/CVE-2021-29530/40688", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -154965,10 +155477,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv2DBackpropFilter'. See CVE-2021-29524.", - "cve": "CVE-2021-29524", - "id": "pyup.io-40683", - "more_info_path": "/vulnerabilities/CVE-2021-29524/40683", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a stack overflow in 'ParseAttrValue' with nested tensors. See CVE-2021-29615.", + "cve": "CVE-2021-29615", + "id": "pyup.io-40767", + "more_info_path": "/vulnerabilities/CVE-2021-29615/40767", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -154979,10 +155491,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv2DBackpropInput'. See CVE-2021-29525.", - "cve": "CVE-2021-29525", - "id": "pyup.io-40684", - "more_info_path": "/vulnerabilities/CVE-2021-29525/40684", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 includes a fix for CVE-2021-29533: An attacker can trigger a denial of service via a 'CHECK' failure by passing an empty image to 'tf.raw_ops.DrawBoundingBoxes'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/ea34a18dc3f5c8d80a40ccca1404f343b5d55f91/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L148-L165) uses 'CHECK_*' assertions instead of 'OP_REQUIRES' to validate user controlled inputs. Whereas 'OP_REQUIRES' allows returning an error condition back to the user, the 'CHECK_*' macros result in a crash if the condition is false, similar to 'assert'. In this case, 'height' is 0 from the 'images' input. This results in 'max_box_row_clamp' being negative and the assertion being falsified, followed by aborting program execution.", + "cve": "CVE-2021-29533", + "id": "pyup.io-40692", + "more_info_path": "/vulnerabilities/CVE-2021-29533/40692", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -154993,10 +155505,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29539: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.resource` or `tf.variant` results in a segfault in the implementation as code assumes that the tensor contents are pure scalars. We have patched the issue in 4f663d4b8f0bec1b48da6fa091a7d29609980fa4 and will release TensorFlow 2.5.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved. If using `tf.raw_ops.ImmutableConst` in code, you can prevent the segfault by inserting a filter for the `dtype` argument.", - "cve": "CVE-2021-29539", - "id": "pyup.io-40467", - "more_info_path": "/vulnerabilities/CVE-2021-29539/40467", + "advisory": "Tensorflow 2.5.0, 2.4.2, 2.3.3, 2.2.3 and 2.1.4 include a fix for CVE-2021-29548: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc) does not validate all constraints specified in the op's contract (https://www.tensorflow.org/api_docs/python/tf/raw_ops/QuantizedBatchNormWithGlobalNormalization).", + "cve": "CVE-2021-29548", + "id": "pyup.io-40468", + "more_info_path": "/vulnerabilities/CVE-2021-29548/40468", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155007,10 +155519,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29532: An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.RaggedCross`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/efea03b38fb8d3b81762237dc85e579cc5fc6e87/tensorflow/core/kernels/ragged_cross_op.cc#L456-L487) lacks validation for the user supplied arguments. Each of the above branches call a helper function after accessing array elements via a `*_list[next_*]` pattern, followed by incrementing the `next_*` index. However, as there is no validation that the `next_*` values are in the valid range for the corresponding `*_list` arrays, this results in heap OOB reads.", - "cve": "CVE-2021-29532", - "id": "pyup.io-40691", - "more_info_path": "/vulnerabilities/CVE-2021-29532/40691", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29552: An attacker can cause a denial of service by controlling the values of `num_segments` tensor argument for `UnsortedSegmentJoin`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a2a607db15c7cd01d754d37e5448d72a13491bdb/tensorflow/core/kernels/unsorted_segment_join_op.cc#L92-L93) assumes that the `num_segments` tensor is a valid scalar. Since the tensor is empty the `CHECK` involved in `.scalar()()` that checks that the number of elements is exactly 1 will be invalidated and this would result in process termination.", + "cve": "CVE-2021-29552", + "id": "pyup.io-40710", + "more_info_path": "/vulnerabilities/CVE-2021-29552/40710", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155021,10 +155533,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29537: An attacker can cause a heap buffer overflow in `QuantizedResizeBilinear` by passing in invalid thresholds for the quantization. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/50711818d2e61ccce012591eeb4fdf93a8496726/tensorflow/core/kernels/quantized_resize_bilinear_op.cc#L705-L706) assumes that the 2 arguments are always valid scalars and tries to access the numeric value directly.", - "cve": "CVE-2021-29537", - "id": "pyup.io-40695", - "more_info_path": "/vulnerabilities/CVE-2021-29537/40695", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv2DBackpropInput'. See CVE-2021-29525.", + "cve": "CVE-2021-29525", + "id": "pyup.io-40684", + "more_info_path": "/vulnerabilities/CVE-2021-29525/40684", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155035,10 +155547,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 includes a fix for CVE-2021-29533: An attacker can trigger a denial of service via a 'CHECK' failure by passing an empty image to 'tf.raw_ops.DrawBoundingBoxes'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/ea34a18dc3f5c8d80a40ccca1404f343b5d55f91/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L148-L165) uses 'CHECK_*' assertions instead of 'OP_REQUIRES' to validate user controlled inputs. Whereas 'OP_REQUIRES' allows returning an error condition back to the user, the 'CHECK_*' macros result in a crash if the condition is false, similar to 'assert'. In this case, 'height' is 0 from the 'images' input. This results in 'max_box_row_clamp' being negative and the assertion being falsified, followed by aborting program execution.", - "cve": "CVE-2021-29533", - "id": "pyup.io-40692", - "more_info_path": "/vulnerabilities/CVE-2021-29533/40692", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29539: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.resource` or `tf.variant` results in a segfault in the implementation as code assumes that the tensor contents are pure scalars. We have patched the issue in 4f663d4b8f0bec1b48da6fa091a7d29609980fa4 and will release TensorFlow 2.5.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved. If using `tf.raw_ops.ImmutableConst` in code, you can prevent the segfault by inserting a filter for the `dtype` argument.", + "cve": "CVE-2021-29539", + "id": "pyup.io-40467", + "more_info_path": "/vulnerabilities/CVE-2021-29539/40467", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155049,10 +155561,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29552: An attacker can cause a denial of service by controlling the values of `num_segments` tensor argument for `UnsortedSegmentJoin`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a2a607db15c7cd01d754d37e5448d72a13491bdb/tensorflow/core/kernels/unsorted_segment_join_op.cc#L92-L93) assumes that the `num_segments` tensor is a valid scalar. Since the tensor is empty the `CHECK` involved in `.scalar()()` that checks that the number of elements is exactly 1 will be invalidated and this would result in process termination.", - "cve": "CVE-2021-29552", - "id": "pyup.io-40710", - "more_info_path": "/vulnerabilities/CVE-2021-29552/40710", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29537: An attacker can cause a heap buffer overflow in `QuantizedResizeBilinear` by passing in invalid thresholds for the quantization. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/50711818d2e61ccce012591eeb4fdf93a8496726/tensorflow/core/kernels/quantized_resize_bilinear_op.cc#L705-L706) assumes that the 2 arguments are always valid scalars and tries to access the numeric value directly.", + "cve": "CVE-2021-29537", + "id": "pyup.io-40695", + "more_info_path": "/vulnerabilities/CVE-2021-29537/40695", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155063,10 +155575,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix fixes a heap buffer overflow caused by rounding. See CVE-2021-29529.", - "cve": "CVE-2021-29529", - "id": "pyup.io-40689", - "more_info_path": "/vulnerabilities/CVE-2021-29529/40689", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a heap buffer overflow in 'Conv3DBackprop*'. See CVE-2021-29520.", + "cve": "CVE-2021-29520", + "id": "pyup.io-40680", + "more_info_path": "/vulnerabilities/CVE-2021-29520/40680", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155077,10 +155589,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv3DBackprop*'. See CVE-2021-29522.", - "cve": "CVE-2021-29522", - "id": "pyup.io-40681", - "more_info_path": "/vulnerabilities/CVE-2021-29522/40681", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv2DBackpropFilter'. See CVE-2021-29524.", + "cve": "CVE-2021-29524", + "id": "pyup.io-40683", + "more_info_path": "/vulnerabilities/CVE-2021-29524/40683", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155091,10 +155603,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29549: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L289-L295) computes a modulo operation without validating that the divisor is not zero. Since `vector_num_elements` is determined based on input shapes (https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L522-L544), a user can trigger scenarios where this quantity is 0.", - "cve": "CVE-2021-29549", - "id": "pyup.io-40706", - "more_info_path": "/vulnerabilities/CVE-2021-29549/40706", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29538: An attacker can cause a division by zero to occur in 'Conv2DBackpropFilter'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L513-L522) computes a divisor based on user provided data (i.e., the shape of the tensors given as arguments). If all shapes are empty then 'work_unit_size' is 0. Since there is no check for this case before division, this results in a runtime exception, with potential to be abused for a denial of service.", + "cve": "CVE-2021-29538", + "id": "pyup.io-40697", + "more_info_path": "/vulnerabilities/CVE-2021-29538/40697", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155105,10 +155617,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.5.0, 2.4.2, 2.3.3, 2.2.3 and 2.1.4 include a fix for CVE-2021-29548: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc) does not validate all constraints specified in the op's contract (https://www.tensorflow.org/api_docs/python/tf/raw_ops/QuantizedBatchNormWithGlobalNormalization).", - "cve": "CVE-2021-29548", - "id": "pyup.io-40468", - "more_info_path": "/vulnerabilities/CVE-2021-29548/40468", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a 'CHECK'-fail in 'tf.raw_ops.EncodePng'. See CVE-2021-29531.", + "cve": "CVE-2021-29531", + "id": "pyup.io-40690", + "more_info_path": "/vulnerabilities/CVE-2021-29531/40690", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155119,10 +155631,24 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29538: An attacker can cause a division by zero to occur in 'Conv2DBackpropFilter'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L513-L522) computes a divisor based on user provided data (i.e., the shape of the tensors given as arguments). If all shapes are empty then 'work_unit_size' is 0. Since there is no check for this case before division, this results in a runtime exception, with potential to be abused for a denial of service.", - "cve": "CVE-2021-29538", - "id": "pyup.io-40697", - "more_info_path": "/vulnerabilities/CVE-2021-29538/40697", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix fixes a heap buffer overflow caused by rounding. See CVE-2021-29529.", + "cve": "CVE-2021-29529", + "id": "pyup.io-40689", + "more_info_path": "/vulnerabilities/CVE-2021-29529/40689", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.1.0rc0,<2.1.4", + ">=2.2.0rc0,<2.2.3", + ">=2.3.0rc0,<2.3.3", + ">=2.4.0rc0,<2.4.2" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" + }, + { + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv3DBackprop*'. See CVE-2021-29522.", + "cve": "CVE-2021-29522", + "id": "pyup.io-40681", + "more_info_path": "/vulnerabilities/CVE-2021-29522/40681", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155175,24 +155701,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29513: Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++ array (https://github.com/tensorflow/tensorflow/blob/ff70c47a396ef1e3cb73c90513da4f5cb71bebba/tensorflow/python/lib/core/ndarray_tensor.cc#L113-L169) is vulnerable to a type confusion.", - "cve": "CVE-2021-29513", - "id": "pyup.io-40465", - "more_info_path": "/vulnerabilities/CVE-2021-29513/40465", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.1.0rc0,<2.1.4", - ">=2.2.0rc0,<2.2.3", - ">=2.3.0rc0,<2.3.3", - ">=2.4.0rc0,<2.4.2" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" - }, - { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a 'CHECK'-fail in 'SparseCross' caused by type confusion. See CVE-2021-29519.", - "cve": "CVE-2021-29519", - "id": "pyup.io-40678", - "more_info_path": "/vulnerabilities/CVE-2021-29519/40678", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29532: An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.RaggedCross`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/efea03b38fb8d3b81762237dc85e579cc5fc6e87/tensorflow/core/kernels/ragged_cross_op.cc#L456-L487) lacks validation for the user supplied arguments. Each of the above branches call a helper function after accessing array elements via a `*_list[next_*]` pattern, followed by incrementing the `next_*` index. However, as there is no validation that the `next_*` values are in the valid range for the corresponding `*_list` arrays, this results in heap OOB reads.", + "cve": "CVE-2021-29532", + "id": "pyup.io-40691", + "more_info_path": "/vulnerabilities/CVE-2021-29532/40691", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -155315,10 +155827,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in 'Conv3D'. See CVE-2021-29517.", - "cve": "CVE-2021-29517", - "id": "pyup.io-40676", - "more_info_path": "/vulnerabilities/CVE-2021-29517/40676", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix fixes a null pointer dereference via invalid Ragged Tensors. See CVE-2021-29516.", + "cve": "CVE-2021-29516", + "id": "pyup.io-40675", + "more_info_path": "/vulnerabilities/CVE-2021-29516/40675", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.2.0rc0,<2.2.3", @@ -155343,10 +155855,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix fixes a null pointer dereference via invalid Ragged Tensors. See CVE-2021-29516.", - "cve": "CVE-2021-29516", - "id": "pyup.io-40675", - "more_info_path": "/vulnerabilities/CVE-2021-29516/40675", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in 'Conv3D'. See CVE-2021-29517.", + "cve": "CVE-2021-29517", + "id": "pyup.io-40676", + "more_info_path": "/vulnerabilities/CVE-2021-29517/40676", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.2.0rc0,<2.2.3", @@ -155399,10 +155911,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29545: An attacker can trigger a denial of service via a 'CHECK'-fail in converting sparse tensors to CSR Sparse matrices. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/800346f2c03a27e182dd4fba48295f65e7790739/tensorflow/core/kernels/sparse/kernels.cc#L66) does a double redirection to access an element of an array allocated on the heap. If the value at 'indices(i, 0)' is such that 'indices(i, 0) + 1' is outside the bounds of 'csr_row_ptr', this results in writing outside of bounds of heap allocated data.", - "cve": "CVE-2021-29545", - "id": "pyup.io-40703", - "more_info_path": "/vulnerabilities/CVE-2021-29545/40703", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29551: The implementation of 'MatrixTriangularSolve' (https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrix_triangular_solve_op_impl.h#L160-L240) fails to terminate kernel execution if one validation condition fails.", + "cve": "CVE-2021-29551", + "id": "pyup.io-40708", + "more_info_path": "/vulnerabilities/CVE-2021-29551/40708", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.3.0rc0,<2.3.3", @@ -155413,10 +155925,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.4.0rc0,<2.4.2,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29551: The implementation of 'MatrixTriangularSolve' (https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrix_triangular_solve_op_impl.h#L160-L240) fails to terminate kernel execution if one validation condition fails.", - "cve": "CVE-2021-29551", - "id": "pyup.io-40708", - "more_info_path": "/vulnerabilities/CVE-2021-29551/40708", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29545: An attacker can trigger a denial of service via a 'CHECK'-fail in converting sparse tensors to CSR Sparse matrices. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/800346f2c03a27e182dd4fba48295f65e7790739/tensorflow/core/kernels/sparse/kernels.cc#L66) does a double redirection to access an element of an array allocated on the heap. If the value at 'indices(i, 0)' is such that 'indices(i, 0) + 1' is outside the bounds of 'csr_row_ptr', this results in writing outside of bounds of heap allocated data.", + "cve": "CVE-2021-29545", + "id": "pyup.io-40703", + "more_info_path": "/vulnerabilities/CVE-2021-29545/40703", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.3.0rc0,<2.3.3", @@ -155455,10 +155967,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a segfault in 'CTCBeamSearchDecoder'. See CVE-2021-29581.", - "cve": "CVE-2021-29581", - "id": "pyup.io-40734", - "more_info_path": "/vulnerabilities/CVE-2021-29581/40734", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix an undefined behavior in 'MaxPool3DGradGrad'. See CVE-2021-29574.", + "cve": "CVE-2021-29574", + "id": "pyup.io-40728", + "more_info_path": "/vulnerabilities/CVE-2021-29574/40728", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.3.0rc0,<2.3.3", @@ -155469,10 +155981,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix an undefined behavior in 'MaxPool3DGradGrad'. See CVE-2021-29574.", - "cve": "CVE-2021-29574", - "id": "pyup.io-40728", - "more_info_path": "/vulnerabilities/CVE-2021-29574/40728", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a segfault in 'CTCBeamSearchDecoder'. See CVE-2021-29581.", + "cve": "CVE-2021-29581", + "id": "pyup.io-40734", + "more_info_path": "/vulnerabilities/CVE-2021-29581/40734", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.3.0rc0,<2.3.3", @@ -155595,10 +156107,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap out of bounds read in 'MaxPoolGradWithArgmax'. See CVE-2021-29570.", - "cve": "CVE-2021-29570", - "id": "pyup.io-40724", - "more_info_path": "/vulnerabilities/CVE-2021-29570/40724", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'BandedTriangularSolve'. See CVE-2021-29612.", + "cve": "CVE-2021-29612", + "id": "pyup.io-40765", + "more_info_path": "/vulnerabilities/CVE-2021-29612/40765", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155609,10 +156121,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'BandedTriangularSolve'. See CVE-2021-29612.", - "cve": "CVE-2021-29612", - "id": "pyup.io-40765", - "more_info_path": "/vulnerabilities/CVE-2021-29612/40765", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29514: If the 'splits' argument of 'RaggedBincount' does not specify a valid 'SparseTensor' (https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the 'splits' tensor buffer in the implementation of the 'RaggedBincount' op (https://github.com/tensorflow/tensorflow/blob/8b677d79167799f71c42fd3fa074476e0295413a/tensorflow/core/kernels/bincount_op.cc#L430-L446). Before the 'for' loop, 'batch_idx' is set to 0. The attacker sets 'splits(0)' to be 7, hence the 'while' loop does not execute and 'batch_idx' remains 0. This then results in writing to 'out(-1, bin)', which is before the heap allocated buffer for the output tensor.", + "cve": "CVE-2021-29514", + "id": "pyup.io-40466", + "more_info_path": "/vulnerabilities/CVE-2021-29514/40466", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155651,10 +156163,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'SparseMatMul'. See CVE-2021-29557.", - "cve": "CVE-2021-29557", - "id": "pyup.io-40713", - "more_info_path": "/vulnerabilities/CVE-2021-29557/40713", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap out of bounds read in 'MaxPoolGradWithArgmax'. See CVE-2021-29570.", + "cve": "CVE-2021-29570", + "id": "pyup.io-40724", + "more_info_path": "/vulnerabilities/CVE-2021-29570/40724", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155665,10 +156177,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29514: If the 'splits' argument of 'RaggedBincount' does not specify a valid 'SparseTensor' (https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the 'splits' tensor buffer in the implementation of the 'RaggedBincount' op (https://github.com/tensorflow/tensorflow/blob/8b677d79167799f71c42fd3fa074476e0295413a/tensorflow/core/kernels/bincount_op.cc#L430-L446). Before the 'for' loop, 'batch_idx' is set to 0. The attacker sets 'splits(0)' to be 7, hence the 'while' loop does not execute and 'batch_idx' remains 0. This then results in writing to 'out(-1, bin)', which is before the heap allocated buffer for the output tensor.", - "cve": "CVE-2021-29514", - "id": "pyup.io-40466", - "more_info_path": "/vulnerabilities/CVE-2021-29514/40466", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'SparseMatMul'. See CVE-2021-29557.", + "cve": "CVE-2021-29557", + "id": "pyup.io-40713", + "more_info_path": "/vulnerabilities/CVE-2021-29557/40713", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155706,6 +156218,48 @@ ], "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" }, + { + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29618: Passing a complex argument to `tf.transpose` at the same time as passing 'conjugate=True' argument results in a crash.", + "cve": "CVE-2021-29618", + "id": "pyup.io-40769", + "more_info_path": "/vulnerabilities/CVE-2021-29618/40769", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.4.0rc0,<2.4.2", + ">=2.3.0rc0,<2.3.3", + ">=2.2.0rc0,<2.2.3", + ">=2.1.0rc0,<2.1.4" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" + }, + { + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseSparseMinimum'. See CVE-2021-29607.", + "cve": "CVE-2021-29607", + "id": "pyup.io-40762", + "more_info_path": "/vulnerabilities/CVE-2021-29607/40762", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.4.0rc0,<2.4.2", + ">=2.3.0rc0,<2.3.3", + ">=2.2.0rc0,<2.2.3", + ">=2.1.0rc0,<2.1.4" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" + }, + { + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29563: An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination.", + "cve": "CVE-2021-29563", + "id": "pyup.io-40720", + "more_info_path": "/vulnerabilities/CVE-2021-29563/40720", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.4.0rc0,<2.4.2", + ">=2.3.0rc0,<2.3.3", + ">=2.2.0rc0,<2.2.3", + ">=2.1.0rc0,<2.1.4" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" + }, { "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'BatchToSpaceNd'. See CVE-2021-29593.", "cve": "CVE-2021-29593", @@ -155762,34 +156316,6 @@ ], "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, - { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29571: The implementation of 'tf.raw_ops.MaxPoolGradWithArgmax' can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation (https://github.com/tensorflow/tensorflow/blob/31bd5026304677faa8a0b77602c6154171b9aec1/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L116-L130) assumes that the last element of 'boxes' input is 4, as required by the op (https://www.tensorflow.org/api_docs/python/tf/raw_ops/DrawBoundingBoxesV2). Since this is not checked attackers passing values less than 4 can write outside of bounds of heap allocated objects and cause memory corruption. If the last dimension in 'boxes' is less than 4, accesses similar to 'tboxes(b, bb, 3)' will access data outside of bounds. Further during code execution there are also writes to these indices.", - "cve": "CVE-2021-29571", - "id": "pyup.io-40470", - "more_info_path": "/vulnerabilities/CVE-2021-29571/40470", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.4.0rc0,<2.4.2", - ">=2.3.0rc0,<2.3.3", - ">=2.2.0rc0,<2.2.3", - ">=2.1.0rc0,<2.1.4" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" - }, - { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'DepthwiseConv'. See CVE-2021-29602.", - "cve": "CVE-2021-29602", - "id": "pyup.io-40754", - "more_info_path": "/vulnerabilities/CVE-2021-29602/40754", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.4.0rc0,<2.4.2", - ">=2.3.0rc0,<2.3.3", - ">=2.2.0rc0,<2.2.3", - ">=2.1.0rc0,<2.1.4" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" - }, { "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'AvgPool3DGrad'. See CVE-2021-29577.", "cve": "CVE-2021-29577", @@ -155805,10 +156331,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29610: The validation in 'tf.raw_ops.QuantizeAndDequantizeV2' allows invalid values for 'axis' argument:. The validation (https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74-L77) uses '||' to mix two different conditions. If 'axis_ < -1' the condition in 'OP_REQUIRES' will still be true, but this value of 'axis_' results in heap underflow. This allows attackers to read/write to other data on the heap.", - "cve": "CVE-2021-29610", - "id": "pyup.io-40764", - "more_info_path": "/vulnerabilities/CVE-2021-29610/40764", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'FractionalAvgPoolGrad'. See CVE-2021-29578.", + "cve": "CVE-2021-29578", + "id": "pyup.io-40732", + "more_info_path": "/vulnerabilities/CVE-2021-29578/40732", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155819,10 +156345,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'MaxPool3DGradGrad'. See CVE-2021-29576.", - "cve": "CVE-2021-29576", - "id": "pyup.io-40729", - "more_info_path": "/vulnerabilities/CVE-2021-29576/40729", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29547: An attacker can cause a segfault and denial of service via accessing data outside of bounds in 'tf.raw_ops.QuantizedBatchNormWithGlobalNormalization'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc#L176-L189) assumes the inputs are not empty. If any of these inputs is empty, '.flat()' is an empty buffer, so accessing the element at index 0 is accessing data outside of bounds.", + "cve": "CVE-2021-29547", + "id": "pyup.io-40705", + "more_info_path": "/vulnerabilities/CVE-2021-29547/40705", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155833,10 +156359,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a integer overflow in TFLite concatentation. See CVE-2021-29601.", - "cve": "CVE-2021-29601", - "id": "pyup.io-40756", - "more_info_path": "/vulnerabilities/CVE-2021-29601/40756", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29571: The implementation of 'tf.raw_ops.MaxPoolGradWithArgmax' can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation (https://github.com/tensorflow/tensorflow/blob/31bd5026304677faa8a0b77602c6154171b9aec1/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L116-L130) assumes that the last element of 'boxes' input is 4, as required by the op (https://www.tensorflow.org/api_docs/python/tf/raw_ops/DrawBoundingBoxesV2). Since this is not checked attackers passing values less than 4 can write outside of bounds of heap allocated objects and cause memory corruption. If the last dimension in 'boxes' is less than 4, accesses similar to 'tboxes(b, bb, 3)' will access data outside of bounds. Further during code execution there are also writes to these indices.", + "cve": "CVE-2021-29571", + "id": "pyup.io-40470", + "more_info_path": "/vulnerabilities/CVE-2021-29571/40470", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155847,10 +156373,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseReshape'. See CVE-2021-29611.", - "cve": "CVE-2021-29611", - "id": "pyup.io-40763", - "more_info_path": "/vulnerabilities/CVE-2021-29611/40763", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'SpaceToBatchNd'. See CVE-2021-29597.", + "cve": "CVE-2021-29597", + "id": "pyup.io-40750", + "more_info_path": "/vulnerabilities/CVE-2021-29597/40750", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155861,10 +156387,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a segfault in 'tf.raw_ops.SparseCountSparseOutput'. See CVE-2021-29619.", - "cve": "CVE-2021-29619", - "id": "pyup.io-40771", - "more_info_path": "/vulnerabilities/CVE-2021-29619/40771", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'MaxPoolGrad'. See CVE-2021-29579.", + "cve": "CVE-2021-29579", + "id": "pyup.io-40733", + "more_info_path": "/vulnerabilities/CVE-2021-29579/40733", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155875,10 +156401,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB in 'QuantizeAndDequantizeV3'. See CVE-2021-29553.", - "cve": "CVE-2021-29553", - "id": "pyup.io-40709", - "more_info_path": "/vulnerabilities/CVE-2021-29553/40709", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29560: An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L219-L222) uses the same index to access two arrays in parallel. Since the user controls the shape of the input arguments, an attacker could trigger a heap OOB access when 'parent_output_index' is shorter than 'row_split'.", + "cve": "CVE-2021-29560", + "id": "pyup.io-40717", + "more_info_path": "/vulnerabilities/CVE-2021-29560/40717", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155889,10 +156415,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a null pointer dereference in 'SparseFillEmptyRows'. See CVE-2021-29565.", - "cve": "CVE-2021-29565", - "id": "pyup.io-40778", - "more_info_path": "/vulnerabilities/CVE-2021-29565/40778", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29608: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in 'tf.raw_ops.RaggedTensorToTensor', an attacker can exploit an undefined behavior if input arguments are empty. The implementation (https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L356-L360) only checks that one of the tensors is not empty, but does not check for the other ones. There are multiple 'DCHECK' validations to prevent heap OOB, but these are no-op in release builds, hence they don't prevent anything.", + "cve": "CVE-2021-29608", + "id": "pyup.io-40760", + "more_info_path": "/vulnerabilities/CVE-2021-29608/40760", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155903,10 +156429,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a integer overflow in TFLite memory allocation. See CVE-2021-29605.", - "cve": "CVE-2021-29605", - "id": "pyup.io-40757", - "more_info_path": "/vulnerabilities/CVE-2021-29605/40757", + "advisory": "Tensorflow 2.5.0, 2.4.2, 2.3.3, 2.2.3, and 2.1.4 include a fix for CVE-2021-29572: The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementation (https://github.com/tensorflow/tensorflow/blob/60a45c8b6192a4699f2e2709a2645a751d435cc3/tensorflow/core/kernels/sdca_internal.cc) does not validate that the user supplied arguments satisfy all constraints expected by the op(https://www.tensorflow.org/api_docs/python/tf/raw_ops/SdcaOptimizer).", + "cve": "CVE-2021-29572", + "id": "pyup.io-40471", + "more_info_path": "/vulnerabilities/CVE-2021-29572/40471", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155917,10 +156443,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix fixes a heap OOB read in TFLite. See CVE-2021-29606.", - "cve": "CVE-2021-29606", - "id": "pyup.io-40759", - "more_info_path": "/vulnerabilities/CVE-2021-29606/40759", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'DepthwiseConv'. See CVE-2021-29602.", + "cve": "CVE-2021-29602", + "id": "pyup.io-40754", + "more_info_path": "/vulnerabilities/CVE-2021-29602/40754", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155931,10 +156457,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow versions 2.5.0, 2.4.2, 2.3.3, 2.2.3 and 2.1.4 updates its dependency \"curl\" to a secure version (7.76.0).", - "cve": "CVE-2020-8285", - "id": "pyup.io-40776", - "more_info_path": "/vulnerabilities/CVE-2020-8285/40776", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29610: The validation in 'tf.raw_ops.QuantizeAndDequantizeV2' allows invalid values for 'axis' argument:. The validation (https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74-L77) uses '||' to mix two different conditions. If 'axis_ < -1' the condition in 'OP_REQUIRES' will still be true, but this value of 'axis_' results in heap underflow. This allows attackers to read/write to other data on the heap.", + "cve": "CVE-2021-29610", + "id": "pyup.io-40764", + "more_info_path": "/vulnerabilities/CVE-2021-29610/40764", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155945,10 +156471,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 updates 'curl' to '7.76.0' to handle CVE-2020-8286: curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.", - "cve": "CVE-2020-8286", - "id": "pyup.io-40777", - "more_info_path": "/vulnerabilities/CVE-2020-8286/40777", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'Split'. See CVE-2021-29599.", + "cve": "CVE-2021-29599", + "id": "pyup.io-40752", + "more_info_path": "/vulnerabilities/CVE-2021-29599/40752", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155959,10 +156485,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'OneHot'. See CVE-2021-29600.", - "cve": "CVE-2021-29600", - "id": "pyup.io-40753", - "more_info_path": "/vulnerabilities/CVE-2021-29600/40753", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29583: The implementation of 'tf.raw_ops.FusedBatchNorm' is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The implementation(https://github.com/tensorflow/tensorflow/blob/57d86e0db5d1365f19adcce848dfc1bf89fdd4c7/tensorflow/core/kernels/fused_batch_norm_op.cc) fails to validate that 'scale', 'offset', 'mean' and 'variance' (the last two only when required) all have the same number of elements as the number of channels of 'x'. This results in heap out of bounds reads when the buffers backing these tensors are indexed past their boundary. If the tensors are empty, the validation mentioned in the above paragraph would also trigger and prevent the undefined behavior.", + "cve": "CVE-2021-29583", + "id": "pyup.io-40737", + "more_info_path": "/vulnerabilities/CVE-2021-29583/40737", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155973,10 +156499,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'FractionalAvgPoolGrad'. See CVE-2021-29578.", - "cve": "CVE-2021-29578", - "id": "pyup.io-40732", - "more_info_path": "/vulnerabilities/CVE-2021-29578/40732", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29566: An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to 'tf.raw_ops.Dilation2DBackpropInput'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/afd954e65f15aea4d438d0a219136fc4a63a573d/tensorflow/core/kernels/dilation_ops.cc#L321-L322) does not validate before writing to the output array. The values for 'h_out' and 'w_out' are guaranteed to be in range for 'out_backprop' (as they are loop indices bounded by the size of the array). However, there are no similar guarantees relating 'h_in_max'/'w_in_max' and 'in_backprop'.", + "cve": "CVE-2021-29566", + "id": "pyup.io-40722", + "more_info_path": "/vulnerabilities/CVE-2021-29566/40722", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -155987,10 +156513,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29608: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in 'tf.raw_ops.RaggedTensorToTensor', an attacker can exploit an undefined behavior if input arguments are empty. The implementation (https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L356-L360) only checks that one of the tensors is not empty, but does not check for the other ones. There are multiple 'DCHECK' validations to prevent heap OOB, but these are no-op in release builds, hence they don't prevent anything.", - "cve": "CVE-2021-29608", - "id": "pyup.io-40760", - "more_info_path": "/vulnerabilities/CVE-2021-29608/40760", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a segfault in 'tf.raw_ops.SparseCountSparseOutput'. See CVE-2021-29619.", + "cve": "CVE-2021-29619", + "id": "pyup.io-40771", + "more_info_path": "/vulnerabilities/CVE-2021-29619/40771", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156001,10 +156527,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB write in TFLite. See CVE-2021-29603.", - "cve": "CVE-2021-29603", - "id": "pyup.io-40758", - "more_info_path": "/vulnerabilities/CVE-2021-29603/40758", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a null pointer dereference in 'SparseFillEmptyRows'. See CVE-2021-29565.", + "cve": "CVE-2021-29565", + "id": "pyup.io-40778", + "more_info_path": "/vulnerabilities/CVE-2021-29565/40778", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156015,10 +156541,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 update its dependency \"curl\" to v7.76.0 to include security fixes.", - "cve": "CVE-2020-8231", - "id": "pyup.io-40774", - "more_info_path": "/vulnerabilities/CVE-2020-8231/40774", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a integer overflow in TFLite memory allocation. See CVE-2021-29605.", + "cve": "CVE-2021-29605", + "id": "pyup.io-40757", + "more_info_path": "/vulnerabilities/CVE-2021-29605/40757", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156029,10 +156555,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'MaxPoolGrad'. See CVE-2021-29579.", - "cve": "CVE-2021-29579", - "id": "pyup.io-40733", - "more_info_path": "/vulnerabilities/CVE-2021-29579/40733", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix fixes a heap OOB read in TFLite. See CVE-2021-29606.", + "cve": "CVE-2021-29606", + "id": "pyup.io-40759", + "more_info_path": "/vulnerabilities/CVE-2021-29606/40759", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156043,10 +156569,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'SVDF'. See CVE-2021-29598.", - "cve": "CVE-2021-29598", - "id": "pyup.io-40751", - "more_info_path": "/vulnerabilities/CVE-2021-29598/40751", + "advisory": "Tensorflow versions 2.5.0, 2.4.2, 2.3.3, 2.2.3 and 2.1.4 updates its dependency \"curl\" to a secure version (7.76.0).", + "cve": "CVE-2020-8285", + "id": "pyup.io-40776", + "more_info_path": "/vulnerabilities/CVE-2020-8285/40776", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156057,10 +156583,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'Split'. See CVE-2021-29599.", - "cve": "CVE-2021-29599", - "id": "pyup.io-40752", - "more_info_path": "/vulnerabilities/CVE-2021-29599/40752", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 updates 'curl' to '7.76.0' to handle CVE-2020-8286: curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.", + "cve": "CVE-2020-8286", + "id": "pyup.io-40777", + "more_info_path": "/vulnerabilities/CVE-2020-8286/40777", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156071,10 +156597,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29618: Passing a complex argument to `tf.transpose` at the same time as passing 'conjugate=True' argument results in a crash.", - "cve": "CVE-2021-29618", - "id": "pyup.io-40769", - "more_info_path": "/vulnerabilities/CVE-2021-29618/40769", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'OneHot'. See CVE-2021-29600.", + "cve": "CVE-2021-29600", + "id": "pyup.io-40753", + "more_info_path": "/vulnerabilities/CVE-2021-29600/40753", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156085,10 +156611,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseSparseMinimum'. See CVE-2021-29607.", - "cve": "CVE-2021-29607", - "id": "pyup.io-40762", - "more_info_path": "/vulnerabilities/CVE-2021-29607/40762", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB write in TFLite. See CVE-2021-29603.", + "cve": "CVE-2021-29603", + "id": "pyup.io-40758", + "more_info_path": "/vulnerabilities/CVE-2021-29603/40758", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156099,10 +156625,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.5.0, 2.4.2, 2.3.3, 2.2.3, and 2.1.4 include a fix for CVE-2021-29572: The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementation (https://github.com/tensorflow/tensorflow/blob/60a45c8b6192a4699f2e2709a2645a751d435cc3/tensorflow/core/kernels/sdca_internal.cc) does not validate that the user supplied arguments satisfy all constraints expected by the op(https://www.tensorflow.org/api_docs/python/tf/raw_ops/SdcaOptimizer).", - "cve": "CVE-2021-29572", - "id": "pyup.io-40471", - "more_info_path": "/vulnerabilities/CVE-2021-29572/40471", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 update its dependency \"curl\" to v7.76.0 to include security fixes.", + "cve": "CVE-2020-8231", + "id": "pyup.io-40774", + "more_info_path": "/vulnerabilities/CVE-2020-8231/40774", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156113,10 +156639,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29568: An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3f6fe4dfef6f57e768260b48166c27d148f3015f/tensorflow/core/kernels/parameterized_truncated_normal_op.cc#L630) does not validate input arguments before accessing the first element of `shape`. If `shape` argument is empty, then `shape_tensor.flat()` is an empty array.", - "cve": "CVE-2021-29568", - "id": "pyup.io-40723", - "more_info_path": "/vulnerabilities/CVE-2021-29568/40723", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'SVDF'. See CVE-2021-29598.", + "cve": "CVE-2021-29598", + "id": "pyup.io-40751", + "more_info_path": "/vulnerabilities/CVE-2021-29598/40751", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156127,10 +156653,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB read in 'tf.raw_ops.Dequantize'. See CVE-2021-29582.", - "cve": "CVE-2021-29582", - "id": "pyup.io-40735", - "more_info_path": "/vulnerabilities/CVE-2021-29582/40735", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29546: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the implementation of the Eigen kernel (https://github.com/tensorflow/tensorflow/blob/61bca8bd5ba8a68b2d97435ddfafcdf2b85672cd/tensorflow/core/kernels/quantization_utils.h#L812-L849) does a division by the number of elements of the smaller input (based on shape) without checking that this is not zero.", + "cve": "CVE-2021-29546", + "id": "pyup.io-40704", + "more_info_path": "/vulnerabilities/CVE-2021-29546/40704", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156141,10 +156667,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29560: An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L219-L222) uses the same index to access two arrays in parallel. Since the user controls the shape of the input arguments, an attacker could trigger a heap OOB access when 'parent_output_index' is shorter than 'row_split'.", - "cve": "CVE-2021-29560", - "id": "pyup.io-40717", - "more_info_path": "/vulnerabilities/CVE-2021-29560/40717", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB read in 'tf.raw_ops.Dequantize'. See CVE-2021-29582.", + "cve": "CVE-2021-29582", + "id": "pyup.io-40735", + "more_info_path": "/vulnerabilities/CVE-2021-29582/40735", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156183,10 +156709,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'QuantizedMul'. See CVE-2021-29528.", - "cve": "CVE-2021-29528", - "id": "pyup.io-40687", - "more_info_path": "/vulnerabilities/CVE-2021-29528/40687", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB in 'QuantizeAndDequantizeV3'. See CVE-2021-29553.", + "cve": "CVE-2021-29553", + "id": "pyup.io-40709", + "more_info_path": "/vulnerabilities/CVE-2021-29553/40709", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156197,10 +156723,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29563: An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination.", - "cve": "CVE-2021-29563", - "id": "pyup.io-40720", - "more_info_path": "/vulnerabilities/CVE-2021-29563/40720", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'DenseCountSparseOutput'. See CVE-2021-29554.", + "cve": "CVE-2021-29554", + "id": "pyup.io-40711", + "more_info_path": "/vulnerabilities/CVE-2021-29554/40711", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156211,10 +156737,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29583: The implementation of 'tf.raw_ops.FusedBatchNorm' is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The implementation(https://github.com/tensorflow/tensorflow/blob/57d86e0db5d1365f19adcce848dfc1bf89fdd4c7/tensorflow/core/kernels/fused_batch_norm_op.cc) fails to validate that 'scale', 'offset', 'mean' and 'variance' (the last two only when required) all have the same number of elements as the number of channels of 'x'. This results in heap out of bounds reads when the buffers backing these tensors are indexed past their boundary. If the tensors are empty, the validation mentioned in the above paragraph would also trigger and prevent the undefined behavior.", - "cve": "CVE-2021-29583", - "id": "pyup.io-40737", - "more_info_path": "/vulnerabilities/CVE-2021-29583/40737", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix an overflow and a denial of service in 'tf.raw_ops.ReverseSequence'. See CVE-2021-29575.", + "cve": "CVE-2021-29575", + "id": "pyup.io-40726", + "more_info_path": "/vulnerabilities/CVE-2021-29575/40726", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156225,10 +156751,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'SpaceToBatchNd'. See CVE-2021-29597.", - "cve": "CVE-2021-29597", - "id": "pyup.io-40750", - "more_info_path": "/vulnerabilities/CVE-2021-29597/40750", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'QuantizedMul'. See CVE-2021-29528.", + "cve": "CVE-2021-29528", + "id": "pyup.io-40687", + "more_info_path": "/vulnerabilities/CVE-2021-29528/40687", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156253,24 +156779,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'DenseCountSparseOutput'. See CVE-2021-29554.", - "cve": "CVE-2021-29554", - "id": "pyup.io-40711", - "more_info_path": "/vulnerabilities/CVE-2021-29554/40711", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.4.0rc0,<2.4.2", - ">=2.3.0rc0,<2.3.3", - ">=2.2.0rc0,<2.2.3", - ">=2.1.0rc0,<2.1.4" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" - }, - { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29566: An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to 'tf.raw_ops.Dilation2DBackpropInput'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/afd954e65f15aea4d438d0a219136fc4a63a573d/tensorflow/core/kernels/dilation_ops.cc#L321-L322) does not validate before writing to the output array. The values for 'h_out' and 'w_out' are guaranteed to be in range for 'out_backprop' (as they are loop indices bounded by the size of the array). However, there are no similar guarantees relating 'h_in_max'/'w_in_max' and 'in_backprop'.", - "cve": "CVE-2021-29566", - "id": "pyup.io-40722", - "more_info_path": "/vulnerabilities/CVE-2021-29566/40722", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29550: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L85-L89) computes a divisor quantity by dividing two user controlled values. The user controls the values of `input_size[i]` and `pooling_ratio_[i]` (via the `value.shape()` and `pooling_ratio` arguments). If the value in `input_size[i]` is smaller than the `pooling_ratio_[i]`, then the floor operation results in `output_size[i]` being 0. The `DCHECK_GT` line is a no-op outside of debug mode, so in released versions of TF this does not trigger. Later, these computed values are used as arguments (https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L96-L99) to `GeneratePoolingSequence`(https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_pool_common.cc#L100-L108). There, the first computation is a division in a modulo operation. Since `output_length` can be 0, this results in runtime crashing.", + "cve": "CVE-2021-29550", + "id": "pyup.io-40707", + "more_info_path": "/vulnerabilities/CVE-2021-29550/40707", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156281,10 +156793,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix an overflow and a denial of service in 'tf.raw_ops.ReverseSequence'. See CVE-2021-29575.", - "cve": "CVE-2021-29575", - "id": "pyup.io-40726", - "more_info_path": "/vulnerabilities/CVE-2021-29575/40726", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a integer overflow in TFLite concatentation. See CVE-2021-29601.", + "cve": "CVE-2021-29601", + "id": "pyup.io-40756", + "more_info_path": "/vulnerabilities/CVE-2021-29601/40756", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156323,10 +156835,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29547: An attacker can cause a segfault and denial of service via accessing data outside of bounds in 'tf.raw_ops.QuantizedBatchNormWithGlobalNormalization'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc#L176-L189) assumes the inputs are not empty. If any of these inputs is empty, '.flat()' is an empty buffer, so accessing the element at index 0 is accessing data outside of bounds.", - "cve": "CVE-2021-29547", - "id": "pyup.io-40705", - "more_info_path": "/vulnerabilities/CVE-2021-29547/40705", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29616: The implementation of TrySimplify (https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc#L390-L401) has undefined behavior due to dereferencing a null pointer in corner cases that result in optimizing a node with no inputs.", + "cve": "CVE-2021-29616", + "id": "pyup.io-40768", + "more_info_path": "/vulnerabilities/CVE-2021-29616/40768", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156337,10 +156849,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29616: The implementation of TrySimplify (https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc#L390-L401) has undefined behavior due to dereferencing a null pointer in corner cases that result in optimizing a node with no inputs.", - "cve": "CVE-2021-29616", - "id": "pyup.io-40768", - "more_info_path": "/vulnerabilities/CVE-2021-29616/40768", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a stack overflow due to looping TFLite subgraph. See CVE-2021-29591.", + "cve": "CVE-2021-29591", + "id": "pyup.io-40745", + "more_info_path": "/vulnerabilities/CVE-2021-29591/40745", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156351,10 +156863,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a stack overflow due to looping TFLite subgraph. See CVE-2021-29591.", - "cve": "CVE-2021-29591", - "id": "pyup.io-40745", - "more_info_path": "/vulnerabilities/CVE-2021-29591/40745", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in optimized pooling implementations in TFLite. See CVE-2021-29586.", + "cve": "CVE-2021-29586", + "id": "pyup.io-40739", + "more_info_path": "/vulnerabilities/CVE-2021-29586/40739", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156365,10 +156877,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29550: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L85-L89) computes a divisor quantity by dividing two user controlled values. The user controls the values of `input_size[i]` and `pooling_ratio_[i]` (via the `value.shape()` and `pooling_ratio` arguments). If the value in `input_size[i]` is smaller than the `pooling_ratio_[i]`, then the floor operation results in `output_size[i]` being 0. The `DCHECK_GT` line is a no-op outside of debug mode, so in released versions of TF this does not trigger. Later, these computed values are used as arguments (https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L96-L99) to `GeneratePoolingSequence`(https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_pool_common.cc#L100-L108). There, the first computation is a division in a modulo operation. Since `output_length` can be 0, this results in runtime crashing.", - "cve": "CVE-2021-29550", - "id": "pyup.io-40707", - "more_info_path": "/vulnerabilities/CVE-2021-29550/40707", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap out of bounds read in 'RequantizationRange'. See CVE-2021-29569.", + "cve": "CVE-2021-29569", + "id": "pyup.io-40725", + "more_info_path": "/vulnerabilities/CVE-2021-29569/40725", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156379,10 +156891,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in optimized pooling implementations in TFLite. See CVE-2021-29586.", - "cve": "CVE-2021-29586", - "id": "pyup.io-40739", - "more_info_path": "/vulnerabilities/CVE-2021-29586/40739", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseAdd'. See CVE-2021-29609.", + "cve": "CVE-2021-29609", + "id": "pyup.io-40761", + "more_info_path": "/vulnerabilities/CVE-2021-29609/40761", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156393,10 +156905,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29546: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the implementation of the Eigen kernel (https://github.com/tensorflow/tensorflow/blob/61bca8bd5ba8a68b2d97435ddfafcdf2b85672cd/tensorflow/core/kernels/quantization_utils.h#L812-L849) does a division by the number of elements of the smaller input (based on shape) without checking that this is not zero.", - "cve": "CVE-2021-29546", - "id": "pyup.io-40704", - "more_info_path": "/vulnerabilities/CVE-2021-29546/40704", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB read in TFLite's implementation of 'Minimum' or 'Maximum'. See CVE-2021-29590.", + "cve": "CVE-2021-29590", + "id": "pyup.io-40743", + "more_info_path": "/vulnerabilities/CVE-2021-29590/40743", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156407,10 +156919,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap out of bounds read in 'RequantizationRange'. See CVE-2021-29569.", - "cve": "CVE-2021-29569", - "id": "pyup.io-40725", - "more_info_path": "/vulnerabilities/CVE-2021-29569/40725", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29587: TensorFlow is an end-to-end open source platform for machine learning. The `Prepare` step of the `SpaceToDepth` TFLite operator does not check for 0 before division (https://github.com/tensorflow/tensorflow/blob/5f7975d09eac0f10ed8a17dbb6f5964977725adc/tensorflow/lite/kernels/space_to_depth.cc#L63-L67). An attacker can craft a model such that `params->block_size` would be zero.", + "cve": "CVE-2021-29587", + "id": "pyup.io-40740", + "more_info_path": "/vulnerabilities/CVE-2021-29587/40740", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156421,10 +156933,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseAdd'. See CVE-2021-29609.", - "cve": "CVE-2021-29609", - "id": "pyup.io-40761", - "more_info_path": "/vulnerabilities/CVE-2021-29609/40761", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseReshape'. See CVE-2021-29611.", + "cve": "CVE-2021-29611", + "id": "pyup.io-40763", + "more_info_path": "/vulnerabilities/CVE-2021-29611/40763", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156435,10 +156947,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB read in TFLite's implementation of 'Minimum' or 'Maximum'. See CVE-2021-29590.", - "cve": "CVE-2021-29590", - "id": "pyup.io-40743", - "more_info_path": "/vulnerabilities/CVE-2021-29590/40743", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'MaxPool3DGradGrad'. See CVE-2021-29576.", + "cve": "CVE-2021-29576", + "id": "pyup.io-40729", + "more_info_path": "/vulnerabilities/CVE-2021-29576/40729", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156449,10 +156961,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29587: TensorFlow is an end-to-end open source platform for machine learning. The `Prepare` step of the `SpaceToDepth` TFLite operator does not check for 0 before division (https://github.com/tensorflow/tensorflow/blob/5f7975d09eac0f10ed8a17dbb6f5964977725adc/tensorflow/lite/kernels/space_to_depth.cc#L63-L67). An attacker can craft a model such that `params->block_size` would be zero.", - "cve": "CVE-2021-29587", - "id": "pyup.io-40740", - "more_info_path": "/vulnerabilities/CVE-2021-29587/40740", + "advisory": "Tensorflow 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29568: An attacker can trigger undefined behavior by binding to null pointer in `tf.raw_ops.ParameterizedTruncatedNormal`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3f6fe4dfef6f57e768260b48166c27d148f3015f/tensorflow/core/kernels/parameterized_truncated_normal_op.cc#L630) does not validate input arguments before accessing the first element of `shape`. If `shape` argument is empty, then `shape_tensor.flat()` is an empty array.", + "cve": "CVE-2021-29568", + "id": "pyup.io-40723", + "more_info_path": "/vulnerabilities/CVE-2021-29568/40723", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -156537,10 +157049,10 @@ "v": ">=2.6.0a1,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37657: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type 'tf.raw_ops.MatrixDiagV*'. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/linalg/matrix_diag_op.cc) has incomplete validation that the value of 'k' is a valid tensor. The Tensorflow team has checked that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong. The Tensorflow team has patched the issue in GitHub commit f2a673bd34f0d64b8e40a551ac78989d16daad09.", - "cve": "CVE-2021-37657", - "id": "pyup.io-41132", - "more_info_path": "/vulnerabilities/CVE-2021-37657/41132", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37675: In affected versions most implementations of convolution operators in TensorFlow are affected by a division by 0 vulnerability where an attacker can trigger a denial of service via a crash. The shape inference implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/framework/common_shape_fns.cc#L577) is missing several validations before doing divisions and modulo operations. The Tensorflow team has patched the issue in GitHub commit 8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4.", + "cve": "CVE-2021-37675", + "id": "pyup.io-41150", + "more_info_path": "/vulnerabilities/CVE-2021-37675/41150", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156550,10 +157062,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37687: In affected versions TFLite's 'GatherNd' implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124) does not support negative indices but there are no checks for this situation. Hence, an attacker can read arbitrary data from the heap by carefully crafting a model with negative values in 'indices'. Similar issue exists in 'Gather' implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather.cc). The Tensorflow team has patched the issue in GitHub commits bb6a0383ed553c286f87ca88c207f6774d5c4a8f and eb921122119a6b6e470ee98b89e65d721663179d.", - "cve": "CVE-2021-37687", - "id": "pyup.io-41162", - "more_info_path": "/vulnerabilities/CVE-2021-37687/41162", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37665:\r\nIn affected versions, due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantization_range_per_channel_op.cc) does not validate the dimensions of the \"input\" tensor. A similar issue occurs in \"MklRequantizePerChannelOp\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantize_per_channel_op.cc) does not perform full validation for all the input arguments. The Tensorflow team has patched the issue in GitHub commit 9e62869465573cb2d9b5053f1fa02a81fce21d69 and in the Github commit 203214568f5bc237603dbab6e1fd389f1572f5c9.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v82p-hv3v-p6qp\r\nhttps://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9\r\nhttps://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69", + "cve": "CVE-2021-37665", + "id": "pyup.io-41140", + "more_info_path": "/vulnerabilities/CVE-2021-37665/41140", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156563,10 +157075,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37665:\r\nIn affected versions, due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantization_range_per_channel_op.cc) does not validate the dimensions of the \"input\" tensor. A similar issue occurs in \"MklRequantizePerChannelOp\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantize_per_channel_op.cc) does not perform full validation for all the input arguments. The Tensorflow team has patched the issue in GitHub commit 9e62869465573cb2d9b5053f1fa02a81fce21d69 and in the Github commit 203214568f5bc237603dbab6e1fd389f1572f5c9.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v82p-hv3v-p6qp\r\nhttps://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9\r\nhttps://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69", - "cve": "CVE-2021-37665", - "id": "pyup.io-41140", - "more_info_path": "/vulnerabilities/CVE-2021-37665/41140", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37663:\r\nIn affected versions, due to incomplete validation in \"tf.raw_ops.QuantizeV2\", an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/quantize_op.cc#L59) has some validation but does not check that \"min_range\" and \"max_range\" both have the same non-zero number of elements. If \"axis\" is provided (i.e., not \"-1\"), then validation should check that it is a value in range for the rank of \"input\" tensor and then the lengths of \"min_range\" and \"max_range\" inputs match the \"axis\" dimension of the \"input\" tensor. The Tensorflow team has patched the issue in GitHub commit 6da6620efad397c85493b8f8667b821403516708. \r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j\r\nhttps://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708", + "cve": "CVE-2021-37663", + "id": "pyup.io-41138", + "more_info_path": "/vulnerabilities/CVE-2021-37663/41138", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156576,10 +157088,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37653: In affected versions an attacker can trigger a crash via a floating point exception in 'tf.raw_ops.ResourceGather'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L725-L731) computes the value of a value, 'batch_size', and then divides by it without checking that this value is not 0. The Tensorflow team has patched the issue in GitHub commit ac117ee8a8ea57b73d34665cdf00ef3303bc0b11.", - "cve": "CVE-2021-37653", - "id": "pyup.io-41128", - "more_info_path": "/vulnerabilities/CVE-2021-37653/41128", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37685: In affected versions TFLite's 'expand_dims.cc' (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50) contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If 'axis' is a large negative value (e.g., '-100000'), then after the first 'if' it would still be negative. The check following the 'if' statement will pass and the 'for' loop would read one element before the start of 'input_dims.data' (when 'i = 0'). The Tensorflow team has patched the issue in GitHub commit d94ffe08a65400f898241c0374e9edc6fa8ed257.", + "cve": "CVE-2021-37685", + "id": "pyup.io-41160", + "more_info_path": "/vulnerabilities/CVE-2021-37685/41160", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156602,10 +157114,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37675: In affected versions most implementations of convolution operators in TensorFlow are affected by a division by 0 vulnerability where an attacker can trigger a denial of service via a crash. The shape inference implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/framework/common_shape_fns.cc#L577) is missing several validations before doing divisions and modulo operations. The Tensorflow team has patched the issue in GitHub commit 8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4.", - "cve": "CVE-2021-37675", - "id": "pyup.io-41150", - "more_info_path": "/vulnerabilities/CVE-2021-37675/41150", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37660: In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/inplace_ops.cc#L283) has a logic error: it should skip processing if 'x' and 'v' are empty but the code uses '||' instead of '&&'. The Tensorflow team has patched the issue in GitHub commit e86605c0a336c088b638da02135ea6f9f6753618.", + "cve": "CVE-2021-37660", + "id": "pyup.io-41135", + "more_info_path": "/vulnerabilities/CVE-2021-37660/41135", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156615,10 +157127,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37663:\r\nIn affected versions, due to incomplete validation in \"tf.raw_ops.QuantizeV2\", an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/quantize_op.cc#L59) has some validation but does not check that \"min_range\" and \"max_range\" both have the same non-zero number of elements. If \"axis\" is provided (i.e., not \"-1\"), then validation should check that it is a value in range for the rank of \"input\" tensor and then the lengths of \"min_range\" and \"max_range\" inputs match the \"axis\" dimension of the \"input\" tensor. The Tensorflow team has patched the issue in GitHub commit 6da6620efad397c85493b8f8667b821403516708. \r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j\r\nhttps://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708", - "cve": "CVE-2021-37663", - "id": "pyup.io-41138", - "more_info_path": "/vulnerabilities/CVE-2021-37663/41138", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37661: In affected versions an attacker can cause a denial of service in 'boosted_trees_create_quantile_stream_resource' by using negative arguments. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/quantile_ops.cc#L96) does not validate that 'num_streams' only contains non-negative numbers. In turn, this results in using this value to allocate memory (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/quantiles/quantile_stream_resource.h#L31-L40). However, 'reserve' receives an unsigned integer so there is an implicit conversion from a negative value to a large positive unsigned. This results in a crash from the standard library. The Tensorflow team has patched the issue in GitHub commit 8a84f7a2b5a2b27ecf88d25bad9ac777cd2f7992.", + "cve": "CVE-2021-37661", + "id": "pyup.io-41136", + "more_info_path": "/vulnerabilities/CVE-2021-37661/41136", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156628,10 +157140,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37685: In affected versions TFLite's 'expand_dims.cc' (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50) contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If 'axis' is a large negative value (e.g., '-100000'), then after the first 'if' it would still be negative. The check following the 'if' statement will pass and the 'for' loop would read one element before the start of 'input_dims.data' (when 'i = 0'). The Tensorflow team has patched the issue in GitHub commit d94ffe08a65400f898241c0374e9edc6fa8ed257.", - "cve": "CVE-2021-37685", - "id": "pyup.io-41160", - "more_info_path": "/vulnerabilities/CVE-2021-37685/41160", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37668:\r\nIn affected versions, an attacker can cause denial of service in applications serving models using \"tf.raw_ops.UnravelIndex\" by triggering a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unravel_index_op.cc#L36) does not check that the tensor subsumed by \"dims\" is not empty. Hence, if one element of \"dims\" is 0, the implementation does a division by 0. The Tensorflow team has patched the issue in GitHub commit a776040a5e7ebf76eeb7eb923bf1ae417dd4d233.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2wmv-37vq-52g5\r\nhttps://github.com/tensorflow/tensorflow/commit/a776040a5e7ebf76eeb7eb923bf1ae417dd4d233", + "cve": "CVE-2021-37668", + "id": "pyup.io-41143", + "more_info_path": "/vulnerabilities/CVE-2021-37668/41143", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156641,10 +157153,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37661: In affected versions an attacker can cause a denial of service in 'boosted_trees_create_quantile_stream_resource' by using negative arguments. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/quantile_ops.cc#L96) does not validate that 'num_streams' only contains non-negative numbers. In turn, this results in using this value to allocate memory (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/quantiles/quantile_stream_resource.h#L31-L40). However, 'reserve' receives an unsigned integer so there is an implicit conversion from a negative value to a large positive unsigned. This results in a crash from the standard library. The Tensorflow team has patched the issue in GitHub commit 8a84f7a2b5a2b27ecf88d25bad9ac777cd2f7992.", - "cve": "CVE-2021-37661", - "id": "pyup.io-41136", - "more_info_path": "/vulnerabilities/CVE-2021-37661/41136", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37687: In affected versions TFLite's 'GatherNd' implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124) does not support negative indices but there are no checks for this situation. Hence, an attacker can read arbitrary data from the heap by carefully crafting a model with negative values in 'indices'. Similar issue exists in 'Gather' implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather.cc). The Tensorflow team has patched the issue in GitHub commits bb6a0383ed553c286f87ca88c207f6774d5c4a8f and eb921122119a6b6e470ee98b89e65d721663179d.", + "cve": "CVE-2021-37687", + "id": "pyup.io-41162", + "more_info_path": "/vulnerabilities/CVE-2021-37687/41162", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156654,10 +157166,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37668:\r\nIn affected versions, an attacker can cause denial of service in applications serving models using \"tf.raw_ops.UnravelIndex\" by triggering a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unravel_index_op.cc#L36) does not check that the tensor subsumed by \"dims\" is not empty. Hence, if one element of \"dims\" is 0, the implementation does a division by 0. The Tensorflow team has patched the issue in GitHub commit a776040a5e7ebf76eeb7eb923bf1ae417dd4d233.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2wmv-37vq-52g5\r\nhttps://github.com/tensorflow/tensorflow/commit/a776040a5e7ebf76eeb7eb923bf1ae417dd4d233", - "cve": "CVE-2021-37668", - "id": "pyup.io-41143", - "more_info_path": "/vulnerabilities/CVE-2021-37668/41143", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37657: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type 'tf.raw_ops.MatrixDiagV*'. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/linalg/matrix_diag_op.cc) has incomplete validation that the value of 'k' is a valid tensor. The Tensorflow team has checked that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong. The Tensorflow team has patched the issue in GitHub commit f2a673bd34f0d64b8e40a551ac78989d16daad09.", + "cve": "CVE-2021-37657", + "id": "pyup.io-41132", + "more_info_path": "/vulnerabilities/CVE-2021-37657/41132", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156667,10 +157179,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37660: In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/inplace_ops.cc#L283) has a logic error: it should skip processing if 'x' and 'v' are empty but the code uses '||' instead of '&&'. The Tensorflow team has patched the issue in GitHub commit e86605c0a336c088b638da02135ea6f9f6753618.", - "cve": "CVE-2021-37660", - "id": "pyup.io-41135", - "more_info_path": "/vulnerabilities/CVE-2021-37660/41135", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37653: In affected versions an attacker can trigger a crash via a floating point exception in 'tf.raw_ops.ResourceGather'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L725-L731) computes the value of a value, 'batch_size', and then divides by it without checking that this value is not 0. The Tensorflow team has patched the issue in GitHub commit ac117ee8a8ea57b73d34665cdf00ef3303bc0b11.", + "cve": "CVE-2021-37653", + "id": "pyup.io-41128", + "more_info_path": "/vulnerabilities/CVE-2021-37653/41128", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156680,10 +157192,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37684: In affected versions the implementations of pooling in TFLite are vulnerable to division by 0 errors as there are no checks for divisors not being 0. The Tensorflow team has patched the issue in GitHub commit dfa22b348b70bb89d6d6ec0ff53973bacb4f4695 (https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695).", - "cve": "CVE-2021-37684", - "id": "pyup.io-41159", - "more_info_path": "/vulnerabilities/CVE-2021-37684/41159", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37681: In affected versions the implementation of SVDF in TFLite is vulnerable to a null pointer error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/svdf.cc#L300-L313). The 'GetVariableInput' function (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/kernel_util.cc#L115-L119) can return a null pointer but 'GetTensorData' assumes that the argument is always a valid tensor. Furthermore, because 'GetVariableInput' calls 'GetMutableInput' (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/kernel_util.cc#L82-L90) which might return 'nullptr', the 'tensor->is_variable' expression can also trigger a null pointer exception. The Tensorflow team has patched the issue in GitHub commit 5b048e87e4e55990dae6b547add4dae59f4e1c76.", + "cve": "CVE-2021-37681", + "id": "pyup.io-41156", + "more_info_path": "/vulnerabilities/CVE-2021-37681/41156", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156693,10 +157205,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37641: In affected versions if the arguments to 'tf.raw_ops.RaggedGather' don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/ragged_gather_op.cc#L70) directly reads the first dimension of a tensor shape before checking that said tensor has rank of at least 1 (i.e., it is not a scalar). Furthermore, the implementation does not check that the list given by 'params_nested_splits' is not an empty list of tensors. The Tensorflow team has patched the issue in GitHub commit a2b743f6017d7b97af1fe49087ae15f0ac634373.", - "cve": "CVE-2021-37641", - "id": "pyup.io-41116", - "more_info_path": "/vulnerabilities/CVE-2021-37641/41116", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37666: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.RaggedTensorToVariant'. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L129) has an incomplete validation of the splits values, missing the case when the argument would be empty. The Tensorflow team has patched the issue in GitHub commit be7a4de6adfbd303ce08be4332554dff70362612.", + "cve": "CVE-2021-37666", + "id": "pyup.io-41141", + "more_info_path": "/vulnerabilities/CVE-2021-37666/41141", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156706,10 +157218,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37644: In affected versions providing a negative element to 'num_elements' list argument of 'tf.raw_ops.TensorListReserve' causes the runtime to abort the process due to reallocating a 'std::vector' to have a negative number of elements. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/list_kernels.cc#L312) calls 'std::vector.resize()' with the new size controlled by input given by the user, without checking that this input is valid. The Tensorflow team has patched the issue in GitHub commit 8a6e874437670045e6c7dc6154c7412b4a2135e2.", - "cve": "CVE-2021-37644", - "id": "pyup.io-41119", - "more_info_path": "/vulnerabilities/CVE-2021-37644/41119", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37646: In affected versions the implementation of 'tf.raw_ops.StringNGrams' is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/string_ngrams_op.cc#L184) calls 'reserve' on a 'tstring' with a value that sometimes can be negative if user supplies negative 'ngram_widths'. The 'reserve' method calls 'TF_TString_Reserve' which has an 'unsigned long' argument for the size of the buffer. Hence, the implicit conversion transforms the negative value to a large integer. The Tensorflow team has patched the issue in GitHub commit c283e542a3f422420cfdb332414543b62fc4e4a5.", + "cve": "CVE-2021-37646", + "id": "pyup.io-41121", + "more_info_path": "/vulnerabilities/CVE-2021-37646/41121", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156732,10 +157244,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37666: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.RaggedTensorToVariant'. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L129) has an incomplete validation of the splits values, missing the case when the argument would be empty. The Tensorflow team has patched the issue in GitHub commit be7a4de6adfbd303ce08be4332554dff70362612.", - "cve": "CVE-2021-37666", - "id": "pyup.io-41141", - "more_info_path": "/vulnerabilities/CVE-2021-37666/41141", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37644: In affected versions providing a negative element to 'num_elements' list argument of 'tf.raw_ops.TensorListReserve' causes the runtime to abort the process due to reallocating a 'std::vector' to have a negative number of elements. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/list_kernels.cc#L312) calls 'std::vector.resize()' with the new size controlled by input given by the user, without checking that this input is valid. The Tensorflow team has patched the issue in GitHub commit 8a6e874437670045e6c7dc6154c7412b4a2135e2.", + "cve": "CVE-2021-37644", + "id": "pyup.io-41119", + "more_info_path": "/vulnerabilities/CVE-2021-37644/41119", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156745,10 +157257,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37646: In affected versions the implementation of 'tf.raw_ops.StringNGrams' is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/string_ngrams_op.cc#L184) calls 'reserve' on a 'tstring' with a value that sometimes can be negative if user supplies negative 'ngram_widths'. The 'reserve' method calls 'TF_TString_Reserve' which has an 'unsigned long' argument for the size of the buffer. Hence, the implicit conversion transforms the negative value to a large integer. The Tensorflow team has patched the issue in GitHub commit c283e542a3f422420cfdb332414543b62fc4e4a5.", - "cve": "CVE-2021-37646", - "id": "pyup.io-41121", - "more_info_path": "/vulnerabilities/CVE-2021-37646/41121", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37684: In affected versions the implementations of pooling in TFLite are vulnerable to division by 0 errors as there are no checks for divisors not being 0. The Tensorflow team has patched the issue in GitHub commit dfa22b348b70bb89d6d6ec0ff53973bacb4f4695 (https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695).", + "cve": "CVE-2021-37684", + "id": "pyup.io-41159", + "more_info_path": "/vulnerabilities/CVE-2021-37684/41159", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156771,10 +157283,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37681: In affected versions the implementation of SVDF in TFLite is vulnerable to a null pointer error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/svdf.cc#L300-L313). The 'GetVariableInput' function (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/kernel_util.cc#L115-L119) can return a null pointer but 'GetTensorData' assumes that the argument is always a valid tensor. Furthermore, because 'GetVariableInput' calls 'GetMutableInput' (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/kernel_util.cc#L82-L90) which might return 'nullptr', the 'tensor->is_variable' expression can also trigger a null pointer exception. The Tensorflow team has patched the issue in GitHub commit 5b048e87e4e55990dae6b547add4dae59f4e1c76.", - "cve": "CVE-2021-37681", - "id": "pyup.io-41156", - "more_info_path": "/vulnerabilities/CVE-2021-37681/41156", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37641: In affected versions if the arguments to 'tf.raw_ops.RaggedGather' don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/ragged_gather_op.cc#L70) directly reads the first dimension of a tensor shape before checking that said tensor has rank of at least 1 (i.e., it is not a scalar). Furthermore, the implementation does not check that the list given by 'params_nested_splits' is not an empty list of tensors. The Tensorflow team has patched the issue in GitHub commit a2b743f6017d7b97af1fe49087ae15f0ac634373.", + "cve": "CVE-2021-37641", + "id": "pyup.io-41116", + "more_info_path": "/vulnerabilities/CVE-2021-37641/41116", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -156784,10 +157296,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37690:\r\nIn affected versions when running shape functions, some functions (such as 'MutableHashTableShape') produce extra output information in the form of a 'ShapeAndType' struct. The shapes embedded in this struct are owned by an inference context that is cleaned up almost immediately; if the upstream code attempts to access this shape information, it can trigger a segfault. 'ShapeRefiner' is mitigating this for normal output shapes by cloning them (and thus putting the newly created shape under ownership of an inference context that will not die), but the Tensorflow team was not doing the same for shapes and types. This commit fixes that by doing similar logic on output shapes and types. The Tensorflow team has patched the issue in GitHub commit ee119d4a498979525046fba1c3dd3f13a039fbb1.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3hxh-8cp2-g4hg\r\nhttps://github.com/tensorflow/tensorflow/commit/ee119d4a498979525046fba1c3dd3f13a039fbb1", - "cve": "CVE-2021-37690", - "id": "pyup.io-41166", - "more_info_path": "/vulnerabilities/CVE-2021-37690/41166", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37682:\r\nIn affected versions all TFLite operations that use quantization can be made to use unitialized values. (For example, https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200). The issue stems from the fact that \"quantization.params\" is only valid if \"quantization.type\" is different that \"kTfLiteNoQuantization\". However, these checks are missing in large parts of the code. The Tensorflow team has patched the issue in GitHub commits 537bc7c723439b9194a358f64d871dd326c18887, 4a91f2069f7145aab6ba2d8cfe41be8a110c18a5 and 8933b8a21280696ab119b63263babdb54c298538.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4c4g-crqm-xrxw\r\nhttps://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5\r\nhttps://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887\r\nhttps://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538", + "cve": "CVE-2021-37682", + "id": "pyup.io-41157", + "more_info_path": "/vulnerabilities/CVE-2021-37682/41157", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.4.0rc0,<2.4.3", @@ -156797,10 +157309,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37682:\r\nIn affected versions all TFLite operations that use quantization can be made to use unitialized values. (For example, https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/depthwise_conv.cc#L198-L200). The issue stems from the fact that \"quantization.params\" is only valid if \"quantization.type\" is different that \"kTfLiteNoQuantization\". However, these checks are missing in large parts of the code. The Tensorflow team has patched the issue in GitHub commits 537bc7c723439b9194a358f64d871dd326c18887, 4a91f2069f7145aab6ba2d8cfe41be8a110c18a5 and 8933b8a21280696ab119b63263babdb54c298538.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4c4g-crqm-xrxw\r\nhttps://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5\r\nhttps://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887\r\nhttps://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538", - "cve": "CVE-2021-37682", - "id": "pyup.io-41157", - "more_info_path": "/vulnerabilities/CVE-2021-37682/41157", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37690:\r\nIn affected versions when running shape functions, some functions (such as 'MutableHashTableShape') produce extra output information in the form of a 'ShapeAndType' struct. The shapes embedded in this struct are owned by an inference context that is cleaned up almost immediately; if the upstream code attempts to access this shape information, it can trigger a segfault. 'ShapeRefiner' is mitigating this for normal output shapes by cloning them (and thus putting the newly created shape under ownership of an inference context that will not die), but the Tensorflow team was not doing the same for shapes and types. This commit fixes that by doing similar logic on output shapes and types. The Tensorflow team has patched the issue in GitHub commit ee119d4a498979525046fba1c3dd3f13a039fbb1.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3hxh-8cp2-g4hg\r\nhttps://github.com/tensorflow/tensorflow/commit/ee119d4a498979525046fba1c3dd3f13a039fbb1", + "cve": "CVE-2021-37690", + "id": "pyup.io-41166", + "more_info_path": "/vulnerabilities/CVE-2021-37690/41166", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.4.0rc0,<2.4.3", @@ -156811,9 +157323,9 @@ }, { "advisory": "Tensorflow 2.3.4, 2.4.3, 2.5.1, and 2.6.0 updates its dependency 'curl' to v7.77.0 to include security fixes.", - "cve": "CVE-2021-22876", - "id": "pyup.io-41107", - "more_info_path": "/vulnerabilities/CVE-2021-22876/41107", + "cve": "CVE-2021-22897", + "id": "pyup.io-41106", + "more_info_path": "/vulnerabilities/CVE-2021-22897/41106", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156823,10 +157335,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow 2.3.4, 2.4.3, 2.5.1, and 2.6.0 updates its dependency 'curl' to v7.77.0 to include security fixes.", - "cve": "CVE-2021-22897", - "id": "pyup.io-41106", - "more_info_path": "/vulnerabilities/CVE-2021-22897/41106", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37670:\r\nIn affected versions, an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to \"tf.raw_ops.UpperBound\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/searchsorted_op.cc#L85-L104) does not validate the rank of \"sorted_input\" argument. A similar issue occurs in \"tf.raw_ops.LowerBound\". The Tensorflow team has patched the issue in GitHub commit 42459e4273c2e47a3232cc16c4f4fff3b3a35c38.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9697-98pf-4rw7\r\nhttps://github.com/tensorflow/tensorflow/commit/42459e4273c2e47a3232cc16c4f4fff3b3a35c38", + "cve": "CVE-2021-37670", + "id": "pyup.io-41145", + "more_info_path": "/vulnerabilities/CVE-2021-37670/41145", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156836,10 +157348,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37677: In affected versions the shape inference code for \"tf.raw_ops.Dequantize\" has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/array_ops.cc#L2999-L3014) uses \"axis\" to select between two different values for \"minmax_rank\" which is then used to retrieve tensor dimensions. However, code assumes that \"axis\" can be either \"-1\" or a value greater than \"-1\", with no validation for the other values. The Tensorflow team has patched the issue in GitHub commit da857cfa0fde8f79ad0afdbc94e88b5d4bbec764.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qfpc-5pjr-mh26\r\nhttps://github.com/tensorflow/tensorflow/commit/da857cfa0fde8f79ad0afdbc94e88b5d4bbec764", - "cve": "CVE-2021-37677", - "id": "pyup.io-41152", - "more_info_path": "/vulnerabilities/CVE-2021-37677/41152", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37674:\r\nIn affected versions, an attacker can trigger a denial of service via a segmentation fault in \"tf.raw_ops.MaxPoolGrad\" caused by missing validation. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/maxpooling_op.cc) misses some validation for the \"orig_input\" and \"orig_output\" tensors. The fixes for CVE-2021-29579 were incomplete. The Tensorflow team has patched the issue in GitHub commit 136b51f10903e044308cf77117c0ed9871350475.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7ghq-fvr3-pj2x\r\nhttps://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-068.md\r\nhttps://github.com/tensorflow/tensorflow/commit/136b51f10903e044308cf77117c0ed9871350475", + "cve": "CVE-2021-37674", + "id": "pyup.io-41149", + "more_info_path": "/vulnerabilities/CVE-2021-37674/41149", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156849,10 +157361,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow 2.3.4, 2.4.3, 2.5.1, and 2.6.0 updates its dependency 'curl' to v7.77.0 to include security fixes.", - "cve": "CVE-2021-22901", - "id": "pyup.io-41104", - "more_info_path": "/vulnerabilities/CVE-2021-22901/41104", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37673:\r\nIn affected versions, an attacker can trigger a denial of service via a \"CHECK\"-fail in \"tf.raw_ops.MapStage\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/map_stage_op.cc#L513) does not check that the \"key\" input is a valid non-empty tensor. The Tensorflow team has patched the issue in GitHub commit d7de67733925de196ec8863a33445b73f9562d1d.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-278g-rq84-9hmg\r\nhttps://github.com/tensorflow/tensorflow/commit/d7de67733925de196ec8863a33445b73f9562d1d", + "cve": "CVE-2021-37673", + "id": "pyup.io-41148", + "more_info_path": "/vulnerabilities/CVE-2021-37673/41148", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156862,10 +157374,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37674:\r\nIn affected versions, an attacker can trigger a denial of service via a segmentation fault in \"tf.raw_ops.MaxPoolGrad\" caused by missing validation. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/maxpooling_op.cc) misses some validation for the \"orig_input\" and \"orig_output\" tensors. The fixes for CVE-2021-29579 were incomplete. The Tensorflow team has patched the issue in GitHub commit 136b51f10903e044308cf77117c0ed9871350475.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7ghq-fvr3-pj2x\r\nhttps://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-068.md\r\nhttps://github.com/tensorflow/tensorflow/commit/136b51f10903e044308cf77117c0ed9871350475", - "cve": "CVE-2021-37674", - "id": "pyup.io-41149", - "more_info_path": "/vulnerabilities/CVE-2021-37674/41149", + "advisory": "Tensorflow 2.3.4, 2.4.3, 2.5.1, and 2.6.0 updates its dependency 'curl' to v7.77.0 to include security fixes.", + "cve": "CVE-2021-22876", + "id": "pyup.io-41107", + "more_info_path": "/vulnerabilities/CVE-2021-22876/41107", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156875,10 +157387,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37650: In affected versions the implementation for `tf.raw_ops.ExperimentalDatasetToTFRecord` and `tf.raw_ops.DatasetToTFRecord` can trigger heap buffer overflow and segmentation fault. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/data/experimental/to_tf_record_op.cc#L93-L102) assumes that all records in the dataset are of string type. However, there is no check for that, and the example given above uses numeric types. The Tensorflow team has patched the issue in GitHub commit e0b6e58c328059829c3eb968136f17aa72b6c876.", - "cve": "CVE-2021-37650", - "id": "pyup.io-41125", - "more_info_path": "/vulnerabilities/CVE-2021-37650/41125", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37672:\r\nIn affected versions, an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to \"tf.raw_ops.SdcaOptimizerV2\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/sdca_internal.cc#L320-L353) does not check that the length of \"example_labels\" is the same as the number of examples. The Tensorflow team has patched the issue in GitHub commit a4e138660270e7599793fa438cd7b2fc2ce215a6.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7\r\nhttps://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6", + "cve": "CVE-2021-37672", + "id": "pyup.io-41147", + "more_info_path": "/vulnerabilities/CVE-2021-37672/41147", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156888,10 +157400,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37655: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to 'tf.raw_ops.ResourceScatterUpdate'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L919-L923) has an incomplete validation of the relationship between the shapes of 'indices' and 'updates': instead of checking that the shape of 'indices' is a prefix of the shape of 'updates' (so that broadcasting can happen), code only checks that the number of elements in these two tensors are in a divisibility relationship. The Tensorflow team has patched the issue in GitHub commit 01cff3f986259d661103412a20745928c727326f.", - "cve": "CVE-2021-37655", - "id": "pyup.io-41130", - "more_info_path": "/vulnerabilities/CVE-2021-37655/41130", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37679:\r\nIn affected versions it is possible to nest a \"tf.map_fn\" within another \"tf.map_fn\" call. However, if the input tensor is a \"RaggedTensor\" and there is no function signature provided, code assumes the output is a fully specified tensor and fills output buffer with uninitialized contents from the heap. The \"t\" and \"z\" outputs should be identical, however this is not the case. The last row of \"t\" contains data from the heap which can be used to leak other memory information. The bug lies in the conversion from a \"Variant\" tensor to a \"RaggedTensor\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_from_variant_op.cc#L177-L190) does not check that all inner shapes match and this results in the additional dimensions. The same implementation can result in data loss, if input tensor is tweaked. The Tensorflow team has patched the issue in GitHub commit 4e2565483d0ffcadc719bd44893fb7f609bb5f12.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g8wg-cjwc-xhhp\r\nhttps://github.com/tensorflow/tensorflow/commit/4e2565483d0ffcadc719bd44893fb7f609bb5f12", + "cve": "CVE-2021-37679", + "id": "pyup.io-41154", + "more_info_path": "/vulnerabilities/CVE-2021-37679/41154", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156901,10 +157413,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37679:\r\nIn affected versions it is possible to nest a \"tf.map_fn\" within another \"tf.map_fn\" call. However, if the input tensor is a \"RaggedTensor\" and there is no function signature provided, code assumes the output is a fully specified tensor and fills output buffer with uninitialized contents from the heap. The \"t\" and \"z\" outputs should be identical, however this is not the case. The last row of \"t\" contains data from the heap which can be used to leak other memory information. The bug lies in the conversion from a \"Variant\" tensor to a \"RaggedTensor\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_from_variant_op.cc#L177-L190) does not check that all inner shapes match and this results in the additional dimensions. The same implementation can result in data loss, if input tensor is tweaked. The Tensorflow team has patched the issue in GitHub commit 4e2565483d0ffcadc719bd44893fb7f609bb5f12.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g8wg-cjwc-xhhp\r\nhttps://github.com/tensorflow/tensorflow/commit/4e2565483d0ffcadc719bd44893fb7f609bb5f12", - "cve": "CVE-2021-37679", - "id": "pyup.io-41154", - "more_info_path": "/vulnerabilities/CVE-2021-37679/41154", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37677: In affected versions the shape inference code for \"tf.raw_ops.Dequantize\" has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/array_ops.cc#L2999-L3014) uses \"axis\" to select between two different values for \"minmax_rank\" which is then used to retrieve tensor dimensions. However, code assumes that \"axis\" can be either \"-1\" or a value greater than \"-1\", with no validation for the other values. The Tensorflow team has patched the issue in GitHub commit da857cfa0fde8f79ad0afdbc94e88b5d4bbec764.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qfpc-5pjr-mh26\r\nhttps://github.com/tensorflow/tensorflow/commit/da857cfa0fde8f79ad0afdbc94e88b5d4bbec764", + "cve": "CVE-2021-37677", + "id": "pyup.io-41152", + "more_info_path": "/vulnerabilities/CVE-2021-37677/41152", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156914,10 +157426,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37673:\r\nIn affected versions, an attacker can trigger a denial of service via a \"CHECK\"-fail in \"tf.raw_ops.MapStage\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/map_stage_op.cc#L513) does not check that the \"key\" input is a valid non-empty tensor. The Tensorflow team has patched the issue in GitHub commit d7de67733925de196ec8863a33445b73f9562d1d.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-278g-rq84-9hmg\r\nhttps://github.com/tensorflow/tensorflow/commit/d7de67733925de196ec8863a33445b73f9562d1d", - "cve": "CVE-2021-37673", - "id": "pyup.io-41148", - "more_info_path": "/vulnerabilities/CVE-2021-37673/41148", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37650: In affected versions the implementation for `tf.raw_ops.ExperimentalDatasetToTFRecord` and `tf.raw_ops.DatasetToTFRecord` can trigger heap buffer overflow and segmentation fault. The [implementation](https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/data/experimental/to_tf_record_op.cc#L93-L102) assumes that all records in the dataset are of string type. However, there is no check for that, and the example given above uses numeric types. The Tensorflow team has patched the issue in GitHub commit e0b6e58c328059829c3eb968136f17aa72b6c876.", + "cve": "CVE-2021-37650", + "id": "pyup.io-41125", + "more_info_path": "/vulnerabilities/CVE-2021-37650/41125", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156927,10 +157439,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37672:\r\nIn affected versions, an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to \"tf.raw_ops.SdcaOptimizerV2\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/sdca_internal.cc#L320-L353) does not check that the length of \"example_labels\" is the same as the number of examples. The Tensorflow team has patched the issue in GitHub commit a4e138660270e7599793fa438cd7b2fc2ce215a6.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7\r\nhttps://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6", - "cve": "CVE-2021-37672", - "id": "pyup.io-41147", - "more_info_path": "/vulnerabilities/CVE-2021-37672/41147", + "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37669:\r\nIn affected versions, an attacker can cause denial of service in applications serving models using \"tf.raw_ops.NonMaxSuppressionV5\" by triggering a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/image/non_max_suppression_op.cc#L170-L271) uses a user controlled argument to resize a \"std::vector\". However, as \"std::vector::resize\" takes the size argument as a \"size_t\" and \"output_size\" is an \"int\", there is an implicit conversion to unsigned. If the attacker supplies a negative value, this conversion results in a crash. A similar issue occurs in \"CombinedNonMaxSuppression\". The Tensorflow team has patched the issue in GitHub commit 3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d and commit b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vmjw-c2vp-p33c\r\nhttps://github.com/tensorflow/tensorflow/commit/3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d\r\nhttps://github.com/tensorflow/tensorflow/commit/b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58", + "cve": "CVE-2021-37669", + "id": "pyup.io-41144", + "more_info_path": "/vulnerabilities/CVE-2021-37669/41144", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156940,10 +157452,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37670:\r\nIn affected versions, an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to \"tf.raw_ops.UpperBound\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/searchsorted_op.cc#L85-L104) does not validate the rank of \"sorted_input\" argument. A similar issue occurs in \"tf.raw_ops.LowerBound\". The Tensorflow team has patched the issue in GitHub commit 42459e4273c2e47a3232cc16c4f4fff3b3a35c38.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9697-98pf-4rw7\r\nhttps://github.com/tensorflow/tensorflow/commit/42459e4273c2e47a3232cc16c4f4fff3b3a35c38", - "cve": "CVE-2021-37670", - "id": "pyup.io-41145", - "more_info_path": "/vulnerabilities/CVE-2021-37670/41145", + "advisory": "Tensorflow 2.3.4, 2.4.3, 2.5.1, and 2.6.0 updates its dependency 'curl' to v7.77.0 to include security fixes.", + "cve": "CVE-2021-22901", + "id": "pyup.io-41104", + "more_info_path": "/vulnerabilities/CVE-2021-22901/41104", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -156953,10 +157465,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37669:\r\nIn affected versions, an attacker can cause denial of service in applications serving models using \"tf.raw_ops.NonMaxSuppressionV5\" by triggering a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/image/non_max_suppression_op.cc#L170-L271) uses a user controlled argument to resize a \"std::vector\". However, as \"std::vector::resize\" takes the size argument as a \"size_t\" and \"output_size\" is an \"int\", there is an implicit conversion to unsigned. If the attacker supplies a negative value, this conversion results in a crash. A similar issue occurs in \"CombinedNonMaxSuppression\". The Tensorflow team has patched the issue in GitHub commit 3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d and commit b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vmjw-c2vp-p33c\r\nhttps://github.com/tensorflow/tensorflow/commit/3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d\r\nhttps://github.com/tensorflow/tensorflow/commit/b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58", - "cve": "CVE-2021-37669", - "id": "pyup.io-41144", - "more_info_path": "/vulnerabilities/CVE-2021-37669/41144", + "advisory": "TensorFlow 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37655: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to 'tf.raw_ops.ResourceScatterUpdate'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L919-L923) has an incomplete validation of the relationship between the shapes of 'indices' and 'updates': instead of checking that the shape of 'indices' is a prefix of the shape of 'updates' (so that broadcasting can happen), code only checks that the number of elements in these two tensors are in a divisibility relationship. The Tensorflow team has patched the issue in GitHub commit 01cff3f986259d661103412a20745928c727326f.", + "cve": "CVE-2021-37655", + "id": "pyup.io-41130", + "more_info_path": "/vulnerabilities/CVE-2021-37655/41130", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -157309,20 +157821,20 @@ "v": "<2.12.1,>=2.13.0rc0,<2.13.0" }, { - "advisory": "Tensorflow-aarch64 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", - "cve": "CVE-2023-38545", - "id": "pyup.io-72936", - "more_info_path": "/vulnerabilities/CVE-2023-38545/72936", + "advisory": "TensorFlow-aarch64 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", + "cve": "CVE-2023-38546", + "id": "pyup.io-72935", + "more_info_path": "/vulnerabilities/CVE-2023-38546/72935", "specs": [ "<2.14.1" ], "v": "<2.14.1" }, { - "advisory": "TensorFlow-aarch64 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", - "cve": "CVE-2023-38546", - "id": "pyup.io-72935", - "more_info_path": "/vulnerabilities/CVE-2023-38546/72935", + "advisory": "Tensorflow-aarch64 2.14.1 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", + "cve": "CVE-2023-38545", + "id": "pyup.io-72936", + "more_info_path": "/vulnerabilities/CVE-2023-38545/72936", "specs": [ "<2.14.1" ], @@ -158390,6 +158902,30 @@ ], "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, + { + "advisory": "Tensorflow-cpu versions 1.15.3, 2.0.2 and 2.1.1 update its dependency \"Apache Spark\" to handle CVE-2018-11770.", + "cve": "CVE-2018-11770", + "id": "pyup.io-55877", + "more_info_path": "/vulnerabilities/CVE-2018-11770/55877", + "specs": [ + "<1.15.3", + ">=2.0.0a0,<2.0.2", + ">=2.1.0rc0,<2.1.1" + ], + "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" + }, + { + "advisory": "Tensorflow-cpu versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"Apache Spark\" to handle CVE-2018-17190.", + "cve": "CVE-2018-17190", + "id": "pyup.io-55876", + "more_info_path": "/vulnerabilities/CVE-2018-17190/55876", + "specs": [ + "<1.15.3", + ">=2.0.0a0,<2.0.2", + ">=2.1.0rc0,<2.1.1" + ], + "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" + }, { "advisory": "Tensorflow-cpu versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"SQLite3\" to handle CVE-2019-19244.", "cve": "CVE-2019-19244", @@ -158438,18 +158974,6 @@ ], "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, - { - "advisory": "Tensorflow-cpu versions 1.15.3, 2.0.2 and 2.1.1 update its dependency \"Apache Spark\" to handle CVE-2018-11770.", - "cve": "CVE-2018-11770", - "id": "pyup.io-55877", - "more_info_path": "/vulnerabilities/CVE-2018-11770/55877", - "specs": [ - "<1.15.3", - ">=2.0.0a0,<2.0.2", - ">=2.1.0rc0,<2.1.1" - ], - "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" - }, { "advisory": "Tensorflow-cpu versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"libjpeg-turbo\" to handle CVE-2018-19664.", "cve": "CVE-2018-19664", @@ -158463,22 +158987,10 @@ "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.3, 2.0.2 and 2.1.1 updates its dependency \"Apache Spark\" to handle CVE-2018-17190.", - "cve": "CVE-2018-17190", - "id": "pyup.io-55876", - "more_info_path": "/vulnerabilities/CVE-2018-17190/55876", - "specs": [ - "<1.15.3", - ">=2.0.0a0,<2.0.2", - ">=2.1.0rc0,<2.1.1" - ], - "v": "<1.15.3,>=2.0.0a0,<2.0.2,>=2.1.0rc0,<2.1.1" - }, - { - "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15207: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses 'ResolveAxis' to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds. If the 'DCHECK' does not trigger, then code execution moves ahead with a negative index. This, in turn, results in accessing data out of bounds which results in segfaults and/or data corruption.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q4qf-3fc6-8x34", - "cve": "CVE-2020-15207", - "id": "pyup.io-55855", - "more_info_path": "/vulnerabilities/CVE-2020-15207/55855", + "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15204: In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling \"tf.raw_ops.GetSessionHandle\" or \"tf.raw_ops.GetSessionHandleV2\" results in a null pointer dereference In linked snippet, in eager mode, \"ctx->session_state()\" returns \"nullptr\". Since code immediately dereferences this, we get a segmentation fault. The issue was patched in commit 9a133d73ae4b4664d22bd1aa6d654fec13c52ee1", + "cve": "CVE-2020-15204", + "id": "pyup.io-55845", + "more_info_path": "/vulnerabilities/CVE-2020-15204/55845", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -158517,10 +159029,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15206: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's \"SavedModel\" protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using \"Tensorflow-cpu-serving\" or other inference-as-a-service installments. Fixed were added in commits f760f88b4267d981e13f4b302c437ae800445968 and fcfef195637c6e365577829c4d67681695956e7d. However, this was not enough, as #41097 reported a different failure mode. The issue was finally patched in commit df095206f25471e864a8e63a0f1caef53a0e3a6", - "cve": "CVE-2020-15206", - "id": "pyup.io-55847", - "more_info_path": "/vulnerabilities/CVE-2020-15206/55847", + "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15211: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices for the tensors, indexing into an array of tensors that is owned by the subgraph. This results in a pattern of double array indexing when trying to get the data of each tensor. However, some operators can have some tensors be optional. To handle this scenario, the flatbuffer model uses a negative \"-1\" value as index for these tensors. This results in special casing during validation at model loading time. Unfortunately, this means that the \"-1\" index is a valid tensor index for any operator, including those that don't expect optional inputs and including for output tensors. Thus, this allows writing and reading from outside the bounds of heap allocated arrays, although only at a specific offset from the start of these arrays. This results in both read and write gadgets, albeit very limited in scope. The issue was patched in several commits (46d5b0852, 00302787b7, e11f5558, cd31fd0ce, 1970c21, and fff2c83). A potential workaround would be to add a custom \"Verifier\" to the model loading code to ensure that only operators which accept optional inputs use the \"-1\" special value and only for the tensors that they expect to be optional. Since this allow-list type approach is error-prone, it's advised upgrading to the patched code.", + "cve": "CVE-2020-15211", + "id": "pyup.io-55848", + "more_info_path": "/vulnerabilities/CVE-2020-15211/55848", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -158531,10 +159043,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15204: In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. Hence, calling \"tf.raw_ops.GetSessionHandle\" or \"tf.raw_ops.GetSessionHandleV2\" results in a null pointer dereference In linked snippet, in eager mode, \"ctx->session_state()\" returns \"nullptr\". Since code immediately dereferences this, we get a segmentation fault. The issue was patched in commit 9a133d73ae4b4664d22bd1aa6d654fec13c52ee1", - "cve": "CVE-2020-15204", - "id": "pyup.io-55845", - "more_info_path": "/vulnerabilities/CVE-2020-15204/55845", + "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15202: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the 'Shard' API in TensorFlow expects the last argument to be a function taking two 'int64' (i.e., 'long long') arguments. However, there are several places in TensorFlow where a lambda taking 'int' or 'int32' arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6fg-mjxg-hqq4", + "cve": "CVE-2020-15202", + "id": "pyup.io-55851", + "more_info_path": "/vulnerabilities/CVE-2020-15202/55851", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -158559,10 +159071,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15211: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. The flatbuffer format uses indices for the tensors, indexing into an array of tensors that is owned by the subgraph. This results in a pattern of double array indexing when trying to get the data of each tensor. However, some operators can have some tensors be optional. To handle this scenario, the flatbuffer model uses a negative \"-1\" value as index for these tensors. This results in special casing during validation at model loading time. Unfortunately, this means that the \"-1\" index is a valid tensor index for any operator, including those that don't expect optional inputs and including for output tensors. Thus, this allows writing and reading from outside the bounds of heap allocated arrays, although only at a specific offset from the start of these arrays. This results in both read and write gadgets, albeit very limited in scope. The issue was patched in several commits (46d5b0852, 00302787b7, e11f5558, cd31fd0ce, 1970c21, and fff2c83). A potential workaround would be to add a custom \"Verifier\" to the model loading code to ensure that only operators which accept optional inputs use the \"-1\" special value and only for the tensors that they expect to be optional. Since this allow-list type approach is error-prone, it's advised upgrading to the patched code.", - "cve": "CVE-2020-15211", - "id": "pyup.io-55848", - "more_info_path": "/vulnerabilities/CVE-2020-15211/55848", + "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 include a fix for CVE-2020-15206: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's \"SavedModel\" protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using \"Tensorflow-cpu-serving\" or other inference-as-a-service installments. Fixed were added in commits f760f88b4267d981e13f4b302c437ae800445968 and fcfef195637c6e365577829c4d67681695956e7d. However, this was not enough, as #41097 reported a different failure mode. The issue was finally patched in commit df095206f25471e864a8e63a0f1caef53a0e3a6", + "cve": "CVE-2020-15206", + "id": "pyup.io-55847", + "more_info_path": "/vulnerabilities/CVE-2020-15206/55847", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -158601,10 +159113,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15202: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the 'Shard' API in TensorFlow expects the last argument to be a function taking two 'int64' (i.e., 'long long') arguments. However, there are several places in TensorFlow where a lambda taking 'int' or 'int32' arguments is being used. In these cases, if the amount of work to be parallelized is large enough, integer truncation occurs. Depending on how the two arguments of the lambda are used, this can result in segfaults, read/write outside of heap allocated arrays, stack overflows, or data corruption.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6fg-mjxg-hqq4", - "cve": "CVE-2020-15202", - "id": "pyup.io-55851", - "more_info_path": "/vulnerabilities/CVE-2020-15202/55851", + "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15203: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the 'fill' argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a 'printf' call is constructed. This may result in segmentation fault.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xmq7-7fxm-rr79", + "cve": "CVE-2020-15203", + "id": "pyup.io-55854", + "more_info_path": "/vulnerabilities/CVE-2020-15203/55854", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -158615,10 +159127,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0a0,<2.1.2,>=2.2.0a0,<2.2.1,>=2.3.0a0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15203: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the 'fill' argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a 'printf' call is constructed. This may result in segmentation fault.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xmq7-7fxm-rr79", - "cve": "CVE-2020-15203", - "id": "pyup.io-55854", - "more_info_path": "/vulnerabilities/CVE-2020-15203/55854", + "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 include a fix for CVE-2020-15207: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses 'ResolveAxis' to convert negative values to positive indices. However, the only check that the converted index is now valid is only present in debug builds. If the 'DCHECK' does not trigger, then code execution moves ahead with a negative index. This, in turn, results in accessing data out of bounds which results in segfaults and/or data corruption.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q4qf-3fc6-8x34", + "cve": "CVE-2020-15207", + "id": "pyup.io-55855", + "more_info_path": "/vulnerabilities/CVE-2020-15207/55855", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -158694,10 +159206,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-11655.", - "cve": "CVE-2020-11655", - "id": "pyup.io-55839", - "more_info_path": "/vulnerabilities/CVE-2020-11655/55839", + "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-11656.", + "cve": "CVE-2020-11656", + "id": "pyup.io-55840", + "more_info_path": "/vulnerabilities/CVE-2020-11656/55840", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -158707,10 +159219,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-11656.", - "cve": "CVE-2020-11656", - "id": "pyup.io-55840", - "more_info_path": "/vulnerabilities/CVE-2020-11656/55840", + "advisory": "Tensorflow-cpu versions 1.15.4, 2.0.3, 2.1.2 and 2.2.1 update its dependency \"SQLite\" to handle CVE-2020-11655.", + "cve": "CVE-2020-11655", + "id": "pyup.io-55839", + "more_info_path": "/vulnerabilities/CVE-2020-11655/55839", "specs": [ "<1.15.4", ">=2.0.0a0,<2.0.3", @@ -158761,10 +159273,10 @@ "v": "<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2 and 2.3.2 update its dependency \"PCRE\" to handle CVE-2020-14155.", - "cve": "CVE-2020-14155", - "id": "pyup.io-55823", - "more_info_path": "/vulnerabilities/CVE-2020-14155/55823", + "advisory": "Tensorflow-cpu versions 2.3.2, 2.2.2, 2.1.3, 2.0.4 and 1.15.5 update its dependency 'Junit4' to v4.13.1 to include a security fix.", + "cve": "CVE-2020-15250", + "id": "pyup.io-55822", + "more_info_path": "/vulnerabilities/CVE-2020-15250/55822", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -158803,10 +159315,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2" }, { - "advisory": "Tensorflow-cpu versions 2.3.2, 2.2.2, 2.1.3, 2.0.4 and 1.15.5 update its dependency 'Junit4' to v4.13.1 to include a security fix.", - "cve": "CVE-2020-15250", - "id": "pyup.io-55822", - "more_info_path": "/vulnerabilities/CVE-2020-15250/55822", + "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2 and 2.3.2 update its dependency \"PCRE\" to handle CVE-2020-14155.", + "cve": "CVE-2020-14155", + "id": "pyup.io-55823", + "more_info_path": "/vulnerabilities/CVE-2020-14155/55823", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -158817,10 +159329,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2" }, { - "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26268: In affected versions, the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault. This is because the allocator used to return the buffer data is not marked as returning an opaque handle since the needed virtual method is not overridden.", - "cve": "CVE-2020-26268", - "id": "pyup.io-55828", - "more_info_path": "/vulnerabilities/CVE-2020-26268/55828", + "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26271: In affected versions, under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node (given by output_index) and the input slot of the dst node (given by input_index). This is only possible if the types of the tensors on both sides coincide, so the function begins by obtaining the corresponding DataType values and comparing these for equality. However, there is no check that the indices point to inside of the arrays they index into. Thus, this can result in accessing data out of bounds of the corresponding heap allocated arrays. In most scenarios, this can manifest as unitialized data access, but if the index points far away from the boundaries of the arrays this can be used to leak addresses from the library.", + "cve": "CVE-2020-26271", + "id": "pyup.io-55825", + "more_info_path": "/vulnerabilities/CVE-2020-26271/55825", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -158847,10 +159359,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2,>=2.4.0rc0,<2.4.0" }, { - "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0 includes a fix for CVE-2020-26266: In affected versions and under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen.", - "cve": "CVE-2020-26266", - "id": "pyup.io-55827", - "more_info_path": "/vulnerabilities/CVE-2020-26266/55827", + "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26268: In affected versions, the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault. This is because the allocator used to return the buffer data is not marked as returning an opaque handle since the needed virtual method is not overridden.", + "cve": "CVE-2020-26268", + "id": "pyup.io-55828", + "more_info_path": "/vulnerabilities/CVE-2020-26268/55828", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -158862,10 +159374,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2,>=2.4.0rc0,<2.4.0" }, { - "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26267: In affected versions, the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes.", - "cve": "CVE-2020-26267", - "id": "pyup.io-55826", - "more_info_path": "/vulnerabilities/CVE-2020-26267/55826", + "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0 includes a fix for CVE-2020-26266: In affected versions and under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen.", + "cve": "CVE-2020-26266", + "id": "pyup.io-55827", + "more_info_path": "/vulnerabilities/CVE-2020-26266/55827", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -158877,10 +159389,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2,>=2.4.0rc0,<2.4.0" }, { - "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26271: In affected versions, under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node (given by output_index) and the input slot of the dst node (given by input_index). This is only possible if the types of the tensors on both sides coincide, so the function begins by obtaining the corresponding DataType values and comparing these for equality. However, there is no check that the indices point to inside of the arrays they index into. Thus, this can result in accessing data out of bounds of the corresponding heap allocated arrays. In most scenarios, this can manifest as unitialized data access, but if the index points far away from the boundaries of the arrays this can be used to leak addresses from the library.", - "cve": "CVE-2020-26271", - "id": "pyup.io-55825", - "more_info_path": "/vulnerabilities/CVE-2020-26271/55825", + "advisory": "Tensorflow-cpu versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2 and 2.4.0 includes a fix for CVE-2020-26267: In affected versions, the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation of NHWC. This can result in uninitialized memory accesses, read outside of bounds and even crashes.", + "cve": "CVE-2020-26267", + "id": "pyup.io-55826", + "more_info_path": "/vulnerabilities/CVE-2020-26267/55826", "specs": [ "<1.15.5", ">=2.0.0a0,<2.0.4", @@ -158892,32 +159404,10 @@ "v": "<1.15.5,>=2.0.0a0,<2.0.4,>=2.1.0rc0,<2.1.3,>=2.2.0rc0,<2.2.2,>=2.3.0rc0,<2.3.2,>=2.4.0rc0,<2.4.0" }, { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25660: Prior to versions 2.12.0 and 2.11.1, when the parameter 'summarize' of 'tf.raw_ops.Print' is zero, the new method 'SummarizeArray' will reference to a nullptr, leading to a seg fault.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj", - "cve": "CVE-2023-25660", - "id": "pyup.io-55430", - "more_info_path": "/vulnerabilities/CVE-2023-25660/55430", - "specs": [ - "<2.11.1", - ">=2.12.0rc0,<2.12.0" - ], - "v": "<2.11.1,>=2.12.0rc0,<2.12.0" - }, - { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25674: Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579", - "cve": "CVE-2023-25674", - "id": "pyup.io-55417", - "more_info_path": "/vulnerabilities/CVE-2023-25674/55417", - "specs": [ - "<2.11.1", - ">=2.12.0rc0,<2.12.0" - ], - "v": "<2.11.1,>=2.12.0rc0,<2.12.0" - }, - { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25661: In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the 'Convolution3DTranspose' function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a 'Convolution3DTranspose' call.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq", - "cve": "CVE-2023-25661", - "id": "pyup.io-55418", - "more_info_path": "/vulnerabilities/CVE-2023-25661/55418", + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25669: Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for 'tf.raw_ops.AvgPoolGrad', it can give a floating point exception.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p", + "cve": "CVE-2023-25669", + "id": "pyup.io-55425", + "more_info_path": "/vulnerabilities/CVE-2023-25669/55425", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -158925,10 +159415,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25801: Prior to versions 2.12.0 and 2.11.1, 'nn_ops.fractional_avg_pool_v2' and 'nn_ops.fractional_max_pool_v2' require the first and fourth elements of their parameter 'pooling_ratio' to be equal to 1.0, as pooling on batch and channel dimensions is not supported.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q", - "cve": "CVE-2023-25801", - "id": "pyup.io-55419", - "more_info_path": "/vulnerabilities/CVE-2023-25801/55419", + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25665: Prior to versions 2.12.0 and 2.11.1, when 'SparseSparseMaximum' is given invalid sparse tensors as inputs, it can give a null pointer error.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g", + "cve": "CVE-2023-25665", + "id": "pyup.io-55421", + "more_info_path": "/vulnerabilities/CVE-2023-25665/55421", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -158936,10 +159426,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25663: Prior to versions 2.12.0 and 2.11.1, when 'ctx->step_containter()' is a null ptr, the Lookup function will be executed with a null pointer.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w", - "cve": "CVE-2023-25663", - "id": "pyup.io-55428", - "more_info_path": "/vulnerabilities/CVE-2023-25663/55428", + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-27579: Constructing a tflite model with a paramater 'filter_input_channel' of less than 1 gives a FPE.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8", + "cve": "CVE-2023-27579", + "id": "pyup.io-55422", + "more_info_path": "/vulnerabilities/CVE-2023-27579/55422", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -158947,10 +159437,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25673: Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", - "cve": "CVE-2023-25673", - "id": "pyup.io-55412", - "more_info_path": "/vulnerabilities/CVE-2023-25673/55412", + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25670: Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w", + "cve": "CVE-2023-25670", + "id": "pyup.io-55424", + "more_info_path": "/vulnerabilities/CVE-2023-25670/55424", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -159002,10 +159492,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25659: Prior to versions 2.12.0 and 2.11.1, if the parameter 'indices' for 'DynamicStitch' does not match the shape of the parameter 'data', it can trigger an stack OOB read.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p", - "cve": "CVE-2023-25659", - "id": "pyup.io-55431", - "more_info_path": "/vulnerabilities/CVE-2023-25659/55431", + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25801: Prior to versions 2.12.0 and 2.11.1, 'nn_ops.fractional_avg_pool_v2' and 'nn_ops.fractional_max_pool_v2' require the first and fourth elements of their parameter 'pooling_ratio' to be equal to 1.0, as pooling on batch and channel dimensions is not supported.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q", + "cve": "CVE-2023-25801", + "id": "pyup.io-55419", + "more_info_path": "/vulnerabilities/CVE-2023-25801/55419", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -159013,10 +159503,76 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25669: Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for 'tf.raw_ops.AvgPoolGrad', it can give a floating point exception.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p", - "cve": "CVE-2023-25669", - "id": "pyup.io-55425", - "more_info_path": "/vulnerabilities/CVE-2023-25669/55425", + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25660: Prior to versions 2.12.0 and 2.11.1, when the parameter 'summarize' of 'tf.raw_ops.Print' is zero, the new method 'SummarizeArray' will reference to a nullptr, leading to a seg fault.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj", + "cve": "CVE-2023-25660", + "id": "pyup.io-55430", + "more_info_path": "/vulnerabilities/CVE-2023-25660/55430", + "specs": [ + "<2.11.1", + ">=2.12.0rc0,<2.12.0" + ], + "v": "<2.11.1,>=2.12.0rc0,<2.12.0" + }, + { + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25661: In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the 'Convolution3DTranspose' function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a 'Convolution3DTranspose' call.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq", + "cve": "CVE-2023-25661", + "id": "pyup.io-55418", + "more_info_path": "/vulnerabilities/CVE-2023-25661/55418", + "specs": [ + "<2.11.1", + ">=2.12.0rc0,<2.12.0" + ], + "v": "<2.11.1,>=2.12.0rc0,<2.12.0" + }, + { + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25663: Prior to versions 2.12.0 and 2.11.1, when 'ctx->step_containter()' is a null ptr, the Lookup function will be executed with a null pointer.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w", + "cve": "CVE-2023-25663", + "id": "pyup.io-55428", + "more_info_path": "/vulnerabilities/CVE-2023-25663/55428", + "specs": [ + "<2.11.1", + ">=2.12.0rc0,<2.12.0" + ], + "v": "<2.11.1,>=2.12.0rc0,<2.12.0" + }, + { + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25668: Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96", + "cve": "CVE-2023-25668", + "id": "pyup.io-55426", + "more_info_path": "/vulnerabilities/CVE-2023-25668/55426", + "specs": [ + "<2.11.1", + ">=2.12.0rc0,<2.12.0" + ], + "v": "<2.11.1,>=2.12.0rc0,<2.12.0" + }, + { + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25673: Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", + "cve": "CVE-2023-25673", + "id": "pyup.io-55412", + "more_info_path": "/vulnerabilities/CVE-2023-25673/55412", + "specs": [ + "<2.11.1", + ">=2.12.0rc0,<2.12.0" + ], + "v": "<2.11.1,>=2.12.0rc0,<2.12.0" + }, + { + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25675: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.Bincount' segfaults when given a parameter 'weights' that is neither the same shape as parameter 'arr' nor a length-0 tensor.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj", + "cve": "CVE-2023-25675", + "id": "pyup.io-55420", + "more_info_path": "/vulnerabilities/CVE-2023-25675/55420", + "specs": [ + "<2.11.1", + ">=2.12.0rc0,<2.12.0" + ], + "v": "<2.11.1,>=2.12.0rc0,<2.12.0" + }, + { + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25659: Prior to versions 2.12.0 and 2.11.1, if the parameter 'indices' for 'DynamicStitch' does not match the shape of the parameter 'data', it can trigger an stack OOB read.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p", + "cve": "CVE-2023-25659", + "id": "pyup.io-55431", + "more_info_path": "/vulnerabilities/CVE-2023-25659/55431", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -159045,28 +159601,6 @@ ], "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, - { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25665: Prior to versions 2.12.0 and 2.11.1, when 'SparseSparseMaximum' is given invalid sparse tensors as inputs, it can give a null pointer error.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g", - "cve": "CVE-2023-25665", - "id": "pyup.io-55421", - "more_info_path": "/vulnerabilities/CVE-2023-25665/55421", - "specs": [ - "<2.11.1", - ">=2.12.0rc0,<2.12.0" - ], - "v": "<2.11.1,>=2.12.0rc0,<2.12.0" - }, - { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-27579: Constructing a tflite model with a paramater 'filter_input_channel' of less than 1 gives a FPE.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8", - "cve": "CVE-2023-27579", - "id": "pyup.io-55422", - "more_info_path": "/vulnerabilities/CVE-2023-27579/55422", - "specs": [ - "<2.11.1", - ">=2.12.0rc0,<2.12.0" - ], - "v": "<2.11.1,>=2.12.0rc0,<2.12.0" - }, { "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25671: There is out-of-bounds access due to mismatched integer type sizes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j5w9-hmfh-4cr6", "cve": "CVE-2023-25671", @@ -159079,32 +159613,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25675: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.Bincount' segfaults when given a parameter 'weights' that is neither the same shape as parameter 'arr' nor a length-0 tensor.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj", - "cve": "CVE-2023-25675", - "id": "pyup.io-55420", - "more_info_path": "/vulnerabilities/CVE-2023-25675/55420", - "specs": [ - "<2.11.1", - ">=2.12.0rc0,<2.12.0" - ], - "v": "<2.11.1,>=2.12.0rc0,<2.12.0" - }, - { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25670: Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w", - "cve": "CVE-2023-25670", - "id": "pyup.io-55424", - "more_info_path": "/vulnerabilities/CVE-2023-25670/55424", - "specs": [ - "<2.11.1", - ">=2.12.0rc0,<2.12.0" - ], - "v": "<2.11.1,>=2.12.0rc0,<2.12.0" - }, - { - "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25668: Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96", - "cve": "CVE-2023-25668", - "id": "pyup.io-55426", - "more_info_path": "/vulnerabilities/CVE-2023-25668/55426", + "advisory": "Tensorflow-cpu 2.11.1 and 2.12.0 include a fix for CVE-2023-25674: Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579", + "cve": "CVE-2023-25674", + "id": "pyup.io-55417", + "more_info_path": "/vulnerabilities/CVE-2023-25674/55417", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -159133,16 +159645,6 @@ ], "v": "<2.12.1,>=2.13.0rc0,<2.13.0" }, - { - "advisory": "TensorFlow-CPU updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", - "cve": "CVE-2023-38545", - "id": "pyup.io-72613", - "more_info_path": "/vulnerabilities/CVE-2023-38545/72613", - "specs": [ - "<2.14.1" - ], - "v": "<2.14.1" - }, { "advisory": "TensorFlow-GPU updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", "cve": "CVE-2023-38546", @@ -159154,14 +159656,14 @@ "v": "<2.14.1" }, { - "advisory": "Tensorflow-cpu 2.4.0 includes a fix for CVE-2020-15265: In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.", - "cve": "CVE-2020-15265", - "id": "pyup.io-55834", - "more_info_path": "/vulnerabilities/CVE-2020-15265/55834", + "advisory": "TensorFlow-CPU 2.14.1 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", + "cve": "CVE-2023-38545", + "id": "pyup.io-72613", + "more_info_path": "/vulnerabilities/CVE-2023-38545/72613", "specs": [ - "<2.4.0" + "<2.14.1" ], - "v": "<2.4.0" + "v": "<2.14.1" }, { "advisory": "Tensorflow-cpu 2.4.0 includes a fix for CVE-2020-15266: In Tensorflow before version 2.4.0, when the 'boxes' argument of 'tf.image.crop_and_resize' has a very large value, the CPU kernel implementation receives it as a C++ 'nan' floating point value. Attempting to operate on this is undefined behavior which later produces a segmentation fault.\nhttps://github.com/tensorflow/tensorflow/issues/42129\nhttps://github.com/tensorflow/tensorflow/pull/42143/commits/3ade2efec2e90c6237de32a19680caaa3ebc2845\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xwhf-g6j5-j5gc", @@ -159183,6 +159685,16 @@ ], "v": "<2.4.0" }, + { + "advisory": "Tensorflow-cpu 2.4.0 includes a fix for CVE-2020-15265: In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.", + "cve": "CVE-2020-15265", + "id": "pyup.io-55834", + "more_info_path": "/vulnerabilities/CVE-2020-15265/55834", + "specs": [ + "<2.4.0" + ], + "v": "<2.4.0" + }, { "advisory": "Tensorflow-cpu 2.4.0 includes a fix for CVE-2020-15265: In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`. This results in accessing a dimension outside the rank of the input tensor in the C++ kernel implementation. However, dim_size only does a DCHECK to validate the argument and then uses it to access the corresponding element of an array. Since in normal builds, `DCHECK`-like macros are no-ops, this results in segfault and access out of bounds of the array. The issue is patched in eccb7ec454e6617738554a255d77f08e60ee0808 and TensorFlow 2.4.0 will be released containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved.", "cve": "CVE-2020-15265", @@ -159194,10 +159706,10 @@ "v": "<2.4.0" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41205: In affected versions, the shape inference functions for the 'QuantizeAndDequantizeV*' operations can trigger a read outside of bounds of heap allocated array. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f\nhttps://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d", - "cve": "CVE-2021-41205", - "id": "pyup.io-55624", - "more_info_path": "/vulnerabilities/CVE-2021-41205/55624", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41200: In affected versions, if 'tf.summary.create_file_writer' is called with non-scalar arguments, code crashes due to a 'CHECK'-fail. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f", + "cve": "CVE-2021-41200", + "id": "pyup.io-55638", + "more_info_path": "/vulnerabilities/CVE-2021-41200/55638", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159206,10 +159718,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41209: In affected versions, the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6\nhttps://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", - "cve": "CVE-2021-41209", - "id": "pyup.io-55616", - "more_info_path": "/vulnerabilities/CVE-2021-41209/55616", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41215: In affected versions, the shape inference code for 'DeserializeSparse' can trigger a null pointer dereference. This is because the shape inference function assumes that the 'serialize_sparse' tensor is a tensor with positive rank (and having '3' as the last dimension). The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r\nhttps://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850", + "cve": "CVE-2021-41215", + "id": "pyup.io-55620", + "more_info_path": "/vulnerabilities/CVE-2021-41215/55620", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159218,10 +159730,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22922.", - "cve": "CVE-2021-22922", - "id": "pyup.io-55611", - "more_info_path": "/vulnerabilities/CVE-2021-22922/55611", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41217: In affected versions, the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in the pairing (e.g., an 'Enter' node) always exists when encountering the second node (e.g., an 'Exit' node). When this is not the case, 'parent' is 'nullptr' so dereferencing it causes a crash. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq\nhttps://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff", + "cve": "CVE-2021-41217", + "id": "pyup.io-55623", + "more_info_path": "/vulnerabilities/CVE-2021-41217/55623", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159230,10 +159742,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41215: In affected versions, the shape inference code for 'DeserializeSparse' can trigger a null pointer dereference. This is because the shape inference function assumes that the 'serialize_sparse' tensor is a tensor with positive rank (and having '3' as the last dimension). The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r\nhttps://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850", - "cve": "CVE-2021-41215", - "id": "pyup.io-55620", - "more_info_path": "/vulnerabilities/CVE-2021-41215/55620", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22923.", + "cve": "CVE-2021-22923", + "id": "pyup.io-55628", + "more_info_path": "/vulnerabilities/CVE-2021-22923/55628", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159242,10 +159754,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41213: In affected versions, the code behind 'tf.function' API can be made to deadlock when two 'tf.function' decorated Python functions are mutually recursive. This occurs due to using a non-reentrant 'Lock' Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive 'tf.function', although this is not a frequent scenario.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf\nhttps://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7", - "cve": "CVE-2021-41213", - "id": "pyup.io-55636", - "more_info_path": "/vulnerabilities/CVE-2021-41213/55636", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41207: In affected versions, the implementation of 'ParallelConcat' misses some input validation and can produce a division by 0. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h\nhttps://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", + "cve": "CVE-2021-41207", + "id": "pyup.io-55630", + "more_info_path": "/vulnerabilities/CVE-2021-41207/55630", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159254,10 +159766,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41221: In affected versions, the shape inference code for the 'Cudnn*' operations can be tricked into accessing invalid memory via a heap buffer overflow. This occurs because the ranks of the 'input', 'input_h' and 'input_c' parameters are not validated, but code assumes they have certain values. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx\nhttps://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6", - "cve": "CVE-2021-41221", - "id": "pyup.io-55639", - "more_info_path": "/vulnerabilities/CVE-2021-41221/55639", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41209: In affected versions, the implementations for convolution operators trigger a division by 0 if passed empty filter tensor arguments. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6\nhttps://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", + "cve": "CVE-2021-41209", + "id": "pyup.io-55616", + "more_info_path": "/vulnerabilities/CVE-2021-41209/55616", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159266,10 +159778,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41202: In affected versions, while calculating the size of the output within the 'tf.range' kernel, there is a conditional statement of type 'int64 = condition ? int64 : double'. Due to C++ implicit conversion rules, both branches of the condition will be cast to 'double' and the result would be truncated before the assignment. This result in overflows. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx", - "cve": "CVE-2021-41202", - "id": "pyup.io-55631", - "more_info_path": "/vulnerabilities/CVE-2021-41202/55631", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41213: In affected versions, the code behind 'tf.function' API can be made to deadlock when two 'tf.function' decorated Python functions are mutually recursive. This occurs due to using a non-reentrant 'Lock' Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive 'tf.function', although this is not a frequent scenario.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf\nhttps://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7", + "cve": "CVE-2021-41213", + "id": "pyup.io-55636", + "more_info_path": "/vulnerabilities/CVE-2021-41213/55636", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159278,10 +159790,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41219: In affected versions, the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to 'nullptr'. This occurs whenever the dimensions of 'a' or 'b' are 0 or less. In the case on one of these is 0, an empty output tensor should be allocated (to conserve the invariant that output tensors are always allocated when the operation is successful) but nothing should be written to it (that is, it should return early from the kernel implementation). Otherwise, attempts to write to this empty tensor would result in heap OOB access. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x\nhttps://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae", - "cve": "CVE-2021-41219", - "id": "pyup.io-55626", - "more_info_path": "/vulnerabilities/CVE-2021-41219/55626", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41202: In affected versions, while calculating the size of the output within the 'tf.range' kernel, there is a conditional statement of type 'int64 = condition ? int64 : double'. Due to C++ implicit conversion rules, both branches of the condition will be cast to 'double' and the result would be truncated before the assignment. This result in overflows. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx", + "cve": "CVE-2021-41202", + "id": "pyup.io-55631", + "more_info_path": "/vulnerabilities/CVE-2021-41202/55631", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159290,10 +159802,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41200: In affected versions, if 'tf.summary.create_file_writer' is called with non-scalar arguments, code crashes due to a 'CHECK'-fail. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f", - "cve": "CVE-2021-41200", - "id": "pyup.io-55638", - "more_info_path": "/vulnerabilities/CVE-2021-41200/55638", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41204: In affected versions, during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x\nhttps://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659", + "cve": "CVE-2021-41204", + "id": "pyup.io-55632", + "more_info_path": "/vulnerabilities/CVE-2021-41204/55632", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159302,10 +159814,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22926.", - "cve": "CVE-2021-22926", - "id": "pyup.io-55619", - "more_info_path": "/vulnerabilities/CVE-2021-22926/55619", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41225: In affected versions, TensorFlow's Grappler optimizer has a use of unitialized variable. If the 'train_nodes' vector (obtained from the saved model that gets optimized) does not contain a 'Dequeue' node, then 'dequeue_node' is left unitialized. The fix is also included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw\nhttps://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3", + "cve": "CVE-2021-41225", + "id": "pyup.io-55641", + "more_info_path": "/vulnerabilities/CVE-2021-41225/55641", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159337,18 +159849,6 @@ ], "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, - { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41227: In affected versions, the 'ImmutableConst' operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the 'tstring' TensorFlow string class has a special case for memory mapped strings but the operation itself does not offer any support for this datatype. The fix is also included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7\nhttps://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b\nhttps://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585", - "cve": "CVE-2021-41227", - "id": "pyup.io-55612", - "more_info_path": "/vulnerabilities/CVE-2021-41227/55612", - "specs": [ - "<2.4.4", - ">=2.5.0rc0,<2.5.2", - ">=2.6.0rc0,<2.6.1" - ], - "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" - }, { "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41214: In affected versions, the shape inference code for 'tf.ragged.cross' has an undefined behavior due to binding a reference to 'nullptr'. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v\nhttps://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8", "cve": "CVE-2021-41214", @@ -159373,18 +159873,6 @@ ], "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, - { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22923.", - "cve": "CVE-2021-22923", - "id": "pyup.io-55628", - "more_info_path": "/vulnerabilities/CVE-2021-22923/55628", - "specs": [ - "<2.4.4", - ">=2.5.0rc0,<2.5.2", - ">=2.6.0rc0,<2.6.1" - ], - "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" - }, { "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41203: In affected versions, an attacker can trigger undefined behavior, integer overflows, segfaults and 'CHECK'-fail crashes if they can change saved checkpoints from outside of TensorFlow. This is because the checkpoints loading infrastructure is missing validation for invalid file formats.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2", "cve": "CVE-2021-41203", @@ -159421,18 +159909,6 @@ ], "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, - { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41207: In affected versions, the implementation of 'ParallelConcat' misses some input validation and can produce a division by 0. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h\nhttps://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235", - "cve": "CVE-2021-41207", - "id": "pyup.io-55630", - "more_info_path": "/vulnerabilities/CVE-2021-41207/55630", - "specs": [ - "<2.4.4", - ">=2.5.0rc0,<2.5.2", - ">=2.6.0rc0,<2.6.1" - ], - "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" - }, { "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22925.", "cve": "CVE-2021-22925", @@ -159446,10 +159922,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41217: In affected versions, the process of building the control flow graph for a TensorFlow model is vulnerable to a null pointer exception when nodes that should be paired are not. This occurs because the code assumes that the first node in the pairing (e.g., an 'Enter' node) always exists when encountering the second node (e.g., an 'Exit' node). When this is not the case, 'parent' is 'nullptr' so dereferencing it causes a crash. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq\nhttps://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff", - "cve": "CVE-2021-41217", - "id": "pyup.io-55623", - "more_info_path": "/vulnerabilities/CVE-2021-41217/55623", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41205: In affected versions, the shape inference functions for the 'QuantizeAndDequantizeV*' operations can trigger a read outside of bounds of heap allocated array. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f\nhttps://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d", + "cve": "CVE-2021-41205", + "id": "pyup.io-55624", + "more_info_path": "/vulnerabilities/CVE-2021-41205/55624", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159470,10 +159946,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41204: In affected versions, during TensorFlow's Grappler optimizer phase, constant folding might attempt to deep copy a resource tensor. This results in a segfault, as these tensors are supposed to not change. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x\nhttps://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659", - "cve": "CVE-2021-41204", - "id": "pyup.io-55632", - "more_info_path": "/vulnerabilities/CVE-2021-41204/55632", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41195: In affected versions, the implementation of 'tf.math.segment_*' operations results in a 'CHECK'-fail related abort (and denial of service) if a segment id in 'segment_ids' is large. This is similar to CVE-2021-29584 (and similar to other reported vulnerabilities in TensorFlow localized to specific APIs): the implementation (both on CPU and GPU) computes the output shape using 'AddDim'. However, if the number of elements in the tensor overflows an 'int64_t' value, 'AddDim' results in a 'CHECK' failure which provokes a 'std::abort'. Instead, code should use 'AddDimWithStatus'. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh", + "cve": "CVE-2021-41195", + "id": "pyup.io-55617", + "more_info_path": "/vulnerabilities/CVE-2021-41195/55617", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159482,10 +159958,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41225: In affected versions, TensorFlow's Grappler optimizer has a use of unitialized variable. If the 'train_nodes' vector (obtained from the saved model that gets optimized) does not contain a 'Dequeue' node, then 'dequeue_node' is left unitialized. The fix is also included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw\nhttps://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3", - "cve": "CVE-2021-41225", - "id": "pyup.io-55641", - "more_info_path": "/vulnerabilities/CVE-2021-41225/55641", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22924.", + "cve": "CVE-2021-22924", + "id": "pyup.io-55627", + "more_info_path": "/vulnerabilities/CVE-2021-22924/55627", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159494,10 +159970,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22924.", - "cve": "CVE-2021-22924", - "id": "pyup.io-55627", - "more_info_path": "/vulnerabilities/CVE-2021-22924/55627", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41216: In affected versions, the shape inference function for 'Transpose' is vulnerable to a heap buffer overflow. This occurs whenever 'perm' contains negative elements. The shape inference function does not validate that the indices in 'perm' are all valid. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9\nhttps://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14", + "cve": "CVE-2021-41216", + "id": "pyup.io-55629", + "more_info_path": "/vulnerabilities/CVE-2021-41216/55629", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159506,10 +159982,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41198: In affected versions, if 'tf.tile' is called with a large input argument, then the TensorFlow process will crash due to a 'CHECK'-failure caused by an overflow. The number of elements in the output tensor is too much for the 'int64_t' type and the overflow is detected via a 'CHECK' statement. This aborts the process. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q", - "cve": "CVE-2021-41198", - "id": "pyup.io-55642", - "more_info_path": "/vulnerabilities/CVE-2021-41198/55642", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41227: In affected versions, the 'ImmutableConst' operation in TensorFlow can be tricked into reading arbitrary memory contents. This is because the 'tstring' TensorFlow string class has a special case for memory mapped strings but the operation itself does not offer any support for this datatype. The fix is also included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7\nhttps://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b\nhttps://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585", + "cve": "CVE-2021-41227", + "id": "pyup.io-55612", + "more_info_path": "/vulnerabilities/CVE-2021-41227/55612", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159518,10 +159994,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41210: In affected versions, the shape inference functions for 'SparseCountSparseOutput' can trigger a read outside of bounds of heap allocated array. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc\r\nhttps://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2", - "cve": "CVE-2021-41210", - "id": "pyup.io-55643", - "more_info_path": "/vulnerabilities/CVE-2021-41210/55643", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22926.", + "cve": "CVE-2021-22926", + "id": "pyup.io-55619", + "more_info_path": "/vulnerabilities/CVE-2021-22926/55619", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159530,10 +160006,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41195: In affected versions, the implementation of 'tf.math.segment_*' operations results in a 'CHECK'-fail related abort (and denial of service) if a segment id in 'segment_ids' is large. This is similar to CVE-2021-29584 (and similar to other reported vulnerabilities in TensorFlow localized to specific APIs): the implementation (both on CPU and GPU) computes the output shape using 'AddDim'. However, if the number of elements in the tensor overflows an 'int64_t' value, 'AddDim' results in a 'CHECK' failure which provokes a 'std::abort'. Instead, code should use 'AddDimWithStatus'. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh", - "cve": "CVE-2021-41195", - "id": "pyup.io-55617", - "more_info_path": "/vulnerabilities/CVE-2021-41195/55617", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41198: In affected versions, if 'tf.tile' is called with a large input argument, then the TensorFlow process will crash due to a 'CHECK'-failure caused by an overflow. The number of elements in the output tensor is too much for the 'int64_t' type and the overflow is detected via a 'CHECK' statement. This aborts the process. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q", + "cve": "CVE-2021-41198", + "id": "pyup.io-55642", + "more_info_path": "/vulnerabilities/CVE-2021-41198/55642", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159542,10 +160018,10 @@ "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, { - "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41216: In affected versions, the shape inference function for 'Transpose' is vulnerable to a heap buffer overflow. This occurs whenever 'perm' contains negative elements. The shape inference function does not validate that the indices in 'perm' are all valid. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9\nhttps://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14", - "cve": "CVE-2021-41216", - "id": "pyup.io-55629", - "more_info_path": "/vulnerabilities/CVE-2021-41216/55629", + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41210: In affected versions, the shape inference functions for 'SparseCountSparseOutput' can trigger a read outside of bounds of heap allocated array. The fix is included in TensorFlow 2.7.0.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc\r\nhttps://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2", + "cve": "CVE-2021-41210", + "id": "pyup.io-55643", + "more_info_path": "/vulnerabilities/CVE-2021-41210/55643", "specs": [ "<2.4.4", ">=2.5.0rc0,<2.5.2", @@ -159601,6 +160077,42 @@ ], "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" }, + { + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 update its dependency 'curl' to v7.78.0 to handle CVE-2021-22922.", + "cve": "CVE-2021-22922", + "id": "pyup.io-55611", + "more_info_path": "/vulnerabilities/CVE-2021-22922/55611", + "specs": [ + "<2.4.4", + ">=2.5.0rc0,<2.5.2", + ">=2.6.0rc0,<2.6.1" + ], + "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" + }, + { + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41221: In affected versions, the shape inference code for the 'Cudnn*' operations can be tricked into accessing invalid memory via a heap buffer overflow. This occurs because the ranks of the 'input', 'input_h' and 'input_c' parameters are not validated, but code assumes they have certain values. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx\nhttps://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6", + "cve": "CVE-2021-41221", + "id": "pyup.io-55639", + "more_info_path": "/vulnerabilities/CVE-2021-41221/55639", + "specs": [ + "<2.4.4", + ">=2.5.0rc0,<2.5.2", + ">=2.6.0rc0,<2.6.1" + ], + "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" + }, + { + "advisory": "Tensorflow-cpu versions 2.4.4, 2.5.2 and 2.6.1 include a fix for CVE-2021-41219: In affected versions, the code for sparse matrix multiplication is vulnerable to undefined behavior via binding a reference to 'nullptr'. This occurs whenever the dimensions of 'a' or 'b' are 0 or less. In the case on one of these is 0, an empty output tensor should be allocated (to conserve the invariant that output tensors are always allocated when the operation is successful) but nothing should be written to it (that is, it should return early from the kernel implementation). Otherwise, attempts to write to this empty tensor would result in heap OOB access. The fix is included in TensorFlow 2.7.0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x\nhttps://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae", + "cve": "CVE-2021-41219", + "id": "pyup.io-55626", + "more_info_path": "/vulnerabilities/CVE-2021-41219/55626", + "specs": [ + "<2.4.4", + ">=2.5.0rc0,<2.5.2", + ">=2.6.0rc0,<2.6.1" + ], + "v": "<2.4.4,>=2.5.0rc0,<2.5.2,>=2.6.0rc0,<2.6.1" + }, { "advisory": "Affected versions of Tensorflow-Cpu allow tensors to have a large number of dimensions and each dimension can be as large as desired. However, the total number of elements in a tensor must fit within an 'int64_t'. If an overflow occurs, 'MultiplyWithoutOverflow' would return a negative result. In the majority of TensorFlow codebase this then results in a 'CHECK'-failure. Newer constructs exist which return a 'Status' instead of crashing the binary. This is a similar issue to CVE-2021-29584.", "cve": "CVE-2021-41197", @@ -159639,10 +160151,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23574", - "id": "pyup.io-55575", - "more_info_path": "/vulnerabilities/CVE-2022-23574/55575", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21737: The implementation of '*Bincount' operations allows malicious users to cause denial of service by passing in arguments which would trigger a 'CHECK'-fail. There are several conditions that the input arguments must satisfy. Some are not caught during shape inference and others are not caught during kernel implementation. This results in 'CHECK' failures later when the output tensors get allocated.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7", + "cve": "CVE-2022-21737", + "id": "pyup.io-55574", + "more_info_path": "/vulnerabilities/CVE-2022-21737/55574", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159652,10 +160164,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21735: The implementation of 'FractionalMaxPool' can be made to crash a TensorFlow process via a division by 0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj", - "cve": "CVE-2022-21735", - "id": "pyup.io-55591", - "more_info_path": "/vulnerabilities/CVE-2022-21735/55591", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23566", + "id": "pyup.io-55600", + "more_info_path": "/vulnerabilities/CVE-2022-23566/55600", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159665,10 +160177,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23564: When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a 'CHECK' assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3", - "cve": "CVE-2022-23564", - "id": "pyup.io-55586", - "more_info_path": "/vulnerabilities/CVE-2022-23564/55586", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23587", + "id": "pyup.io-55589", + "more_info_path": "/vulnerabilities/CVE-2022-23587/55589", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159678,10 +160190,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21741: An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj", - "cve": "CVE-2022-21741", - "id": "pyup.io-55564", - "more_info_path": "/vulnerabilities/CVE-2022-21741/55564", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23573", + "id": "pyup.io-55570", + "more_info_path": "/vulnerabilities/CVE-2022-23573/55570", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159691,10 +160203,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., &decode)`, the `decode` value contains allocated buffers which can only be freed by calling `png::CommonFreeDecode(&decode)`. However, several error case in the function implementation invoke the `OP_REQUIRES` macro which immediately terminates the execution of the function, without allowing for the memory free to occur. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23585", - "id": "pyup.io-55567", - "more_info_path": "/vulnerabilities/CVE-2022-23585/55567", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23567: The implementations of 'Sparse*Cwise*' ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based denial of service) or 'CHECK'-fails when building new 'TensorShape' objects (so, assert failures based denial of service). There are missing some validation on the shapes of the input tensors as well as directly constructing a large 'TensorShape' with user-provided dimensions.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrx2-r989-2c43", + "cve": "CVE-2022-23567", + "id": "pyup.io-55579", + "more_info_path": "/vulnerabilities/CVE-2022-23567/55579", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159704,10 +160216,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21736: The implementation of 'SparseTensorSliceDataset' has an undefined behavior: under certain conditions, it can be made to dereference a 'nullptr' value. The 3 input arguments to 'SparseTensorSliceDataset' represent a sparse tensor. However, there are some preconditions that these arguments must satisfy, but these are not validated in the implementation.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9", - "cve": "CVE-2022-21736", - "id": "pyup.io-55562", - "more_info_path": "/vulnerabilities/CVE-2022-21736/55562", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23584", + "id": "pyup.io-55605", + "more_info_path": "/vulnerabilities/CVE-2022-23584/55605", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159717,10 +160229,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21734: The implementation of 'MapStage' is vulnerable to a 'CHECK'-fail if the key tensor is not a scalar.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gcvh-66ff-4mwm", - "cve": "CVE-2022-21734", - "id": "pyup.io-55566", - "more_info_path": "/vulnerabilities/CVE-2022-21734/55566", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23580: During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7", + "cve": "CVE-2022-23580", + "id": "pyup.io-55595", + "more_info_path": "/vulnerabilities/CVE-2022-23580/55595", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159730,10 +160242,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23557: An attacker can craft a TFLite model that would trigger a division by zero in 'BiasAndClamp' implementation. There is no check that the 'bias_size' is non zero.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v", - "cve": "CVE-2022-23557", - "id": "pyup.io-55592", - "more_info_path": "/vulnerabilities/CVE-2022-23557/55592", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23558: An attacker can craft a TFLite model that would cause an integer overflow in 'TfLiteIntArrayCreate'. The 'TfLiteIntArrayGetSizeInBytes' returns an 'int' instead of a 'size_t'. An attacker can control model inputs such that 'computed_size' overflows the size of 'int' datatype.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9gwq-6cwj-47h3", + "cve": "CVE-2022-23558", + "id": "pyup.io-55578", + "more_info_path": "/vulnerabilities/CVE-2022-23558/55578", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159743,10 +160255,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23558: An attacker can craft a TFLite model that would cause an integer overflow in 'TfLiteIntArrayCreate'. The 'TfLiteIntArrayGetSizeInBytes' returns an 'int' instead of a 'size_t'. An attacker can control model inputs such that 'computed_size' overflows the size of 'int' datatype.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9gwq-6cwj-47h3", - "cve": "CVE-2022-23558", - "id": "pyup.io-55578", - "more_info_path": "/vulnerabilities/CVE-2022-23558/55578", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23562: The implementation of 'Range' suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr", + "cve": "CVE-2022-23562", + "id": "pyup.io-55602", + "more_info_path": "/vulnerabilities/CVE-2022-23562/55602", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159756,10 +160268,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateOutputSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number of dimensions in `output_shape.dim()` or just a small number of dimensions being large enough to cause an overflow in the multiplication. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23576", - "id": "pyup.io-55568", - "more_info_path": "/vulnerabilities/CVE-2022-23576/55568", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21728: The implementation of shape inference for 'ReverseSequence' does not fully validate the value of 'batch_dim' and can result in a heap OOB read. There is a check to make sure the value of 'batch_dim' does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of 'Dim' would access elements before the start of an array.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gmv-pjp9-p8w8", + "cve": "CVE-2022-21728", + "id": "pyup.io-55559", + "more_info_path": "/vulnerabilities/CVE-2022-21728/55559", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159769,10 +160281,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23565: An attacker can trigger denial of service via assertion failure by altering a 'SavedModel' on disk such that 'AttrDef's of some operation are duplicated.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx", - "cve": "CVE-2022-23565", - "id": "pyup.io-55594", - "more_info_path": "/vulnerabilities/CVE-2022-23565/55594", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21739: The implementation of 'QuantizedMaxPool' has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5", + "cve": "CVE-2022-21739", + "id": "pyup.io-55580", + "more_info_path": "/vulnerabilities/CVE-2022-21739/55580", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159782,10 +160294,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23579: The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a 'SavedModel' such that 'SafeToRemoveIdentity' would trigger 'CHECK' failures.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5f2r-qp73-37mr", - "cve": "CVE-2022-23579", - "id": "pyup.io-55601", - "more_info_path": "/vulnerabilities/CVE-2022-23579/55601", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23561: An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c78-vcq7-7vxq", + "cve": "CVE-2022-23561", + "id": "pyup.io-55608", + "more_info_path": "/vulnerabilities/CVE-2022-23561/55608", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159795,10 +160307,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23559: An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both 'embedding_size' and 'lookup_size' are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5", - "cve": "CVE-2022-23559", - "id": "pyup.io-55581", - "more_info_path": "/vulnerabilities/CVE-2022-23559/55581", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23568: The implementation of 'AddManySparseToTensorsMap' is vulnerable to an integer overflow which results in a 'CHECK'-fail when building new 'TensorShape' objects (so, an assert failure based denial of service). There are missing some validation on the shapes of the input tensors as well as directly constructing a large 'TensorShape' with user-provided dimensions.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6445-fm66-fvq2", + "cve": "CVE-2022-23568", + "id": "pyup.io-55558", + "more_info_path": "/vulnerabilities/CVE-2022-23568/55558", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159808,10 +160320,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21727: The implementation of shape inference for 'Dequantize' is vulnerable to an integer overflow weakness. The 'axis' argument can be '-1' (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes 'axis + 1', an attacker can trigger an integer overflow.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-c6fh-56w7-fvjw", - "cve": "CVE-2022-21727", - "id": "pyup.io-55584", - "more_info_path": "/vulnerabilities/CVE-2022-21727/55584", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21726: The implementation of 'Dequantize' does not fully validate the value of 'axis' and can result in heap OOB accesses. The 'axis' argument can be '-1' (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-23hm-7w47-xw72", + "cve": "CVE-2022-21726", + "id": "pyup.io-55607", + "more_info_path": "/vulnerabilities/CVE-2022-21726/55607", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159821,10 +160333,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23570", - "id": "pyup.io-55565", - "more_info_path": "/vulnerabilities/CVE-2022-23570/55565", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23560: An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v", + "cve": "CVE-2022-23560", + "id": "pyup.io-55588", + "more_info_path": "/vulnerabilities/CVE-2022-23560/55588", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159834,10 +160346,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the 'DCHECK' function however, 'DCHECK' is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the 'ValueOrDie' line. This results in an assertion failure as 'ret' contains an error 'Status', not a value. In the second case we also get a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23572", - "id": "pyup.io-55593", - "more_info_path": "/vulnerabilities/CVE-2022-23572/55593", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23557: An attacker can craft a TFLite model that would trigger a division by zero in 'BiasAndClamp' implementation. There is no check that the 'bias_size' is non zero.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf2j-f278-xh4v", + "cve": "CVE-2022-23557", + "id": "pyup.io-55592", + "more_info_path": "/vulnerabilities/CVE-2022-23557/55592", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159847,10 +160359,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23562: The implementation of 'Range' suffers from integer overflows. These can trigger undefined behavior or, in some scenarios, extremely large allocations.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qx3f-p745-w4hr", - "cve": "CVE-2022-23562", - "id": "pyup.io-55602", - "more_info_path": "/vulnerabilities/CVE-2022-23562/55602", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. The 'GraphDef' format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a 'GraphDef' containing a fragment such as the following can be consumed when loading a 'SavedModel'. This would result in a stack overflow during execution as resolving each 'NodeDef' means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23591", + "id": "pyup.io-55597", + "more_info_path": "/vulnerabilities/CVE-2022-23591/55597", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159860,10 +160372,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21728: The implementation of shape inference for 'ReverseSequence' does not fully validate the value of 'batch_dim' and can result in a heap OOB read. There is a check to make sure the value of 'batch_dim' does not go over the rank of the input, but there is no check for negative values. Negative dimensions are allowed in some cases to mimic Python's negative indexing (i.e., indexing from the end of the array), however if the value is too negative then the implementation of 'Dim' would access elements before the start of an array.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gmv-pjp9-p8w8", - "cve": "CVE-2022-21728", - "id": "pyup.io-55559", - "more_info_path": "/vulnerabilities/CVE-2022-21728/55559", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21731: The implementation of shape inference for 'ConcatV2' can be used to trigger a denial of service attack via a segfault caused by a type confusion. The 'axis' argument is translated into 'concat_dim' in the 'ConcatShapeHelper' helper function. Then, a value for 'min_rank' is computed based on 'concat_dim'. This is then used to validate that the 'values' tensor has at least the required rank. However, 'WithRankAtLeast' receives the lower bound as a 64-bits value and then compares it against the maximum 32-bits integer value that could be represented. Due to the fact that 'min_rank' is a 32-bits value and the value of 'axis', the 'rank' argument is a negative value, so the error check is bypassed.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m4hf-j54p-p353", + "cve": "CVE-2022-21731", + "id": "pyup.io-55609", + "more_info_path": "/vulnerabilities/CVE-2022-21731/55609", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159873,10 +160385,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21732: The implementation of 'ThreadPoolHandle' can be used to trigger a denial of service attack by allocating too much memory. This is because the 'num_threads' argument is only checked to not be negative, but there is no upper bound on its value.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq", - "cve": "CVE-2022-21732", - "id": "pyup.io-55598", - "more_info_path": "/vulnerabilities/CVE-2022-21732/55598", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23589", + "id": "pyup.io-55572", + "more_info_path": "/vulnerabilities/CVE-2022-23589/55572", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159886,10 +160398,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. The 'GraphDef' format in TensorFlow does not allow self recursive functions. The runtime assumes that this invariant is satisfied. However, a 'GraphDef' containing a fragment such as the following can be consumed when loading a 'SavedModel'. This would result in a stack overflow during execution as resolving each 'NodeDef' means resolving the function itself and its nodes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23591", - "id": "pyup.io-55597", - "more_info_path": "/vulnerabilities/CVE-2022-23591/55597", + "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23563: In multiple places, TensorFlow uses 'tempfile.mktemp' to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in 'mktemp' and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness). In several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the 'mktemp' function usage. It was replaced 'mktemp' with the safer 'mkstemp'/'mkdtemp' functions, according to the usage pattern.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm", + "cve": "CVE-2022-23563", + "id": "pyup.io-55560", + "more_info_path": "/vulnerabilities/CVE-2022-23563/55560", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159899,10 +160411,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23577", - "id": "pyup.io-55596", - "more_info_path": "/vulnerabilities/CVE-2022-23577/55596", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23581: The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a 'SavedModel' such that 'IsSimplifiableReshape' would trigger 'CHECK' failures.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c", + "cve": "CVE-2022-23581", + "id": "pyup.io-55573", + "more_info_path": "/vulnerabilities/CVE-2022-23581/55573", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159912,10 +160424,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item->kernel` to `nullptr` but it is a simple `OpKernel*` pointer so the memory that was previously allocated to it would leak. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23578", - "id": "pyup.io-55571", - "more_info_path": "/vulnerabilities/CVE-2022-23578/55571", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling `png::CommonInitDecode(..., &decode)`, the `decode` value contains allocated buffers which can only be freed by calling `png::CommonFreeDecode(&decode)`. However, several error case in the function implementation invoke the `OP_REQUIRES` macro which immediately terminates the execution of the function, without allowing for the memory free to occur. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23585", + "id": "pyup.io-55567", + "more_info_path": "/vulnerabilities/CVE-2022-23585/55567", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159925,10 +160437,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21737: The implementation of '*Bincount' operations allows malicious users to cause denial of service by passing in arguments which would trigger a 'CHECK'-fail. There are several conditions that the input arguments must satisfy. Some are not caught during shape inference and others are not caught during kernel implementation. This results in 'CHECK' failures later when the output tensors get allocated.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2vv-v9cg-qhh7", - "cve": "CVE-2022-21737", - "id": "pyup.io-55574", - "more_info_path": "/vulnerabilities/CVE-2022-21737/55574", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21733: The implementation of 'StringNGrams' can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. There is missing a validation on 'pad_witdh' and that result in computing a negative value for 'ngram_width' which is later used to allocate parts of the output.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-98j8-c9q4-r38g", + "cve": "CVE-2022-21733", + "id": "pyup.io-55587", + "more_info_path": "/vulnerabilities/CVE-2022-21733/55587", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159938,10 +160450,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23586", - "id": "pyup.io-55583", - "more_info_path": "/vulnerabilities/CVE-2022-23586/55583", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23595: When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so 'flr->config_proto' is 'nullptr'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx", + "cve": "CVE-2022-23595", + "id": "pyup.io-55563", + "more_info_path": "/vulnerabilities/CVE-2022-23595/55563", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159951,10 +160463,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21739: The implementation of 'QuantizedMaxPool' has an undefined behavior where user controlled inputs can trigger a reference binding to null pointer.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3mw4-6rj6-74g5", - "cve": "CVE-2022-21739", - "id": "pyup.io-55580", - "more_info_path": "/vulnerabilities/CVE-2022-21739/55580", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a reference `dtype`. This would result in a crash due to a `CHECK`-fail in the `Tensor` constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23588", + "id": "pyup.io-55604", + "more_info_path": "/vulnerabilities/CVE-2022-23588/55604", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159964,10 +160476,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23561: An attacker can craft a TFLite model that would cause a write outside of bounds of an array in TFLite. In fact, the attacker can override the linked list used by the memory allocator. This can be leveraged for an arbitrary write primitive under certain conditions.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c78-vcq7-7vxq", - "cve": "CVE-2022-23561", - "id": "pyup.io-55608", - "more_info_path": "/vulnerabilities/CVE-2022-23561/55608", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21725: The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f", + "cve": "CVE-2022-21725", + "id": "pyup.io-55590", + "more_info_path": "/vulnerabilities/CVE-2022-21725/55590", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159977,10 +160489,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23575", - "id": "pyup.io-55577", - "more_info_path": "/vulnerabilities/CVE-2022-23575/55577", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments, if the tensors have an invalid `dtype` and 0 elements or an invalid shape. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23571", + "id": "pyup.io-55585", + "more_info_path": "/vulnerabilities/CVE-2022-23571/55585", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -159990,10 +160502,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23568: The implementation of 'AddManySparseToTensorsMap' is vulnerable to an integer overflow which results in a 'CHECK'-fail when building new 'TensorShape' objects (so, an assert failure based denial of service). There are missing some validation on the shapes of the input tensors as well as directly constructing a large 'TensorShape' with user-provided dimensions.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6445-fm66-fvq2", - "cve": "CVE-2022-23568", - "id": "pyup.io-55558", - "more_info_path": "/vulnerabilities/CVE-2022-23568/55558", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23565: An attacker can trigger denial of service via assertion failure by altering a 'SavedModel' on disk such that 'AttrDef's of some operation are duplicated.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4v5p-v5h9-6xjx", + "cve": "CVE-2022-23565", + "id": "pyup.io-55594", + "more_info_path": "/vulnerabilities/CVE-2022-23565/55594", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160003,10 +160515,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21726: The implementation of 'Dequantize' does not fully validate the value of 'axis' and can result in heap OOB accesses. The 'axis' argument can be '-1' (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked and this results in reading past the end of the array containing the dimensions of the input tensor.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-23hm-7w47-xw72", - "cve": "CVE-2022-21726", - "id": "pyup.io-55607", - "more_info_path": "/vulnerabilities/CVE-2022-21726/55607", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, TensorFlow might do a null-dereference if attributes of some mutable arguments to some operations are missing from the proto. This is guarded by a `DCHECK`. However, `DCHECK` is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the dereferencing of the null pointer, whereas in the second case it results in a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23570", + "id": "pyup.io-55565", + "more_info_path": "/vulnerabilities/CVE-2022-23570/55565", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160016,10 +160528,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. The implementation of `AssignOp` can result in copying uninitialized data to a new tensor. This later results in undefined behavior. The implementation has a check that the left hand side of the assignment is initialized (to minimize number of allocations), but does not check that the right hand side is also initialized. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23573", - "id": "pyup.io-55570", - "more_info_path": "/vulnerabilities/CVE-2022-23573/55570", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateTensorSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve a tensor with large enough number of elements. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23575", + "id": "pyup.io-55577", + "more_info_path": "/vulnerabilities/CVE-2022-23575/55577", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160029,10 +160541,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21740: The implementation of 'SparseCountSparseOutput' is vulnerable to a heap overflow.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r", - "cve": "CVE-2022-21740", - "id": "pyup.io-55599", - "more_info_path": "/vulnerabilities/CVE-2022-21740/55599", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21727: The implementation of shape inference for 'Dequantize' is vulnerable to an integer overflow weakness. The 'axis' argument can be '-1' (the default value for the optional argument) or any other positive value at most the number of dimensions of the input. Unfortunately, the upper bound is not checked, and, since the code computes 'axis + 1', an attacker can trigger an integer overflow.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-c6fh-56w7-fvjw", + "cve": "CVE-2022-21727", + "id": "pyup.io-55584", + "more_info_path": "/vulnerabilities/CVE-2022-21727/55584", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160042,10 +160554,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23567: The implementations of 'Sparse*Cwise*' ops are vulnerable to integer overflows. These can be used to trigger large allocations (so, OOM based denial of service) or 'CHECK'-fails when building new 'TensorShape' objects (so, assert failures based denial of service). There are missing some validation on the shapes of the input tensors as well as directly constructing a large 'TensorShape' with user-provided dimensions.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rrx2-r989-2c43", - "cve": "CVE-2022-23567", - "id": "pyup.io-55579", - "more_info_path": "/vulnerabilities/CVE-2022-23567/55579", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21732: The implementation of 'ThreadPoolHandle' can be used to trigger a denial of service attack by allocating too much memory. This is because the 'num_threads' argument is only checked to not be negative, but there is no upper bound on its value.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-c582-c96p-r5cq", + "cve": "CVE-2022-21732", + "id": "pyup.io-55598", + "more_info_path": "/vulnerabilities/CVE-2022-21732/55598", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160055,10 +160567,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. TensorFlow is vulnerable to a heap OOB write in `Grappler`. The `set_output` function writes to an array at the specified index. Hence, this gives a malicious user a write primitive. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23566", - "id": "pyup.io-55600", - "more_info_path": "/vulnerabilities/CVE-2022-23566/55600", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. Under certain scenarios, TensorFlow can fail to specialize a type during shape inference. This case is covered by the 'DCHECK' function however, 'DCHECK' is a no-op in production builds and an assertion failure in debug builds. In the first case execution proceeds to the 'ValueOrDie' line. This results in an assertion failure as 'ret' contains an error 'Status', not a value. In the second case we also get a crash due to the assertion failure. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23572", + "id": "pyup.io-55593", + "more_info_path": "/vulnerabilities/CVE-2022-23572/55593", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160068,10 +160580,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After `png::CommonFreeDecode(&decode)` gets called, the values of `decode.width` and `decode.height` are in an unspecified state. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23584", - "id": "pyup.io-55605", - "more_info_path": "/vulnerabilities/CVE-2022-23584/55605", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23579: The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a 'SavedModel' such that 'SafeToRemoveIdentity' would trigger 'CHECK' failures.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5f2r-qp73-37mr", + "cve": "CVE-2022-23579", + "id": "pyup.io-55601", + "more_info_path": "/vulnerabilities/CVE-2022-23579/55601", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160081,10 +160593,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23560: An attacker can craft a TFLite model that would allow limited reads and writes outside of arrays in TFLite. This exploits missing validation in the conversion from sparse tensors to dense tensors.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvf-hxvg-f67v", - "cve": "CVE-2022-23560", - "id": "pyup.io-55588", - "more_info_path": "/vulnerabilities/CVE-2022-23560/55588", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. The implementation of `GetInitOp` is vulnerable to a crash caused by dereferencing a null pointer. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23577", + "id": "pyup.io-55596", + "more_info_path": "/vulnerabilities/CVE-2022-23577/55596", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160094,10 +160606,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23580: During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-627q-g293-49q7", - "cve": "CVE-2022-23580", - "id": "pyup.io-55595", - "more_info_path": "/vulnerabilities/CVE-2022-23580/55595", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21740: The implementation of 'SparseCountSparseOutput' is vulnerable to a heap overflow.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-44qp-9wwf-734r", + "cve": "CVE-2022-21740", + "id": "pyup.io-55599", + "more_info_path": "/vulnerabilities/CVE-2022-21740/55599", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160120,10 +160632,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23569: Multiple operations in TensorFlow can be used to trigger a denial of service via 'CHECK'-fails (i.e., assertion failures). This is similar to CVE-2021-41197 and has a similar fix. It is possible that other similar instances exist.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh", - "cve": "CVE-2022-23569", - "id": "pyup.io-55576", - "more_info_path": "/vulnerabilities/CVE-2022-23569/55576", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. The implementation of `OpLevelCostEstimator::CalculateOutputSize` is vulnerable to an integer overflow if an attacker can create an operation which would involve tensors with large enough number of elements. We can have a large enough number of dimensions in `output_shape.dim()` or just a small number of dimensions being large enough to cause an overflow in the multiplication. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23576", + "id": "pyup.io-55568", + "more_info_path": "/vulnerabilities/CVE-2022-23576/55568", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160133,10 +160645,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21729: The implementation of 'UnravelIndex' is vulnerable to a division by zero caused by an integer overflow bug.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-34f9-hjfq-rr8j", - "cve": "CVE-2022-21729", - "id": "pyup.io-55582", - "more_info_path": "/vulnerabilities/CVE-2022-21729/55582", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23569: Multiple operations in TensorFlow can be used to trigger a denial of service via 'CHECK'-fails (i.e., assertion failures). This is similar to CVE-2021-41197 and has a similar fix. It is possible that other similar instances exist.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qj5r-f9mv-rffh", + "cve": "CVE-2022-23569", + "id": "pyup.io-55576", + "more_info_path": "/vulnerabilities/CVE-2022-23569/55576", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160146,10 +160658,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21731: The implementation of shape inference for 'ConcatV2' can be used to trigger a denial of service attack via a segfault caused by a type confusion. The 'axis' argument is translated into 'concat_dim' in the 'ConcatShapeHelper' helper function. Then, a value for 'min_rank' is computed based on 'concat_dim'. This is then used to validate that the 'values' tensor has at least the required rank. However, 'WithRankAtLeast' receives the lower bound as a 64-bits value and then compares it against the maximum 32-bits integer value that could be represented. Due to the fact that 'min_rank' is a 32-bits value and the value of 'axis', the 'rank' argument is a negative value, so the error check is bypassed.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m4hf-j54p-p353", - "cve": "CVE-2022-21731", - "id": "pyup.io-55609", - "more_info_path": "/vulnerabilities/CVE-2022-21731/55609", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23582: A malicious user can cause a denial of service by altering a 'SavedModel' such that 'TensorByteSize' would trigger 'CHECK' failures. 'TensorShape' constructor throws a 'CHECK'-fail if shape is partial or has a number of elements that would overflow the size of an 'int'. The 'PartialTensorShape' constructor instead does not cause a 'CHECK'-abort if the shape is partial, which is exactly what this function needs to be able to return '-1'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4j82-5ccr-4r8v", + "cve": "CVE-2022-23582", + "id": "pyup.io-55606", + "more_info_path": "/vulnerabilities/CVE-2022-23582/55606", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160159,10 +160671,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23582: A malicious user can cause a denial of service by altering a 'SavedModel' such that 'TensorByteSize' would trigger 'CHECK' failures. 'TensorShape' constructor throws a 'CHECK'-fail if shape is partial or has a number of elements that would overflow the size of an 'int'. The 'PartialTensorShape' constructor instead does not cause a 'CHECK'-abort if the shape is partial, which is exactly what this function needs to be able to return '-1'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4j82-5ccr-4r8v", - "cve": "CVE-2022-23582", - "id": "pyup.io-55606", - "more_info_path": "/vulnerabilities/CVE-2022-23582/55606", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. There is a typo in TensorFlow's `SpecializeType` which results in heap OOB read/write. Due to a typo, `arg` is initialized to the `i`th mutable argument in a loop where the loop index is `j`. Hence it is possible to assign to `arg` from outside the vector of arguments. Since this is a mutable proto value, it allows both read and write to outside of bounds data. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, and TensorFlow 2.6.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23574", + "id": "pyup.io-55575", + "more_info_path": "/vulnerabilities/CVE-2022-23574/55575", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160172,10 +160684,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21733: The implementation of 'StringNGrams' can be used to trigger a denial of service attack by causing an out of memory condition after an integer overflow. There is missing a validation on 'pad_witdh' and that result in computing a negative value for 'ngram_width' which is later used to allocate parts of the output.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-98j8-c9q4-r38g", - "cve": "CVE-2022-21733", - "id": "pyup.io-55587", - "more_info_path": "/vulnerabilities/CVE-2022-21733/55587", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21738: The implementation of 'SparseCountSparseOutput' can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6", + "cve": "CVE-2022-21738", + "id": "pyup.io-55603", + "more_info_path": "/vulnerabilities/CVE-2022-21738/55603", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160185,10 +160697,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23595: When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so 'flr->config_proto' is 'nullptr'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fpcp-9h7m-ffpx", - "cve": "CVE-2022-23595", - "id": "pyup.io-55563", - "more_info_path": "/vulnerabilities/CVE-2022-23595/55563", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23564: When decoding a resource handle tensor from protobuf, a TensorFlow process can encounter cases where a 'CHECK' assertion is invalidated based on user controlled arguments. This allows attackers to cause denial of services in TensorFlow processes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rcj-c8pj-v3m3", + "cve": "CVE-2022-23564", + "id": "pyup.io-55586", + "more_info_path": "/vulnerabilities/CVE-2022-23564/55586", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160198,10 +160710,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that Grappler optimizer would attempt to build a tensor using a reference `dtype`. This would result in a crash due to a `CHECK`-fail in the `Tensor` constructor as reference types are not allowed. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23588", - "id": "pyup.io-55604", - "more_info_path": "/vulnerabilities/CVE-2022-23588/55604", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23559: An attacker can craft a TFLite model that would cause an integer overflow in embedding lookup operations. Both 'embedding_size' and 'lookup_size' are products of values provided by the user. Hence, a malicious user could trigger overflows in the multiplication. In certain scenarios, this can then result in heap OOB read/write.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-98p5-x8x4-c9m5", + "cve": "CVE-2022-23559", + "id": "pyup.io-55581", + "more_info_path": "/vulnerabilities/CVE-2022-23559/55581", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160211,10 +160723,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21725: The estimator for the cost of some convolution operations can be made to execute a division by 0. The function fails to check that the stride argument is strictly positive. Hence, the fix is to add a check for the stride argument to ensure it is valid.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v3f7-j968-4h5f", - "cve": "CVE-2022-21725", - "id": "pyup.io-55590", - "more_info_path": "/vulnerabilities/CVE-2022-21725/55590", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the implementation of `ImmutableExecutorState::Initialize`. Here, we set `item->kernel` to `nullptr` but it is a simple `OpKernel*` pointer so the memory that was previously allocated to it would leak. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23578", + "id": "pyup.io-55571", + "more_info_path": "/vulnerabilities/CVE-2022-23578/55571", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160224,10 +160736,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow can trigger a null pointer dereference. There are 2 places where this can occur, for the same malicious alteration of a `SavedModel` file (fixing the first one would trigger the same dereference in the second place). First, during constant folding, the `GraphDef` might not have the required nodes for the binary operation. If a node is missing, the correposning `mul_*child` would be null, and the dereference in the subsequent line would be incorrect. We have a similar issue during `IsIdentityConsumingSwitch`. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23589", - "id": "pyup.io-55572", - "more_info_path": "/vulnerabilities/CVE-2022-23589/55572", + "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a `SavedModel` such that assertions in `function.cc` would be falsified and crash the Python interpreter. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23586", + "id": "pyup.io-55583", + "more_info_path": "/vulnerabilities/CVE-2022-23586/55583", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160237,10 +160749,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a 'SavedModel' such that any binary op would trigger 'CHECK' failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the 'dtype' no longer matches the 'dtype' expected by the op. In that case, calling the templated binary operator for the binary op would receive corrupted data, due to the type confusion involved. If 'Tin' and 'Tout' don't match the type of data in 'out' and 'input_*' tensors then 'flat<*>' would interpret it wrongly. In most cases, this would be a silent failure, but we have noticed scenarios where this results in a 'CHECK' crash, hence a denial of service. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23583", - "id": "pyup.io-55569", - "more_info_path": "/vulnerabilities/CVE-2022-23583/55569", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21736: The implementation of 'SparseTensorSliceDataset' has an undefined behavior: under certain conditions, it can be made to dereference a 'nullptr' value. The 3 input arguments to 'SparseTensorSliceDataset' represent a sparse tensor. However, there are some preconditions that these arguments must satisfy, but these are not validated in the implementation.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pfjj-m3jj-9jc9", + "cve": "CVE-2022-21736", + "id": "pyup.io-55562", + "more_info_path": "/vulnerabilities/CVE-2022-21736/55562", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160250,10 +160762,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. When decoding a tensor from protobuf, a TensorFlow process can encounter cases where a `CHECK` assertion is invalidated based on user controlled arguments, if the tensors have an invalid `dtype` and 0 elements or an invalid shape. This allows attackers to cause denial of services in TensorFlow processes. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23571", - "id": "pyup.io-55585", - "more_info_path": "/vulnerabilities/CVE-2022-23571/55585", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21734: The implementation of 'MapStage' is vulnerable to a 'CHECK'-fail if the key tensor is not a scalar.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gcvh-66ff-4mwm", + "cve": "CVE-2022-21734", + "id": "pyup.io-55566", + "more_info_path": "/vulnerabilities/CVE-2022-21734/55566", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160263,10 +160775,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23563: In multiple places, TensorFlow uses 'tempfile.mktemp' to create temporary files. While this is acceptable in testing, in utilities and libraries it is dangerous as a different process can create the file between the check for the filename in 'mktemp' and the actual creation of the file by a subsequent operation (a TOC/TOU type of weakness). In several instances, TensorFlow was supposed to actually create a temporary directory instead of a file. This logic bug is hidden away by the 'mktemp' function usage. It was replaced 'mktemp' with the safer 'mkstemp'/'mkdtemp' functions, according to the usage pattern.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wc4g-r73w-x8mm", - "cve": "CVE-2022-23563", - "id": "pyup.io-55560", - "more_info_path": "/vulnerabilities/CVE-2022-23563/55560", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21729: The implementation of 'UnravelIndex' is vulnerable to a division by zero caused by an integer overflow bug.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-34f9-hjfq-rr8j", + "cve": "CVE-2022-21729", + "id": "pyup.io-55582", + "more_info_path": "/vulnerabilities/CVE-2022-21729/55582", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160276,10 +160788,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu is an Open Source Machine Learning Framework. Under certain scenarios, Grappler component of TensorFlow is vulnerable to an integer overflow during cost estimation for crop and resize. Since the cropping parameters are user controlled, a malicious person can trigger undefined behavior. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", - "cve": "CVE-2022-23587", - "id": "pyup.io-55589", - "more_info_path": "/vulnerabilities/CVE-2022-23587/55589", + "advisory": "Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a denial of service by altering a 'SavedModel' such that any binary op would trigger 'CHECK' failures. This occurs when the protobuf part corresponding to the tensor arguments is modified such that the 'dtype' no longer matches the 'dtype' expected by the op. In that case, calling the templated binary operator for the binary op would receive corrupted data, due to the type confusion involved. If 'Tin' and 'Tout' don't match the type of data in 'out' and 'input_*' tensors then 'flat<*>' would interpret it wrongly. In most cases, this would be a silent failure, but we have noticed scenarios where this results in a 'CHECK' crash, hence a denial of service. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.", + "cve": "CVE-2022-23583", + "id": "pyup.io-55569", + "more_info_path": "/vulnerabilities/CVE-2022-23583/55569", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160289,10 +160801,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-23581: The Grappler optimizer in TensorFlow can be used to cause a denial of service by altering a 'SavedModel' such that 'IsSimplifiableReshape' would trigger 'CHECK' failures.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fq86-3f29-px2c", - "cve": "CVE-2022-23581", - "id": "pyup.io-55573", - "more_info_path": "/vulnerabilities/CVE-2022-23581/55573", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21735: The implementation of 'FractionalMaxPool' can be made to crash a TensorFlow process via a division by 0.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-87v6-crgm-2gfj", + "cve": "CVE-2022-21735", + "id": "pyup.io-55591", + "more_info_path": "/vulnerabilities/CVE-2022-21735/55591", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160302,10 +160814,10 @@ "v": "<2.5.3,>=2.6.0a0,<2.6.3,>=2.7.0a0,<2.7.1,>=2.8.0a0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21738: The implementation of 'SparseCountSparseOutput' can be made to crash a TensorFlow process by an integer overflow whose result is then used in a memory allocation.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4qx-4fjv-hmw6", - "cve": "CVE-2022-21738", - "id": "pyup.io-55603", - "more_info_path": "/vulnerabilities/CVE-2022-21738/55603", + "advisory": "Tensorflow-cpu versions 2.5.3, 2.6.3, 2.7.1 and 2.8.0 include a fix for CVE-2022-21741: An attacker can craft a TFLite model that would trigger a division by zero in the implementation of depthwise convolutions. The parameters of the convolution can be user controlled and are also used within a division operation to determine the size of the padding that needs to be added before applying the convolution. There is no check before this division that the divisor is strictly positive.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-428x-9xc2-m8mj", + "cve": "CVE-2022-21741", + "id": "pyup.io-55564", + "more_info_path": "/vulnerabilities/CVE-2022-21741/55564", "specs": [ "<2.5.3", ">=2.6.0a0,<2.6.3", @@ -160352,10 +160864,10 @@ "v": "<2.5.3,>=2.6.0rc0,<2.6.3,>=2.7.0rc0,<2.7.1,>=2.8.0rc0,<2.8.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27780.", - "cve": "CVE-2022-27780", - "id": "pyup.io-55542", - "more_info_path": "/vulnerabilities/CVE-2022-27780/55542", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29191: Missing validation which causes denial of service via 'GetSessionTensor'.", + "cve": "CVE-2022-29191", + "id": "pyup.io-55549", + "more_info_path": "/vulnerabilities/CVE-2022-29191/55549", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160365,10 +160877,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29192: missing validation which crashes 'QuantizeAndDequantizeV4Grad'.", - "cve": "CVE-2022-29192", - "id": "pyup.io-55541", - "more_info_path": "/vulnerabilities/CVE-2022-29192/55541", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-22576.", + "cve": "CVE-2022-22576", + "id": "pyup.io-55546", + "more_info_path": "/vulnerabilities/CVE-2022-22576/55546", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160378,10 +160890,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29191: Missing validation which causes denial of service via 'GetSessionTensor'.", - "cve": "CVE-2022-29191", - "id": "pyup.io-55549", - "more_info_path": "/vulnerabilities/CVE-2022-29191/55549", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27774.", + "cve": "CVE-2022-27774", + "id": "pyup.io-55529", + "more_info_path": "/vulnerabilities/CVE-2022-27774/55529", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160391,10 +160903,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27775.", - "cve": "CVE-2022-27775", - "id": "pyup.io-55516", - "more_info_path": "/vulnerabilities/CVE-2022-27775/55516", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29204: Missing validation which causes denial of service via 'Conv3DBackpropFilterV2'.", + "cve": "CVE-2022-29204", + "id": "pyup.io-55539", + "more_info_path": "/vulnerabilities/CVE-2022-29204/55539", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160404,10 +160916,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29208: Segfault and OOB write due to incomplete validation in 'EditDistance'.", - "cve": "CVE-2022-29208", - "id": "pyup.io-55525", - "more_info_path": "/vulnerabilities/CVE-2022-29208/55525", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29197: Missing validation which causes denial of service via 'UnsortedSegmentJoin'.", + "cve": "CVE-2022-29197", + "id": "pyup.io-55524", + "more_info_path": "/vulnerabilities/CVE-2022-29197/55524", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160417,10 +160929,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29216: Code injection in 'saved_model_cli'.", - "cve": "CVE-2022-29216", - "id": "pyup.io-55517", - "more_info_path": "/vulnerabilities/CVE-2022-29216/55517", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29200: Missing validation which causes denial of service via 'LSTMBlockCell'.", + "cve": "CVE-2022-29200", + "id": "pyup.io-55520", + "more_info_path": "/vulnerabilities/CVE-2022-29200/55520", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160430,10 +160942,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29193: missing validation which causes 'TensorSummaryV2' to crash.", - "cve": "CVE-2022-29193", - "id": "pyup.io-55518", - "more_info_path": "/vulnerabilities/CVE-2022-29193/55518", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27780.", + "cve": "CVE-2022-27780", + "id": "pyup.io-55542", + "more_info_path": "/vulnerabilities/CVE-2022-27780/55542", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160443,10 +160955,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29194: Missing validation which causes denial of service via 'DeleteSessionTensor'.", - "cve": "CVE-2022-29194", - "id": "pyup.io-55527", - "more_info_path": "/vulnerabilities/CVE-2022-29194/55527", + "advisory": "Affected versions of Tensorflow-Cpu are vulnerable to Denial of Service in the implementation of depthwise ops via CHECK-failure (assertion failure) caused by overflowing the number of elements in a tensor. This is another instance of TFSA-2021-198 (CVE-2021-41197).", + "cve": "PVE-2024-71511", + "id": "pyup.io-71516", + "more_info_path": "/vulnerabilities/PVE-2024-71511/71516", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160456,10 +160968,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Affected versions of Tensorflow-Cpu are vulnerable to Denial of Service in the implementation of depthwise ops via CHECK-failure (assertion failure) caused by overflowing the number of elements in a tensor. This is another instance of TFSA-2021-198 (CVE-2021-41197).", - "cve": "PVE-2024-71511", - "id": "pyup.io-71516", - "more_info_path": "/vulnerabilities/PVE-2024-71511/71516", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29202: Denial of service in 'tf.ragged.constant' due to lack of validation.", + "cve": "CVE-2022-29202", + "id": "pyup.io-55536", + "more_info_path": "/vulnerabilities/CVE-2022-29202/55536", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160469,10 +160981,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29202: Denial of service in 'tf.ragged.constant' due to lack of validation.", - "cve": "CVE-2022-29202", - "id": "pyup.io-55536", - "more_info_path": "/vulnerabilities/CVE-2022-29202/55536", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29201: Missing validation which results in undefined behavior in 'QuantizedConv2D'.", + "cve": "CVE-2022-29201", + "id": "pyup.io-55537", + "more_info_path": "/vulnerabilities/CVE-2022-29201/55537", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160482,10 +160994,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27782.", - "cve": "CVE-2022-27782", - "id": "pyup.io-55548", - "more_info_path": "/vulnerabilities/CVE-2022-27782/55548", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29198: Missing validation which causes denial of service via 'SparseTensorToCSRSparseMatrix'.", + "cve": "CVE-2022-29198", + "id": "pyup.io-55521", + "more_info_path": "/vulnerabilities/CVE-2022-29198/55521", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160495,10 +161007,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29206: Missing validation which results in undefined behavior in 'SparseTensorDenseAdd'.", - "cve": "CVE-2022-29206", - "id": "pyup.io-55538", - "more_info_path": "/vulnerabilities/CVE-2022-29206/55538", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29194: Missing validation which causes denial of service via 'DeleteSessionTensor'.", + "cve": "CVE-2022-29194", + "id": "pyup.io-55527", + "more_info_path": "/vulnerabilities/CVE-2022-29194/55527", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160508,10 +161020,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29201: Missing validation which results in undefined behavior in 'QuantizedConv2D'.", - "cve": "CVE-2022-29201", - "id": "pyup.io-55537", - "more_info_path": "/vulnerabilities/CVE-2022-29201/55537", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29213: Crashes stemming from incomplete validation in signal ops.", + "cve": "CVE-2022-29213", + "id": "pyup.io-55545", + "more_info_path": "/vulnerabilities/CVE-2022-29213/55545", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160521,10 +161033,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29199: Missing validation which causes denial of service via 'LoadAndRemapMatrix'.", - "cve": "CVE-2022-29199", - "id": "pyup.io-55544", - "more_info_path": "/vulnerabilities/CVE-2022-29199/55544", + "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29196: Missing validation which causes denial of service via 'Conv3DBackpropFilterV2'.", + "cve": "CVE-2022-29196", + "id": "pyup.io-55522", + "more_info_path": "/vulnerabilities/CVE-2022-29196/55522", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160534,10 +161046,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29195: Missing validation which causes denial of service via 'StagePeek'.", - "cve": "CVE-2022-29195", - "id": "pyup.io-55526", - "more_info_path": "/vulnerabilities/CVE-2022-29195/55526", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29193: missing validation which causes 'TensorSummaryV2' to crash.", + "cve": "CVE-2022-29193", + "id": "pyup.io-55518", + "more_info_path": "/vulnerabilities/CVE-2022-29193/55518", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160547,10 +161059,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29213: Crashes stemming from incomplete validation in signal ops.", - "cve": "CVE-2022-29213", - "id": "pyup.io-55545", - "more_info_path": "/vulnerabilities/CVE-2022-29213/55545", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29207: Issues arising from undefined behavior stemming from users supplying invalid resource handles.", + "cve": "CVE-2022-29207", + "id": "pyup.io-55523", + "more_info_path": "/vulnerabilities/CVE-2022-29207/55523", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160560,10 +161072,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29205: Segfault due to missing support for quantized types.", - "cve": "CVE-2022-29205", - "id": "pyup.io-55543", - "more_info_path": "/vulnerabilities/CVE-2022-29205/55543", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29209: Type confusion leading to 'CHECK'-failure based denial of service.", + "cve": "CVE-2022-29209", + "id": "pyup.io-55547", + "more_info_path": "/vulnerabilities/CVE-2022-29209/55547", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160573,10 +161085,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'zlib' to v1.2.12 to handle CVE-2018-25032.", - "cve": "CVE-2018-25032", - "id": "pyup.io-55534", - "more_info_path": "/vulnerabilities/CVE-2018-25032/55534", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29211: Segfault when 'tf.histogram_fixed_width' is called with NaN values.", + "cve": "CVE-2022-29211", + "id": "pyup.io-55540", + "more_info_path": "/vulnerabilities/CVE-2022-29211/55540", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160586,10 +161098,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29203: Integer overflow in 'SpaceToBatchND'.", - "cve": "CVE-2022-29203", - "id": "pyup.io-55535", - "more_info_path": "/vulnerabilities/CVE-2022-29203/55535", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27782.", + "cve": "CVE-2022-27782", + "id": "pyup.io-55548", + "more_info_path": "/vulnerabilities/CVE-2022-27782/55548", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160599,10 +161111,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29212: Core dump when loading TFLite models with quantization.", - "cve": "CVE-2022-29212", - "id": "pyup.io-55550", - "more_info_path": "/vulnerabilities/CVE-2022-29212/55550", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29206: Missing validation which results in undefined behavior in 'SparseTensorDenseAdd'.", + "cve": "CVE-2022-29206", + "id": "pyup.io-55538", + "more_info_path": "/vulnerabilities/CVE-2022-29206/55538", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160612,10 +161124,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29198: Missing validation which causes denial of service via 'SparseTensorToCSRSparseMatrix'.", - "cve": "CVE-2022-29198", - "id": "pyup.io-55521", - "more_info_path": "/vulnerabilities/CVE-2022-29198/55521", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29199: Missing validation which causes denial of service via 'LoadAndRemapMatrix'.", + "cve": "CVE-2022-29199", + "id": "pyup.io-55544", + "more_info_path": "/vulnerabilities/CVE-2022-29199/55544", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160625,10 +161137,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27781.", - "cve": "CVE-2022-27781", - "id": "pyup.io-55532", - "more_info_path": "/vulnerabilities/CVE-2022-27781/55532", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29205: Segfault due to missing support for quantized types.", + "cve": "CVE-2022-29205", + "id": "pyup.io-55543", + "more_info_path": "/vulnerabilities/CVE-2022-29205/55543", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160638,10 +161150,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29204: Missing validation which causes denial of service via 'Conv3DBackpropFilterV2'.", - "cve": "CVE-2022-29204", - "id": "pyup.io-55539", - "more_info_path": "/vulnerabilities/CVE-2022-29204/55539", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'zlib' to v1.2.12 to handle CVE-2018-25032.", + "cve": "CVE-2018-25032", + "id": "pyup.io-55534", + "more_info_path": "/vulnerabilities/CVE-2018-25032/55534", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160651,10 +161163,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27776.", - "cve": "CVE-2022-27776", - "id": "pyup.io-55519", - "more_info_path": "/vulnerabilities/CVE-2022-27776/55519", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29212: Core dump when loading TFLite models with quantization.", + "cve": "CVE-2022-29212", + "id": "pyup.io-55550", + "more_info_path": "/vulnerabilities/CVE-2022-29212/55550", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160664,10 +161176,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-22576.", - "cve": "CVE-2022-22576", - "id": "pyup.io-55546", - "more_info_path": "/vulnerabilities/CVE-2022-22576/55546", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27781.", + "cve": "CVE-2022-27781", + "id": "pyup.io-55532", + "more_info_path": "/vulnerabilities/CVE-2022-27781/55532", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160677,10 +161189,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29197: Missing validation which causes denial of service via 'UnsortedSegmentJoin'.", - "cve": "CVE-2022-29197", - "id": "pyup.io-55524", - "more_info_path": "/vulnerabilities/CVE-2022-29197/55524", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27776.", + "cve": "CVE-2022-27776", + "id": "pyup.io-55519", + "more_info_path": "/vulnerabilities/CVE-2022-27776/55519", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160690,10 +161202,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29200: Missing validation which causes denial of service via 'LSTMBlockCell'.", - "cve": "CVE-2022-29200", - "id": "pyup.io-55520", - "more_info_path": "/vulnerabilities/CVE-2022-29200/55520", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27775.", + "cve": "CVE-2022-27775", + "id": "pyup.io-55516", + "more_info_path": "/vulnerabilities/CVE-2022-27775/55516", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160703,10 +161215,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27774.", - "cve": "CVE-2022-27774", - "id": "pyup.io-55529", - "more_info_path": "/vulnerabilities/CVE-2022-27774/55529", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29208: Segfault and OOB write due to incomplete validation in 'EditDistance'.", + "cve": "CVE-2022-29208", + "id": "pyup.io-55525", + "more_info_path": "/vulnerabilities/CVE-2022-29208/55525", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160716,10 +161228,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-30115.", - "cve": "CVE-2022-30115", - "id": "pyup.io-55533", - "more_info_path": "/vulnerabilities/CVE-2022-30115/55533", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29203: Integer overflow in 'SpaceToBatchND'.", + "cve": "CVE-2022-29203", + "id": "pyup.io-55535", + "more_info_path": "/vulnerabilities/CVE-2022-29203/55535", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160729,10 +161241,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27778.", - "cve": "CVE-2022-27778", - "id": "pyup.io-55530", - "more_info_path": "/vulnerabilities/CVE-2022-27778/55530", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29192: missing validation which crashes 'QuantizeAndDequantizeV4Grad'.", + "cve": "CVE-2022-29192", + "id": "pyup.io-55541", + "more_info_path": "/vulnerabilities/CVE-2022-29192/55541", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160742,10 +161254,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27779.", - "cve": "CVE-2022-27779", - "id": "pyup.io-55531", - "more_info_path": "/vulnerabilities/CVE-2022-27779/55531", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29195: Missing validation which causes denial of service via 'StagePeek'.", + "cve": "CVE-2022-29195", + "id": "pyup.io-55526", + "more_info_path": "/vulnerabilities/CVE-2022-29195/55526", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160755,10 +161267,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29196: Missing validation which causes denial of service via 'Conv3DBackpropFilterV2'.", - "cve": "CVE-2022-29196", - "id": "pyup.io-55522", - "more_info_path": "/vulnerabilities/CVE-2022-29196/55522", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-30115.", + "cve": "CVE-2022-30115", + "id": "pyup.io-55533", + "more_info_path": "/vulnerabilities/CVE-2022-30115/55533", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160768,10 +161280,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29207: Issues arising from undefined behavior stemming from users supplying invalid resource handles.", - "cve": "CVE-2022-29207", - "id": "pyup.io-55523", - "more_info_path": "/vulnerabilities/CVE-2022-29207/55523", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27778.", + "cve": "CVE-2022-27778", + "id": "pyup.io-55530", + "more_info_path": "/vulnerabilities/CVE-2022-27778/55530", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160781,10 +161293,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29209: Type confusion leading to 'CHECK'-failure based denial of service.", - "cve": "CVE-2022-29209", - "id": "pyup.io-55547", - "more_info_path": "/vulnerabilities/CVE-2022-29209/55547", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 update 'curl' to v7.83.1 to handle CVE-2022-27779.", + "cve": "CVE-2022-27779", + "id": "pyup.io-55531", + "more_info_path": "/vulnerabilities/CVE-2022-27779/55531", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160794,10 +161306,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29211: Segfault when 'tf.histogram_fixed_width' is called with NaN values.", - "cve": "CVE-2022-29211", - "id": "pyup.io-55540", - "more_info_path": "/vulnerabilities/CVE-2022-29211/55540", + "advisory": "Tensorflow-cpu versions 2.6.4, 2.7.2, 2.8.1 and 2.9.0 include a fix for CVE-2022-29216: Code injection in 'saved_model_cli'.", + "cve": "CVE-2022-29216", + "id": "pyup.io-55517", + "more_info_path": "/vulnerabilities/CVE-2022-29216/55517", "specs": [ "<2.6.4", ">=2.7.0rc0,<2.7.2", @@ -160807,10 +161319,10 @@ "v": "<2.6.4,>=2.7.0rc0,<2.7.2,>=2.8.0rc0,<2.8.1,>=2.9.0rc0,<2.9.0" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36014: Null-dereference in 'mlir::tfg::TFOp::nameAttr'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7j3m-8g3c-9qqq", - "cve": "CVE-2022-36014", - "id": "pyup.io-55495", - "more_info_path": "/vulnerabilities/CVE-2022-36014/55495", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35996: Floating point exception in 'Conv2D'. \nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q5jv-m6qw-5g37", + "cve": "CVE-2022-35996", + "id": "pyup.io-55474", + "more_info_path": "/vulnerabilities/CVE-2022-35996/55474", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160819,10 +161331,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35982: Segfault in 'SparseBincount'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv", - "cve": "CVE-2022-35982", - "id": "pyup.io-55492", - "more_info_path": "/vulnerabilities/CVE-2022-35982/55492", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35967: Segfault in 'QuantizedAdd'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6h3-348g-6h5x", + "cve": "CVE-2022-35967", + "id": "pyup.io-55501", + "more_info_path": "/vulnerabilities/CVE-2022-35967/55501", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160831,10 +161343,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35998: 'CHECK' fail in 'EmptyTensorList'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhw4-wwr7-gjc5", - "cve": "CVE-2022-35998", - "id": "pyup.io-55479", - "more_info_path": "/vulnerabilities/CVE-2022-35998/55479", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36016: 'CHECK'-fail in 'tensorflow::full_type::SubstituteFromAttrs'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g468-qj8g-vcjc", + "cve": "CVE-2022-36016", + "id": "pyup.io-55497", + "more_info_path": "/vulnerabilities/CVE-2022-36016/55497", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160843,10 +161355,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35999: 'CHECK' fail in 'Conv2DBackpropInput'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-37jf-mjv6-xfqw", - "cve": "CVE-2022-35999", - "id": "pyup.io-55508", - "more_info_path": "/vulnerabilities/CVE-2022-35999/55508", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35939: OOB write in 'scatter_nd' op in TF Lite.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-ffjm-4qwc-7cmf", + "cve": "CVE-2022-35939", + "id": "pyup.io-55460", + "more_info_path": "/vulnerabilities/CVE-2022-35939/55460", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160855,10 +161367,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35979: Segfault in 'QuantizedRelu' and 'QuantizedRelu6'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v7vw-577f-vp8x", - "cve": "CVE-2022-35979", - "id": "pyup.io-55463", - "more_info_path": "/vulnerabilities/CVE-2022-35979/55463", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35997: 'CHECK' fail in 'tf.sparse.cross'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p7hr-f446-x6qf", + "cve": "CVE-2022-35997", + "id": "pyup.io-55478", + "more_info_path": "/vulnerabilities/CVE-2022-35997/55478", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160867,10 +161379,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36018: 'CHECK' fail in 'RaggedTensorToVariant'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6cv-4fmf-66xf", - "cve": "CVE-2022-36018", - "id": "pyup.io-55512", - "more_info_path": "/vulnerabilities/CVE-2022-36018/55512", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36011: Null dereference on MLIR on empty function attributes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fv43-93gv-vm8f", + "cve": "CVE-2022-36011", + "id": "pyup.io-55490", + "more_info_path": "/vulnerabilities/CVE-2022-36011/55490", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160879,10 +161391,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35996: Floating point exception in 'Conv2D'. \nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q5jv-m6qw-5g37", - "cve": "CVE-2022-35996", - "id": "pyup.io-55474", - "more_info_path": "/vulnerabilities/CVE-2022-35996/55474", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35983: 'CHECK' fail in 'Save' and 'SaveSlices'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6vp-8q9j-whx4", + "cve": "CVE-2022-35983", + "id": "pyup.io-55472", + "more_info_path": "/vulnerabilities/CVE-2022-35983/55472", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160891,10 +161403,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36016: 'CHECK'-fail in 'tensorflow::full_type::SubstituteFromAttrs'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g468-qj8g-vcjc", - "cve": "CVE-2022-36016", - "id": "pyup.io-55497", - "more_info_path": "/vulnerabilities/CVE-2022-36016/55497", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35981: 'CHECK' fail in 'FractionalMaxPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vxv8-r8q2-63xw", + "cve": "CVE-2022-35981", + "id": "pyup.io-55481", + "more_info_path": "/vulnerabilities/CVE-2022-35981/55481", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160903,10 +161415,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35992: 'CHECK' fail in 'TensorListFromTensor'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9v8w-xmr4-wgxp", - "cve": "CVE-2022-35992", - "id": "pyup.io-55483", - "more_info_path": "/vulnerabilities/CVE-2022-35992/55483", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36003: 'CHECK' fail in 'RandomPoissonV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cv2p-32v3-vhwq", + "cve": "CVE-2022-36003", + "id": "pyup.io-55466", + "more_info_path": "/vulnerabilities/CVE-2022-36003/55466", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160915,10 +161427,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35974: Segfault in 'QuantizeDownAndShrinkRange'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vgvh-2pf4-jr2x", - "cve": "CVE-2022-35974", - "id": "pyup.io-55485", - "more_info_path": "/vulnerabilities/CVE-2022-35974/55485", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36012: Assertion fail on MLIR empty edge names.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jvhc-5hhr-w3v5", + "cve": "CVE-2022-36012", + "id": "pyup.io-55471", + "more_info_path": "/vulnerabilities/CVE-2022-36012/55471", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160927,10 +161439,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35984: 'CHECK' fail in 'ParameterizedTruncatedNormal'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p2xf-8hgm-hpw5", - "cve": "CVE-2022-35984", - "id": "pyup.io-55473", - "more_info_path": "/vulnerabilities/CVE-2022-35984/55473", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36015: Integer overflow in math ops. \nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rh87-q4vg-m45j", + "cve": "CVE-2022-36015", + "id": "pyup.io-55465", + "more_info_path": "/vulnerabilities/CVE-2022-36015/55465", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160939,10 +161451,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35987: 'CHECK' fail in 'DenseBincount'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-w62h-8xjm-fv49", - "cve": "CVE-2022-35987", - "id": "pyup.io-55487", - "more_info_path": "/vulnerabilities/CVE-2022-35987/55487", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36017: Segfault in 'Requantize'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wqmc-pm8c-2jhc", + "cve": "CVE-2022-36017", + "id": "pyup.io-55464", + "more_info_path": "/vulnerabilities/CVE-2022-36017/55464", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160951,10 +161463,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35995: 'CHECK' fail in 'AudioSummaryV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9h5-vr8m-x2h4", - "cve": "CVE-2022-35995", - "id": "pyup.io-55509", - "more_info_path": "/vulnerabilities/CVE-2022-35995/55509", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35969: 'CHECK' fail in 'Conv2DBackpropInput'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q2c3-jpmc-gfjx", + "cve": "CVE-2022-35969", + "id": "pyup.io-55468", + "more_info_path": "/vulnerabilities/CVE-2022-35969/55468", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160963,10 +161475,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36005: 'CHECK' fail in 'FakeQuantWithMinMaxVarsGradient'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-r26c-679w-mrjm", - "cve": "CVE-2022-36005", - "id": "pyup.io-55514", - "more_info_path": "/vulnerabilities/CVE-2022-36005/55514", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36001: 'CHECK' fail in 'DrawBoundingBoxes'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jqm7-m5q7-3hm5", + "cve": "CVE-2022-36001", + "id": "pyup.io-55506", + "more_info_path": "/vulnerabilities/CVE-2022-36001/55506", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160975,10 +161487,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36019: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannel'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9j4v-pp28-mxv7", - "cve": "CVE-2022-36019", - "id": "pyup.io-55500", - "more_info_path": "/vulnerabilities/CVE-2022-36019/55500", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35940: Int overflow in 'RaggedRangeOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x989-q2pq-4q5x", + "cve": "CVE-2022-35940", + "id": "pyup.io-55505", + "more_info_path": "/vulnerabilities/CVE-2022-35940/55505", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160987,10 +161499,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35939: OOB write in 'scatter_nd' op in TF Lite.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-ffjm-4qwc-7cmf", - "cve": "CVE-2022-35939", - "id": "pyup.io-55460", - "more_info_path": "/vulnerabilities/CVE-2022-35939/55460", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35937: OOB read in 'Gather_nd' op in TF Lite.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pxrw-j2fv-hx3h", + "cve": "CVE-2022-35937", + "id": "pyup.io-55459", + "more_info_path": "/vulnerabilities/CVE-2022-35937/55459", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -160999,10 +161511,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35973: Segfault in 'QuantizedMatMul'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-689c-r7h2-fv9v", - "cve": "CVE-2022-35973", - "id": "pyup.io-55486", - "more_info_path": "/vulnerabilities/CVE-2022-35973/55486", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35988: 'CHECK' fail in 'tf.linalg.matrix_rank'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vqj-64pv-w55c", + "cve": "CVE-2022-35988", + "id": "pyup.io-55498", + "more_info_path": "/vulnerabilities/CVE-2022-35988/55498", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161011,10 +161523,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35971: 'CHECK' fail in 'FakeQuantWithMinMaxVars'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9fpg-838v-wpv7", - "cve": "CVE-2022-35971", - "id": "pyup.io-55510", - "more_info_path": "/vulnerabilities/CVE-2022-35971/55510", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36014: Null-dereference in 'mlir::tfg::TFOp::nameAttr'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7j3m-8g3c-9qqq", + "cve": "CVE-2022-36014", + "id": "pyup.io-55495", + "more_info_path": "/vulnerabilities/CVE-2022-36014/55495", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161023,10 +161535,22 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36001: 'CHECK' fail in 'DrawBoundingBoxes'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jqm7-m5q7-3hm5", - "cve": "CVE-2022-36001", - "id": "pyup.io-55506", - "more_info_path": "/vulnerabilities/CVE-2022-36001/55506", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35987: 'CHECK' fail in 'DenseBincount'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-w62h-8xjm-fv49", + "cve": "CVE-2022-35987", + "id": "pyup.io-55487", + "more_info_path": "/vulnerabilities/CVE-2022-35987/55487", + "specs": [ + "<2.7.4", + ">=2.8.0rc0,<2.8.3", + ">=2.9.0rc0,<2.9.2" + ], + "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" + }, + { + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35995: 'CHECK' fail in 'AudioSummaryV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9h5-vr8m-x2h4", + "cve": "CVE-2022-35995", + "id": "pyup.io-55509", + "more_info_path": "/vulnerabilities/CVE-2022-35995/55509", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161047,10 +161571,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35988: 'CHECK' fail in 'tf.linalg.matrix_rank'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vqj-64pv-w55c", - "cve": "CVE-2022-35988", - "id": "pyup.io-55498", - "more_info_path": "/vulnerabilities/CVE-2022-35988/55498", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36002: 'CHECK' fail in 'Unbatch'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mh3m-62v7-68xg", + "cve": "CVE-2022-36002", + "id": "pyup.io-55470", + "more_info_path": "/vulnerabilities/CVE-2022-36002/55470", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161059,10 +161583,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35940: Int overflow in 'RaggedRangeOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-x989-q2pq-4q5x", - "cve": "CVE-2022-35940", - "id": "pyup.io-55505", - "more_info_path": "/vulnerabilities/CVE-2022-35940/55505", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35966: Segfault in 'QuantizedAvgPool'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4w68-4x85-mjj9", + "cve": "CVE-2022-35966", + "id": "pyup.io-55489", + "more_info_path": "/vulnerabilities/CVE-2022-35966/55489", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161071,10 +161595,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35960: 'CHECK' failure in 'TensorListReserve' via missing validation.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v5xg-3q2c-c2r4", - "cve": "CVE-2022-35960", - "id": "pyup.io-55462", - "more_info_path": "/vulnerabilities/CVE-2022-35960/55462", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36013: Null-dereference in 'mlir::tfg::GraphDefImporter::ConvertNodeDef'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-828c-5j5q-vrjq", + "cve": "CVE-2022-36013", + "id": "pyup.io-55480", + "more_info_path": "/vulnerabilities/CVE-2022-36013/55480", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161083,10 +161607,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35983: 'CHECK' fail in 'Save' and 'SaveSlices'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6vp-8q9j-whx4", - "cve": "CVE-2022-35983", - "id": "pyup.io-55472", - "more_info_path": "/vulnerabilities/CVE-2022-35983/55472", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35952: 'CHECK' failures in 'UnbatchGradOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h5vq-gw2c-pq47", + "cve": "CVE-2022-35952", + "id": "pyup.io-55461", + "more_info_path": "/vulnerabilities/CVE-2022-35952/55461", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161095,10 +161619,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36000: 'CHECK' fail in 'Eig'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqxc-pvf8-2w9v", - "cve": "CVE-2022-36000", - "id": "pyup.io-55482", - "more_info_path": "/vulnerabilities/CVE-2022-36000/55482", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36026: 'CHECK' fail in 'QuantizeAndDequantizeV3'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9cr2-8pwr-fhfq", + "cve": "CVE-2022-36026", + "id": "pyup.io-55488", + "more_info_path": "/vulnerabilities/CVE-2022-36026/55488", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161107,10 +161631,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36002: 'CHECK' fail in 'Unbatch'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mh3m-62v7-68xg", - "cve": "CVE-2022-36002", - "id": "pyup.io-55470", - "more_info_path": "/vulnerabilities/CVE-2022-36002/55470", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36004: 'CHECK' fail in 'tf.random.gamma'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv8m-8x97-937q", + "cve": "CVE-2022-36004", + "id": "pyup.io-55511", + "more_info_path": "/vulnerabilities/CVE-2022-36004/55511", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161119,10 +161643,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35981: 'CHECK' fail in 'FractionalMaxPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vxv8-r8q2-63xw", - "cve": "CVE-2022-35981", - "id": "pyup.io-55481", - "more_info_path": "/vulnerabilities/CVE-2022-35981/55481", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35965: Segfault in 'LowerBound' and 'UpperBound'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qxpx-j395-pw36", + "cve": "CVE-2022-35965", + "id": "pyup.io-55499", + "more_info_path": "/vulnerabilities/CVE-2022-35965/55499", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161131,10 +161655,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35966: Segfault in 'QuantizedAvgPool'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4w68-4x85-mjj9", - "cve": "CVE-2022-35966", - "id": "pyup.io-55489", - "more_info_path": "/vulnerabilities/CVE-2022-35966/55489", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35989: 'CHECK' fail in 'MaxPool'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j43h-pgmg-5hjq", + "cve": "CVE-2022-35989", + "id": "pyup.io-55513", + "more_info_path": "/vulnerabilities/CVE-2022-35989/55513", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161143,10 +161667,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36013: Null-dereference in 'mlir::tfg::GraphDefImporter::ConvertNodeDef'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-828c-5j5q-vrjq", - "cve": "CVE-2022-36013", - "id": "pyup.io-55480", - "more_info_path": "/vulnerabilities/CVE-2022-36013/55480", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35934: 'CHECK' failure in tf.reshape via overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f4w6-h4f5-wx45", + "cve": "CVE-2022-35934", + "id": "pyup.io-55469", + "more_info_path": "/vulnerabilities/CVE-2022-35934/55469", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161155,10 +161679,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35990: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannelGradient'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h7ff-cfc9-wmmh", - "cve": "CVE-2022-35990", - "id": "pyup.io-55475", - "more_info_path": "/vulnerabilities/CVE-2022-35990/55475", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36027: Segfault TFLite converter on per-channel quantized transposed convolutions.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-79h2-q768-fpxr", + "cve": "CVE-2022-36027", + "id": "pyup.io-55491", + "more_info_path": "/vulnerabilities/CVE-2022-36027/55491", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161167,10 +161691,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36003: 'CHECK' fail in 'RandomPoissonV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-cv2p-32v3-vhwq", - "cve": "CVE-2022-36003", - "id": "pyup.io-55466", - "more_info_path": "/vulnerabilities/CVE-2022-36003/55466", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35973: Segfault in 'QuantizedMatMul'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-689c-r7h2-fv9v", + "cve": "CVE-2022-35973", + "id": "pyup.io-55486", + "more_info_path": "/vulnerabilities/CVE-2022-35973/55486", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161179,10 +161703,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36012: Assertion fail on MLIR empty edge names.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jvhc-5hhr-w3v5", - "cve": "CVE-2022-36012", - "id": "pyup.io-55471", - "more_info_path": "/vulnerabilities/CVE-2022-36012/55471", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35971: 'CHECK' fail in 'FakeQuantWithMinMaxVars'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9fpg-838v-wpv7", + "cve": "CVE-2022-35971", + "id": "pyup.io-55510", + "more_info_path": "/vulnerabilities/CVE-2022-35971/55510", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161191,10 +161715,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35986: Segfault in 'RaggedBincount'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wr9v-g9vf-c74v", - "cve": "CVE-2022-35986", - "id": "pyup.io-55484", - "more_info_path": "/vulnerabilities/CVE-2022-35986/55484", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35990: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannelGradient'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h7ff-cfc9-wmmh", + "cve": "CVE-2022-35990", + "id": "pyup.io-55475", + "more_info_path": "/vulnerabilities/CVE-2022-35990/55475", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161203,10 +161727,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35952: 'CHECK' failures in 'UnbatchGradOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h5vq-gw2c-pq47", - "cve": "CVE-2022-35952", - "id": "pyup.io-55461", - "more_info_path": "/vulnerabilities/CVE-2022-35952/55461", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35985: 'CHECK' fail in 'LRNGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9942-r22v-78cp", + "cve": "CVE-2022-35985", + "id": "pyup.io-55467", + "more_info_path": "/vulnerabilities/CVE-2022-35985/55467", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161227,10 +161751,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36015: Integer overflow in math ops. \nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rh87-q4vg-m45j", - "cve": "CVE-2022-36015", - "id": "pyup.io-55465", - "more_info_path": "/vulnerabilities/CVE-2022-36015/55465", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35972: Segfault in 'QuantizedBiasAdd'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4pc4-m9mj-v2r9", + "cve": "CVE-2022-35972", + "id": "pyup.io-55493", + "more_info_path": "/vulnerabilities/CVE-2022-35972/55493", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161239,10 +161763,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36026: 'CHECK' fail in 'QuantizeAndDequantizeV3'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9cr2-8pwr-fhfq", - "cve": "CVE-2022-36026", - "id": "pyup.io-55488", - "more_info_path": "/vulnerabilities/CVE-2022-36026/55488", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35982: Segfault in 'SparseBincount'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv", + "cve": "CVE-2022-35982", + "id": "pyup.io-55492", + "more_info_path": "/vulnerabilities/CVE-2022-35982/55492", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161251,10 +161775,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36004: 'CHECK' fail in 'tf.random.gamma'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv8m-8x97-937q", - "cve": "CVE-2022-36004", - "id": "pyup.io-55511", - "more_info_path": "/vulnerabilities/CVE-2022-36004/55511", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35970: Segfault in 'QuantizedInstanceNorm'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g35r-369w-3fqp", + "cve": "CVE-2022-35970", + "id": "pyup.io-55503", + "more_info_path": "/vulnerabilities/CVE-2022-35970/55503", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161263,10 +161787,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36017: Segfault in 'Requantize'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wqmc-pm8c-2jhc", - "cve": "CVE-2022-36017", - "id": "pyup.io-55464", - "more_info_path": "/vulnerabilities/CVE-2022-36017/55464", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36018: 'CHECK' fail in 'RaggedTensorToVariant'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6cv-4fmf-66xf", + "cve": "CVE-2022-36018", + "id": "pyup.io-55512", + "more_info_path": "/vulnerabilities/CVE-2022-36018/55512", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161275,10 +161799,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35985: 'CHECK' fail in 'LRNGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9942-r22v-78cp", - "cve": "CVE-2022-35985", - "id": "pyup.io-55467", - "more_info_path": "/vulnerabilities/CVE-2022-35985/55467", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36000: 'CHECK' fail in 'Eig'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqxc-pvf8-2w9v", + "cve": "CVE-2022-36000", + "id": "pyup.io-55482", + "more_info_path": "/vulnerabilities/CVE-2022-36000/55482", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161287,10 +161811,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35965: Segfault in 'LowerBound' and 'UpperBound'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qxpx-j395-pw36", - "cve": "CVE-2022-35965", - "id": "pyup.io-55499", - "more_info_path": "/vulnerabilities/CVE-2022-35965/55499", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35986: Segfault in 'RaggedBincount'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wr9v-g9vf-c74v", + "cve": "CVE-2022-35986", + "id": "pyup.io-55484", + "more_info_path": "/vulnerabilities/CVE-2022-35986/55484", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161299,10 +161823,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35989: 'CHECK' fail in 'MaxPool'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j43h-pgmg-5hjq", - "cve": "CVE-2022-35989", - "id": "pyup.io-55513", - "more_info_path": "/vulnerabilities/CVE-2022-35989/55513", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36005: 'CHECK' fail in 'FakeQuantWithMinMaxVarsGradient'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-r26c-679w-mrjm", + "cve": "CVE-2022-36005", + "id": "pyup.io-55514", + "more_info_path": "/vulnerabilities/CVE-2022-36005/55514", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161311,10 +161835,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35934: 'CHECK' failure in tf.reshape via overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f4w6-h4f5-wx45", - "cve": "CVE-2022-35934", - "id": "pyup.io-55469", - "more_info_path": "/vulnerabilities/CVE-2022-35934/55469", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36019: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannel'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9j4v-pp28-mxv7", + "cve": "CVE-2022-36019", + "id": "pyup.io-55500", + "more_info_path": "/vulnerabilities/CVE-2022-36019/55500", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161323,10 +161847,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35967: Segfault in 'QuantizedAdd'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6h3-348g-6h5x", - "cve": "CVE-2022-35967", - "id": "pyup.io-55501", - "more_info_path": "/vulnerabilities/CVE-2022-35967/55501", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35964: Segfault in 'BlockLSTMGradV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f7r5-q7cx-h668", + "cve": "CVE-2022-35964", + "id": "pyup.io-55477", + "more_info_path": "/vulnerabilities/CVE-2022-35964/55477", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161335,10 +161859,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35972: Segfault in 'QuantizedBiasAdd'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-4pc4-m9mj-v2r9", - "cve": "CVE-2022-35972", - "id": "pyup.io-55493", - "more_info_path": "/vulnerabilities/CVE-2022-35972/55493", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35963: 'CHECK' failures in 'FractionalAvgPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-84jm-4cf3-9jfm", + "cve": "CVE-2022-35963", + "id": "pyup.io-55507", + "more_info_path": "/vulnerabilities/CVE-2022-35963/55507", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161347,10 +161871,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35964: Segfault in 'BlockLSTMGradV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f7r5-q7cx-h668", - "cve": "CVE-2022-35964", - "id": "pyup.io-55477", - "more_info_path": "/vulnerabilities/CVE-2022-35964/55477", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35968: 'CHECK' fail in 'AvgPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2475-53vw-vp25", + "cve": "CVE-2022-35968", + "id": "pyup.io-55502", + "more_info_path": "/vulnerabilities/CVE-2022-35968/55502", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161359,10 +161883,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35937: OOB read in 'Gather_nd' op in TF Lite.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pxrw-j2fv-hx3h", - "cve": "CVE-2022-35937", - "id": "pyup.io-55459", - "more_info_path": "/vulnerabilities/CVE-2022-35937/55459", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35959: 'CHECK' failures in 'AvgPool3DGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wxjj-cgcx-r3vq", + "cve": "CVE-2022-35959", + "id": "pyup.io-55476", + "more_info_path": "/vulnerabilities/CVE-2022-35959/55476", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161371,10 +161895,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36027: Segfault TFLite converter on per-channel quantized transposed convolutions.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-79h2-q768-fpxr", - "cve": "CVE-2022-36027", - "id": "pyup.io-55491", - "more_info_path": "/vulnerabilities/CVE-2022-36027/55491", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35941: 'CHECK' failure in 'AvgPoolOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mgmh-g2v6-mqw5", + "cve": "CVE-2022-35941", + "id": "pyup.io-55496", + "more_info_path": "/vulnerabilities/CVE-2022-35941/55496", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161383,10 +161907,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35963: 'CHECK' failures in 'FractionalAvgPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-84jm-4cf3-9jfm", - "cve": "CVE-2022-35963", - "id": "pyup.io-55507", - "more_info_path": "/vulnerabilities/CVE-2022-35963/55507", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35984: 'CHECK' fail in 'ParameterizedTruncatedNormal'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p2xf-8hgm-hpw5", + "cve": "CVE-2022-35984", + "id": "pyup.io-55473", + "more_info_path": "/vulnerabilities/CVE-2022-35984/55473", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161395,10 +161919,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35968: 'CHECK' fail in 'AvgPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2475-53vw-vp25", - "cve": "CVE-2022-35968", - "id": "pyup.io-55502", - "more_info_path": "/vulnerabilities/CVE-2022-35968/55502", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35999: 'CHECK' fail in 'Conv2DBackpropInput'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-37jf-mjv6-xfqw", + "cve": "CVE-2022-35999", + "id": "pyup.io-55508", + "more_info_path": "/vulnerabilities/CVE-2022-35999/55508", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161407,10 +161931,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35959: 'CHECK' failures in 'AvgPool3DGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wxjj-cgcx-r3vq", - "cve": "CVE-2022-35959", - "id": "pyup.io-55476", - "more_info_path": "/vulnerabilities/CVE-2022-35959/55476", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35979: Segfault in 'QuantizedRelu' and 'QuantizedRelu6'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v7vw-577f-vp8x", + "cve": "CVE-2022-35979", + "id": "pyup.io-55463", + "more_info_path": "/vulnerabilities/CVE-2022-35979/55463", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161419,10 +161943,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35969: 'CHECK' fail in 'Conv2DBackpropInput'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-q2c3-jpmc-gfjx", - "cve": "CVE-2022-35969", - "id": "pyup.io-55468", - "more_info_path": "/vulnerabilities/CVE-2022-35969/55468", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35998: 'CHECK' fail in 'EmptyTensorList'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhw4-wwr7-gjc5", + "cve": "CVE-2022-35998", + "id": "pyup.io-55479", + "more_info_path": "/vulnerabilities/CVE-2022-35998/55479", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161431,10 +161955,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35997: 'CHECK' fail in 'tf.sparse.cross'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p7hr-f446-x6qf", - "cve": "CVE-2022-35997", - "id": "pyup.io-55478", - "more_info_path": "/vulnerabilities/CVE-2022-35997/55478", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35992: 'CHECK' fail in 'TensorListFromTensor'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9v8w-xmr4-wgxp", + "cve": "CVE-2022-35992", + "id": "pyup.io-55483", + "more_info_path": "/vulnerabilities/CVE-2022-35992/55483", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161443,10 +161967,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35970: Segfault in 'QuantizedInstanceNorm'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g35r-369w-3fqp", - "cve": "CVE-2022-35970", - "id": "pyup.io-55503", - "more_info_path": "/vulnerabilities/CVE-2022-35970/55503", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35974: Segfault in 'QuantizeDownAndShrinkRange'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vgvh-2pf4-jr2x", + "cve": "CVE-2022-35974", + "id": "pyup.io-55485", + "more_info_path": "/vulnerabilities/CVE-2022-35974/55485", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161455,10 +161979,10 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35941: 'CHECK' failure in 'AvgPoolOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mgmh-g2v6-mqw5", - "cve": "CVE-2022-35941", - "id": "pyup.io-55496", - "more_info_path": "/vulnerabilities/CVE-2022-35941/55496", + "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35960: 'CHECK' failure in 'TensorListReserve' via missing validation.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v5xg-3q2c-c2r4", + "cve": "CVE-2022-35960", + "id": "pyup.io-55462", + "more_info_path": "/vulnerabilities/CVE-2022-35960/55462", "specs": [ "<2.7.4", ">=2.8.0rc0,<2.8.3", @@ -161467,22 +161991,22 @@ "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" }, { - "advisory": "Tensorflow-cpu 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36011: Null dereference on MLIR on empty function attributes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fv43-93gv-vm8f", - "cve": "CVE-2022-36011", - "id": "pyup.io-55490", - "more_info_path": "/vulnerabilities/CVE-2022-36011/55490", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41885: When 'tf.raw_ops.FusedResizeAndPadConv2D' is given a large tensor shape, it overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx", + "cve": "CVE-2022-41885", + "id": "pyup.io-55440", + "more_info_path": "/vulnerabilities/CVE-2022-41885/55440", "specs": [ - "<2.7.4", - ">=2.8.0rc0,<2.8.3", - ">=2.9.0rc0,<2.9.2" + "<2.8.4", + ">=2.9.0rc0,<2.9.3", + ">=2.10.0rc0,<2.10.1" ], - "v": "<2.7.4,>=2.8.0rc0,<2.8.3,>=2.9.0rc0,<2.9.2" + "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41898: If 'SparseFillEmptyRowsGrad' is given empty inputs, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h", - "cve": "CVE-2022-41898", - "id": "pyup.io-55455", - "more_info_path": "/vulnerabilities/CVE-2022-41898/55455", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41884: If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. \nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636", + "cve": "CVE-2022-41884", + "id": "pyup.io-55451", + "more_info_path": "/vulnerabilities/CVE-2022-41884/55451", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161491,10 +162015,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41880: When the 'BaseCandidateSamplerOp' function receives a value in 'true_classes' larger than 'range_max', a heap oob read occurs.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j", - "cve": "CVE-2022-41880", - "id": "pyup.io-55447", - "more_info_path": "/vulnerabilities/CVE-2022-41880/55447", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41893: If 'tf.raw_ops.TensorListResize' is given a nonscalar value for input 'size', it results 'CHECK' fail which can be used to trigger a denial of service attack.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m", + "cve": "CVE-2022-41893", + "id": "pyup.io-55442", + "more_info_path": "/vulnerabilities/CVE-2022-41893/55442", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161503,10 +162027,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41897: If 'FractionMaxPoolGrad' is given outsize inputs 'row_pooling_sequence' and 'col_pooling_sequence', TensorFlow will crash.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j", - "cve": "CVE-2022-41897", - "id": "pyup.io-55452", - "more_info_path": "/vulnerabilities/CVE-2022-41897/55452", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41908: TensorFlow is an open source platform for machine learning. An input 'token' that is not a UTF-8 bytestring will trigger a 'CHECK' fail in 'tf.raw_ops.PyFunc'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3", + "cve": "CVE-2022-41908", + "id": "pyup.io-55444", + "more_info_path": "/vulnerabilities/CVE-2022-41908/55444", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161515,10 +162039,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41911: When printing a tensor, we get it's data as a 'const char*' array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from 'char' to 'bool' are undefined if the 'char' is not '0' or '1', so sanitizers/fuzzers will crash.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j", - "cve": "CVE-2022-41911", - "id": "pyup.io-55438", - "more_info_path": "/vulnerabilities/CVE-2022-41911/55438", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41896: If 'ThreadUnsafeUnigramCandidateSampler' is given input 'filterbank_channel_count' greater than the allowed max size, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35", + "cve": "CVE-2022-41896", + "id": "pyup.io-55450", + "more_info_path": "/vulnerabilities/CVE-2022-41896/55450", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161527,10 +162051,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41884: If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. \nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636", - "cve": "CVE-2022-41884", - "id": "pyup.io-55451", - "more_info_path": "/vulnerabilities/CVE-2022-41884/55451", + "advisory": "TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.", + "cve": "CVE-2022-41902", + "id": "pyup.io-55449", + "more_info_path": "/vulnerabilities/CVE-2022-41902/55449", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161539,10 +162063,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41899: TensorFlow is an open source platform for machine learning. Inputs 'dense_features' or 'example_state_data' not of rank 2 will trigger a 'CHECK' fail in 'SdcaOptimizer'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2", - "cve": "CVE-2022-41899", - "id": "pyup.io-55441", - "more_info_path": "/vulnerabilities/CVE-2022-41899/55441", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41900: The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472", + "cve": "CVE-2022-41900", + "id": "pyup.io-55445", + "more_info_path": "/vulnerabilities/CVE-2022-41900/55445", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161551,10 +162075,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41891: If 'tf.raw_ops.TensorListConcat' is given 'element_shape=[]', it results segmentation fault which can be used to trigger a denial of service attack.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv", - "cve": "CVE-2022-41891", - "id": "pyup.io-55437", - "more_info_path": "/vulnerabilities/CVE-2022-41891/55437", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41895: If 'MirrorPadGrad' is given outsize input 'paddings', TensorFlow will give a heap OOB error.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx", + "cve": "CVE-2022-41895", + "id": "pyup.io-55436", + "more_info_path": "/vulnerabilities/CVE-2022-41895/55436", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161563,10 +162087,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41901: An input 'sparse_matrix' that is not a matrix with a shape with rank 0 will trigger a 'CHECK' fail in 'tf.raw_ops.SparseMatrixNNZ'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f", - "cve": "CVE-2022-41901", - "id": "pyup.io-55435", - "more_info_path": "/vulnerabilities/CVE-2022-41901/55435", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41891: If 'tf.raw_ops.TensorListConcat' is given 'element_shape=[]', it results segmentation fault which can be used to trigger a denial of service attack.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv", + "cve": "CVE-2022-41891", + "id": "pyup.io-55437", + "more_info_path": "/vulnerabilities/CVE-2022-41891/55437", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161575,10 +162099,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41893: If 'tf.raw_ops.TensorListResize' is given a nonscalar value for input 'size', it results 'CHECK' fail which can be used to trigger a denial of service attack.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m", - "cve": "CVE-2022-41893", - "id": "pyup.io-55442", - "more_info_path": "/vulnerabilities/CVE-2022-41893/55442", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41907: When 'tf.raw_ops.ResizeNearestNeighborGrad' is given a large 'size' input, it overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx", + "cve": "CVE-2022-41907", + "id": "pyup.io-55448", + "more_info_path": "/vulnerabilities/CVE-2022-41907/55448", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161587,10 +162111,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41886: When 'tf.raw_ops.ImageProjectiveTransformV2' is given a large output shape, it overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx", - "cve": "CVE-2022-41886", - "id": "pyup.io-55453", - "more_info_path": "/vulnerabilities/CVE-2022-41886/55453", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41909: An input 'encoded' that is not a valid 'CompositeTensorVariant' tensor will trigger a segfault in 'tf.raw_ops.CompositeTensorVariantToComponents'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9", + "cve": "CVE-2022-41909", + "id": "pyup.io-55443", + "more_info_path": "/vulnerabilities/CVE-2022-41909/55443", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161599,10 +162123,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41908: TensorFlow is an open source platform for machine learning. An input 'token' that is not a UTF-8 bytestring will trigger a 'CHECK' fail in 'tf.raw_ops.PyFunc'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3", - "cve": "CVE-2022-41908", - "id": "pyup.io-55444", - "more_info_path": "/vulnerabilities/CVE-2022-41908/55444", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41898: If 'SparseFillEmptyRowsGrad' is given empty inputs, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h", + "cve": "CVE-2022-41898", + "id": "pyup.io-55455", + "more_info_path": "/vulnerabilities/CVE-2022-41898/55455", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161611,10 +162135,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41896: If 'ThreadUnsafeUnigramCandidateSampler' is given input 'filterbank_channel_count' greater than the allowed max size, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35", - "cve": "CVE-2022-41896", - "id": "pyup.io-55450", - "more_info_path": "/vulnerabilities/CVE-2022-41896/55450", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41899: TensorFlow is an open source platform for machine learning. Inputs 'dense_features' or 'example_state_data' not of rank 2 will trigger a 'CHECK' fail in 'SdcaOptimizer'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2", + "cve": "CVE-2022-41899", + "id": "pyup.io-55441", + "more_info_path": "/vulnerabilities/CVE-2022-41899/55441", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161623,10 +162147,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.", - "cve": "CVE-2022-41902", - "id": "pyup.io-55449", - "more_info_path": "/vulnerabilities/CVE-2022-41902/55449", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41901: An input 'sparse_matrix' that is not a matrix with a shape with rank 0 will trigger a 'CHECK' fail in 'tf.raw_ops.SparseMatrixNNZ'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f", + "cve": "CVE-2022-41901", + "id": "pyup.io-55435", + "more_info_path": "/vulnerabilities/CVE-2022-41901/55435", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161635,10 +162159,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41900: The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472", - "cve": "CVE-2022-41900", - "id": "pyup.io-55445", - "more_info_path": "/vulnerabilities/CVE-2022-41900/55445", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41894: The reference kernel of the 'CONV_3D_TRANSPOSE' TensorFlow Lite operator wrongly increments the data_ptr when adding the bias to the result. Instead of 'data_ptr += num_channels;' it should be 'data_ptr += output_num_channels;' as if the number of input channels is different than the number of output channels, the wrong result will be returned and a buffer overflow will occur if num_channels > output_num_channels. An attacker can craft a model with a specific number of input channels. It is then possible to write specific values through the bias of the layer outside the bounds of the buffer. This attack only works if the reference kernel resolver is used in the interpreter.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6q3-vv32-2cq5", + "cve": "CVE-2022-41894", + "id": "pyup.io-55456", + "more_info_path": "/vulnerabilities/CVE-2022-41894/55456", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161647,10 +162171,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41885: When 'tf.raw_ops.FusedResizeAndPadConv2D' is given a large tensor shape, it overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx", - "cve": "CVE-2022-41885", - "id": "pyup.io-55440", - "more_info_path": "/vulnerabilities/CVE-2022-41885/55440", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41911: When printing a tensor, we get it's data as a 'const char*' array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from 'char' to 'bool' are undefined if the 'char' is not '0' or '1', so sanitizers/fuzzers will crash.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j", + "cve": "CVE-2022-41911", + "id": "pyup.io-55438", + "more_info_path": "/vulnerabilities/CVE-2022-41911/55438", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161659,10 +162183,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41907: When 'tf.raw_ops.ResizeNearestNeighborGrad' is given a large 'size' input, it overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx", - "cve": "CVE-2022-41907", - "id": "pyup.io-55448", - "more_info_path": "/vulnerabilities/CVE-2022-41907/55448", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41886: When 'tf.raw_ops.ImageProjectiveTransformV2' is given a large output shape, it overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx", + "cve": "CVE-2022-41886", + "id": "pyup.io-55453", + "more_info_path": "/vulnerabilities/CVE-2022-41886/55453", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161683,10 +162207,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41895: If 'MirrorPadGrad' is given outsize input 'paddings', TensorFlow will give a heap OOB error.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx", - "cve": "CVE-2022-41895", - "id": "pyup.io-55436", - "more_info_path": "/vulnerabilities/CVE-2022-41895/55436", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41880: When the 'BaseCandidateSamplerOp' function receives a value in 'true_classes' larger than 'range_max', a heap oob read occurs.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j", + "cve": "CVE-2022-41880", + "id": "pyup.io-55447", + "more_info_path": "/vulnerabilities/CVE-2022-41880/55447", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161695,10 +162219,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41894: The reference kernel of the 'CONV_3D_TRANSPOSE' TensorFlow Lite operator wrongly increments the data_ptr when adding the bias to the result. Instead of 'data_ptr += num_channels;' it should be 'data_ptr += output_num_channels;' as if the number of input channels is different than the number of output channels, the wrong result will be returned and a buffer overflow will occur if num_channels > output_num_channels. An attacker can craft a model with a specific number of input channels. It is then possible to write specific values through the bias of the layer outside the bounds of the buffer. This attack only works if the reference kernel resolver is used in the interpreter.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6q3-vv32-2cq5", - "cve": "CVE-2022-41894", - "id": "pyup.io-55456", - "more_info_path": "/vulnerabilities/CVE-2022-41894/55456", + "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41897: If 'FractionMaxPoolGrad' is given outsize inputs 'row_pooling_sequence' and 'col_pooling_sequence', TensorFlow will crash.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j", + "cve": "CVE-2022-41897", + "id": "pyup.io-55452", + "more_info_path": "/vulnerabilities/CVE-2022-41897/55452", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -161718,18 +162242,6 @@ ], "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, - { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41909: An input 'encoded' that is not a valid 'CompositeTensorVariant' tensor will trigger a segfault in 'tf.raw_ops.CompositeTensorVariantToComponents'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9", - "cve": "CVE-2022-41909", - "id": "pyup.io-55443", - "more_info_path": "/vulnerabilities/CVE-2022-41909/55443", - "specs": [ - "<2.8.4", - ">=2.9.0rc0,<2.9.3", - ">=2.10.0rc0,<2.10.1" - ], - "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" - }, { "advisory": "Tensorflow-cpu 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41890: If 'BCast::ToShape' is given input larger than an 'int32', it will crash, despite being supposed to handle up to an 'int64'. An example can be seen in 'tf.experimental.numpy.outer' by passing in large input to the input 'b'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475", "cve": "CVE-2022-41890", @@ -161818,10 +162330,10 @@ "v": ">=1.15.0rc0,<1.15.4,>=2.0.0a0,<2.0.3,>=2.1.0rc0,<2.1.2,>=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 1.15.2 and 2.0.1 update its dependency \"SQLite\" to handle CVE-2019-19646.", - "cve": "CVE-2019-19646", - "id": "pyup.io-55882", - "more_info_path": "/vulnerabilities/CVE-2019-19646/55882", + "advisory": "Tensorflow-cpu versions 1.15.2 and 2.0.1 includes a fix for CVE-2020-5215: In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which contains a string instead of a tf.float16 value. Similar effects can be obtained by manipulating saved models and checkpoints whereby replacing a scalar tf.float16 value with a scalar string will trigger this issue due to automatic conversions. This can be easily reproduced by tf.constant(\"hello\", tf.float16), if eager execution is enabled.", + "cve": "CVE-2020-5215", + "id": "pyup.io-55883", + "more_info_path": "/vulnerabilities/CVE-2020-5215/55883", "specs": [ ">=2.0.0a0,<2.0.1", "<1.15.2" @@ -161851,10 +162363,10 @@ "v": ">=2.0.0a0,<2.0.1,<1.15.2" }, { - "advisory": "Tensorflow-cpu versions 1.15.2 and 2.0.1 updates its dependency \"curl\" to handle CVE-2019-5482.", - "cve": "CVE-2019-5482", - "id": "pyup.io-55881", - "more_info_path": "/vulnerabilities/CVE-2019-5482/55881", + "advisory": "Tensorflow-cpu versions 1.15.2 and 2.0.1 updates its dependency \"curl\" to handle CVE-2019-5481.", + "cve": "CVE-2019-5481", + "id": "pyup.io-55879", + "more_info_path": "/vulnerabilities/CVE-2019-5481/55879", "specs": [ ">=2.0.0a0,<2.0.1", "<1.15.2" @@ -161862,10 +162374,10 @@ "v": ">=2.0.0a0,<2.0.1,<1.15.2" }, { - "advisory": "Tensorflow-cpu versions 1.15.2 and 2.0.1 includes a fix for CVE-2020-5215: In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which contains a string instead of a tf.float16 value. Similar effects can be obtained by manipulating saved models and checkpoints whereby replacing a scalar tf.float16 value with a scalar string will trigger this issue due to automatic conversions. This can be easily reproduced by tf.constant(\"hello\", tf.float16), if eager execution is enabled.", - "cve": "CVE-2020-5215", - "id": "pyup.io-55883", - "more_info_path": "/vulnerabilities/CVE-2020-5215/55883", + "advisory": "Tensorflow-cpu versions 1.15.2 and 2.0.1 updates its dependency \"curl\" to handle CVE-2019-5482.", + "cve": "CVE-2019-5482", + "id": "pyup.io-55881", + "more_info_path": "/vulnerabilities/CVE-2019-5482/55881", "specs": [ ">=2.0.0a0,<2.0.1", "<1.15.2" @@ -161873,10 +162385,10 @@ "v": ">=2.0.0a0,<2.0.1,<1.15.2" }, { - "advisory": "Tensorflow-cpu versions 1.15.2 and 2.0.1 updates its dependency \"curl\" to handle CVE-2019-5481.", - "cve": "CVE-2019-5481", - "id": "pyup.io-55879", - "more_info_path": "/vulnerabilities/CVE-2019-5481/55879", + "advisory": "Tensorflow-cpu versions 1.15.2 and 2.0.1 update its dependency \"SQLite\" to handle CVE-2019-19646.", + "cve": "CVE-2019-19646", + "id": "pyup.io-55882", + "more_info_path": "/vulnerabilities/CVE-2019-19646/55882", "specs": [ ">=2.0.0a0,<2.0.1", "<1.15.2" @@ -161919,10 +162431,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 2.2.1 and 2.3.1 includes a fix for CVE-2020-15214: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimension of output tensor. This results in allocating insufficient memory for the output tensor and in a write outside the bounds of the output array. This usually results in a segmentation fault, but depending on runtime conditions it can provide for a write gadget to be used in future memory corruption-based exploits. The issue was patched in commit 204945b19e44b57906c9344c0d00120eeeae178a. A potential workaround is to add a custom \"Verifier\" to the model loading code to ensure that the segment ids are sorted, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.", - "cve": "CVE-2020-15214", - "id": "pyup.io-55866", - "more_info_path": "/vulnerabilities/CVE-2020-15214/55866", + "advisory": "Tensorflow-cpu versions 2.2.1 and 2.3.1 includes a fix for CVE-2020-15213: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimension of the output tensor, attackers can use a very large value to trigger a large allocation. The issue was patched in commit 204945b19e44b57906c9344c0d00120eeeae178a. A potential workaround is to add a custom \"Verifier\" to limit the maximum value in the segment ids tensor. This only handles the case when the segment ids are stored statically in the model, but a similar validation could be done if the segment ids are generated at runtime, between inference steps. However, if the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hjmq-236j-8m87", + "cve": "CVE-2020-15213", + "id": "pyup.io-55864", + "more_info_path": "/vulnerabilities/CVE-2020-15213/55864", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -161930,10 +162442,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 2.2.1 and 2.3.1 includes a fix for CVE-2020-15213: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. Since code uses the last element of the tensor holding them to determine the dimension of the output tensor, attackers can use a very large value to trigger a large allocation. The issue was patched in commit 204945b19e44b57906c9344c0d00120eeeae178a. A potential workaround is to add a custom \"Verifier\" to limit the maximum value in the segment ids tensor. This only handles the case when the segment ids are stored statically in the model, but a similar validation could be done if the segment ids are generated at runtime, between inference steps. However, if the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hjmq-236j-8m87", - "cve": "CVE-2020-15213", - "id": "pyup.io-55864", - "more_info_path": "/vulnerabilities/CVE-2020-15213/55864", + "advisory": "Tensorflow-cpu versions 2.2.1 and 2.3.1 includes a fix for CVE-2020-15214: In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. Code assumes that the segment ids are in increasing order, using the last element of the tensor holding them to determine the dimension of output tensor. This results in allocating insufficient memory for the output tensor and in a write outside the bounds of the output array. This usually results in a segmentation fault, but depending on runtime conditions it can provide for a write gadget to be used in future memory corruption-based exploits. The issue was patched in commit 204945b19e44b57906c9344c0d00120eeeae178a. A potential workaround is to add a custom \"Verifier\" to the model loading code to ensure that the segment ids are sorted, although this only handles the case when the segment ids are stored statically in the model. A similar validation could be done if the segment ids are generated at runtime between inference steps. If the segment ids are generated as outputs of a tensor during inference steps, then there are no possible workaround and users are advised to upgrade to patched code.", + "cve": "CVE-2020-15214", + "id": "pyup.io-55866", + "more_info_path": "/vulnerabilities/CVE-2020-15214/55866", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -161941,10 +162453,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15192: In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to 'dlpack.to_dlpack' there is a memory leak following an expected validation failure. The issue occurs because the 'status' argument during validation failures is not properly checked. Since each of the above methods can return an error status, the 'status' value must be checked before continuing.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv", - "cve": "CVE-2020-15192", - "id": "pyup.io-55867", - "more_info_path": "/vulnerabilities/CVE-2020-15192/55867", + "advisory": "Tensorflow-cpu versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15193: In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of \"dlpack.to_dlpack\" can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing in a Python object instead of a tensor. The uninitialized memory address is due to a \"reinterpret_cast\". Since the \"PyObject\" is a Python object, not a Tensorflow tensor, the cast to \"EagerTensor\" fails. The issue was patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjjg-hgv6-h69v", + "cve": "CVE-2020-15193", + "id": "pyup.io-55868", + "more_info_path": "/vulnerabilities/CVE-2020-15193/55868", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -161963,10 +162475,10 @@ "v": ">=2.2.0rc0,<2.2.1,>=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow-cpu versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15193: In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of \"dlpack.to_dlpack\" can be made to use uninitialized memory resulting in further memory corruption. This is because the pybind11 glue code assumes that the argument is a tensor. However, there is nothing stopping users from passing in a Python object instead of a tensor. The uninitialized memory address is due to a \"reinterpret_cast\". Since the \"PyObject\" is a Python object, not a Tensorflow tensor, the cast to \"EagerTensor\" fails. The issue was patched in commit 22e07fb204386768e5bcbea563641ea11f96ceb8\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjjg-hgv6-h69v", - "cve": "CVE-2020-15193", - "id": "pyup.io-55868", - "more_info_path": "/vulnerabilities/CVE-2020-15193/55868", + "advisory": "Tensorflow-cpu versions 2.2.1 and 2.3.1 include a fix for CVE-2020-15192: In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to 'dlpack.to_dlpack' there is a memory leak following an expected validation failure. The issue occurs because the 'status' argument during validation failures is not properly checked. Since each of the above methods can return an error status, the 'status' value must be checked before continuing.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fxw-76px-3rxv", + "cve": "CVE-2020-15192", + "id": "pyup.io-55867", + "more_info_path": "/vulnerabilities/CVE-2020-15192/55867", "specs": [ ">=2.2.0rc0,<2.2.1", ">=2.3.0rc0,<2.3.1" @@ -161983,16 +162495,6 @@ ], "v": ">=2.3.0rc0,<2.3.1" }, - { - "advisory": "Tensorflow-cpu 2.3.1 includes a fix for CVE-2020-15198: In Tensorflow before version 2.3.1, the \"SparseCountSparseOutput\" implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the \"indices\" tensor has the same shape as the \"values\" one. The values in these tensors are always accessed in parallel. Thus, a shape mismatch can result in accesses outside the bounds of heap allocated buffers. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jc87-6vpp-7ff3", - "cve": "CVE-2020-15198", - "id": "pyup.io-55858", - "more_info_path": "/vulnerabilities/CVE-2020-15198/55858", - "specs": [ - ">=2.3.0rc0,<2.3.1" - ], - "v": ">=2.3.0rc0,<2.3.1" - }, { "advisory": "Tensorflow-cpu version 2.3.1 includes a fix for CVE-2020-15196: In Tensorflow version 2.3.0, the \"SparseCountSparseOutput\" and \"RaggedCountSparseOutput\" implementations don't validate that the \"weights\" tensor has the same shape as the data. The check exists for \"DenseCountSparseOutput\", where both tensors are fully specified. In the sparse and ragged count weights are still accessed in parallel with the data. But, since there is no validation, a user passing fewer weights than the values for the tensors can generate a read from outside the bounds of the heap buffer allocated for the weights. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pg59-2f92-5cph", "cve": "CVE-2020-15196", @@ -162023,6 +162525,16 @@ ], "v": ">=2.3.0rc0,<2.3.1" }, + { + "advisory": "Tensorflow-cpu 2.3.1 includes a fix for CVE-2020-15198: In Tensorflow before version 2.3.1, the \"SparseCountSparseOutput\" implementation does not validate that the input arguments form a valid sparse tensor. In particular, there is no validation that the \"indices\" tensor has the same shape as the \"values\" one. The values in these tensors are always accessed in parallel. Thus, a shape mismatch can result in accesses outside the bounds of heap allocated buffers. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jc87-6vpp-7ff3", + "cve": "CVE-2020-15198", + "id": "pyup.io-55858", + "more_info_path": "/vulnerabilities/CVE-2020-15198/55858", + "specs": [ + ">=2.3.0rc0,<2.3.1" + ], + "v": ">=2.3.0rc0,<2.3.1" + }, { "advisory": "Tensorflow-cpu 2.3.1 includes a fix for CVE-2020-15201: In Tensorflow before version 2.3.1, the \"RaggedCountSparseOutput\" implementation does not validate that the input arguments form a valid ragged tensor. In particular, there is no validation that the values in the \"splits\" tensor generate a valid partitioning of the \"values\" tensor. Hence, the code is prone to heap buffer overflow. If \"split_values\" does not end with a value at least \"num_values\" then the \"while\" loop condition will trigger a read outside of the bounds of \"split_values\" once \"batch_idx\" grows too large. The issue was patched in commit 3cbb917b4714766030b28eba9fb41bb97ce9ee02.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p5f8-gfw5-33w4", "cve": "CVE-2020-15201", @@ -162034,10 +162546,10 @@ "v": ">=2.3.0rc0,<2.3.1" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37636: In affected versions the implementation of 'tf.raw_ops.SparseDenseCwiseDiv' is vulnerable to a division by 0 error. The implementation (https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc#L56) uses a common class for all binary operations but fails to treat the division by 0 case separately. The Tensorflow team has patched the issue in GitHub commit d9204be9f49520cdaaeb2541d1dc5187b23f31d9.", - "cve": "CVE-2021-37636", - "id": "pyup.io-55819", - "more_info_path": "/vulnerabilities/CVE-2021-37636/55819", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37683: In affected versions the implementation of division in TFLite is vulnerable to a division by 0 error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/div.cc). There is no check that the divisor tensor does not contain zero elements. The Tensorflow team has patched the issue in GitHub commit 1e206baedf8bef0334cca3eb92bab134ef525a28.", + "cve": "CVE-2021-37683", + "id": "pyup.io-55816", + "more_info_path": "/vulnerabilities/CVE-2021-37683/55816", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162047,10 +162559,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37635: In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_reduce_op.cc#L217-L228) fails to validate that each reduction group does not overflow and that each corresponding index does not point to outside the bounds of the input tensor. The Tensorflow team has patched the issue in GitHub commit 87158f43f05f2720a374f3e6d22a7aaa3a33f750.", - "cve": "CVE-2021-37635", - "id": "pyup.io-55814", - "more_info_path": "/vulnerabilities/CVE-2021-37635/55814", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37680: In affected versions the implementation of fully connected layers in TFLite is vulnerable to a division by zero error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/fully_connected.cc#L226). The Tensorflow team has patched the issue in GitHub commit 718721986aa137691ee23f03638867151f74935f.", + "cve": "CVE-2021-37680", + "id": "pyup.io-55818", + "more_info_path": "/vulnerabilities/CVE-2021-37680/55818", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162060,10 +162572,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37637: It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to `tf.raw_ops.CompressElement`. The [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/data/compression_utils.cc#L34) was accessing the size of a buffer obtained from the return of a separate function call before validating that said buffer is valid. The Tensorflow team has patched the issue in GitHub commit 5dc7f6981fdaf74c8c5be41f393df705841fb7c5.", - "cve": "CVE-2021-37637", - "id": "pyup.io-55817", - "more_info_path": "/vulnerabilities/CVE-2021-37637/55817", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37689: In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. This is caused by the MLIR optimization of 'L2NormalizeReduceAxis' operator. The implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/compiler/mlir/lite/transforms/optimize.cc#L67-L70) unconditionally dereferences a pointer to an iterator to a vector without checking that the vector has elements. The Tensorflow team has patched the issue in GitHub commit d6b57f461b39fd1aa8c1b870f1b974aac3554955.", + "cve": "CVE-2021-37689", + "id": "pyup.io-55812", + "more_info_path": "/vulnerabilities/CVE-2021-37689/55812", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162073,10 +162585,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37648: In affected versions the code for 'tf.raw_ops.SaveV2' does not properly validate the inputs and an attacker can trigger a null pointer dereference. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/save_restore_v2_ops.cc) uses 'ValidateInputs' to check that the input arguments are valid. This validation would have caught the illegal state represented by the reproducer above. However, the validation uses 'OP_REQUIRES' which translates to setting the 'Status' object of the current 'OpKernelContext' to an error status, followed by an empty 'return' statement which just terminates the execution of the function it is present in. However, this does not mean that the kernel execution is finalized: instead, execution continues from the nQext line in 'Compute' that follows the call to 'ValidateInputs'. This is equivalent to lacking the validation. The Tensorflow team has patched the issue in GitHub commit 9728c60e136912a12d99ca56e106b7cce7af5986.", - "cve": "CVE-2021-37648", - "id": "pyup.io-55813", - "more_info_path": "/vulnerabilities/CVE-2021-37648/55813", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37635: In affected versions the implementation of sparse reduction operations in TensorFlow can trigger accesses outside of bounds of heap allocated data. The [implementation](https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_reduce_op.cc#L217-L228) fails to validate that each reduction group does not overflow and that each corresponding index does not point to outside the bounds of the input tensor. The Tensorflow team has patched the issue in GitHub commit 87158f43f05f2720a374f3e6d22a7aaa3a33f750.", + "cve": "CVE-2021-37635", + "id": "pyup.io-55814", + "more_info_path": "/vulnerabilities/CVE-2021-37635/55814", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162086,10 +162598,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37689: In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. This is caused by the MLIR optimization of 'L2NormalizeReduceAxis' operator. The implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/compiler/mlir/lite/transforms/optimize.cc#L67-L70) unconditionally dereferences a pointer to an iterator to a vector without checking that the vector has elements. The Tensorflow team has patched the issue in GitHub commit d6b57f461b39fd1aa8c1b870f1b974aac3554955.", - "cve": "CVE-2021-37689", - "id": "pyup.io-55812", - "more_info_path": "/vulnerabilities/CVE-2021-37689/55812", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37648: In affected versions the code for 'tf.raw_ops.SaveV2' does not properly validate the inputs and an attacker can trigger a null pointer dereference. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/save_restore_v2_ops.cc) uses 'ValidateInputs' to check that the input arguments are valid. This validation would have caught the illegal state represented by the reproducer above. However, the validation uses 'OP_REQUIRES' which translates to setting the 'Status' object of the current 'OpKernelContext' to an error status, followed by an empty 'return' statement which just terminates the execution of the function it is present in. However, this does not mean that the kernel execution is finalized: instead, execution continues from the nQext line in 'Compute' that follows the call to 'ValidateInputs'. This is equivalent to lacking the validation. The Tensorflow team has patched the issue in GitHub commit 9728c60e136912a12d99ca56e106b7cce7af5986.", + "cve": "CVE-2021-37648", + "id": "pyup.io-55813", + "more_info_path": "/vulnerabilities/CVE-2021-37648/55813", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162099,10 +162611,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37683: In affected versions the implementation of division in TFLite is vulnerable to a division by 0 error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/div.cc). There is no check that the divisor tensor does not contain zero elements. The Tensorflow team has patched the issue in GitHub commit 1e206baedf8bef0334cca3eb92bab134ef525a28.", - "cve": "CVE-2021-37683", - "id": "pyup.io-55816", - "more_info_path": "/vulnerabilities/CVE-2021-37683/55816", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37671: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.Map*' and 'tf.raw_ops.OrderedMap*' operations. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/map_stage_op.cc#L222-L248) has a check in place to ensure that 'indices' is in ascending order, but does not check that 'indices' is not empty. The Tensorflow team has patched the issue in GitHub commit 532f5c5a547126c634fefd43bbad1dc6417678ac.", + "cve": "CVE-2021-37671", + "id": "pyup.io-55811", + "more_info_path": "/vulnerabilities/CVE-2021-37671/55811", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162112,10 +162624,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37680: In affected versions the implementation of fully connected layers in TFLite is vulnerable to a division by zero error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/fully_connected.cc#L226). The Tensorflow team has patched the issue in GitHub commit 718721986aa137691ee23f03638867151f74935f.", - "cve": "CVE-2021-37680", - "id": "pyup.io-55818", - "more_info_path": "/vulnerabilities/CVE-2021-37680/55818", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37642: In affected versions the implementation of 'tf.raw_ops.ResourceScatterDiv' is vulnerable to a division by 0 error. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/resource_variable_ops.cc#L865) uses a common class for all binary operations but fails to treat the division by 0 case separately. The Tensorflow team has patched the issue in GitHub commit 4aacb30888638da75023e6601149415b39763d76.", + "cve": "CVE-2021-37642", + "id": "pyup.io-55820", + "more_info_path": "/vulnerabilities/CVE-2021-37642/55820", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162125,10 +162637,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37642: In affected versions the implementation of 'tf.raw_ops.ResourceScatterDiv' is vulnerable to a division by 0 error. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/resource_variable_ops.cc#L865) uses a common class for all binary operations but fails to treat the division by 0 case separately. The Tensorflow team has patched the issue in GitHub commit 4aacb30888638da75023e6601149415b39763d76.", - "cve": "CVE-2021-37642", - "id": "pyup.io-55820", - "more_info_path": "/vulnerabilities/CVE-2021-37642/55820", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37636: In affected versions the implementation of 'tf.raw_ops.SparseDenseCwiseDiv' is vulnerable to a division by 0 error. The implementation (https://github.com/tensorflow/tensorflow/blob/a1bc56203f21a5a4995311825ffaba7a670d7747/tensorflow/core/kernels/sparse_dense_binary_op_shared.cc#L56) uses a common class for all binary operations but fails to treat the division by 0 case separately. The Tensorflow team has patched the issue in GitHub commit d9204be9f49520cdaaeb2541d1dc5187b23f31d9.", + "cve": "CVE-2021-37636", + "id": "pyup.io-55819", + "more_info_path": "/vulnerabilities/CVE-2021-37636/55819", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162138,10 +162650,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37667: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.UnicodeEncode'. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unicode_ops.cc#L533-L539) reads the first dimension of the 'input_splits' tensor before validating that this tensor is not empty. The Tensorflow team has patched the issue in GitHub commit 2e0ee46f1a47675152d3d865797a18358881d7a6.", - "cve": "CVE-2021-37667", - "id": "pyup.io-55815", - "more_info_path": "/vulnerabilities/CVE-2021-37667/55815", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37637: It is possible to trigger a null pointer dereference in TensorFlow by passing an invalid input to `tf.raw_ops.CompressElement`. The [implementation](https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/data/compression_utils.cc#L34) was accessing the size of a buffer obtained from the return of a separate function call before validating that said buffer is valid. The Tensorflow team has patched the issue in GitHub commit 5dc7f6981fdaf74c8c5be41f393df705841fb7c5.", + "cve": "CVE-2021-37637", + "id": "pyup.io-55817", + "more_info_path": "/vulnerabilities/CVE-2021-37637/55817", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162151,10 +162663,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37671: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.Map*' and 'tf.raw_ops.OrderedMap*' operations. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/map_stage_op.cc#L222-L248) has a check in place to ensure that 'indices' is in ascending order, but does not check that 'indices' is not empty. The Tensorflow team has patched the issue in GitHub commit 532f5c5a547126c634fefd43bbad1dc6417678ac.", - "cve": "CVE-2021-37671", - "id": "pyup.io-55811", - "more_info_path": "/vulnerabilities/CVE-2021-37671/55811", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37667: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.UnicodeEncode'. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unicode_ops.cc#L533-L539) reads the first dimension of the 'input_splits' tensor before validating that this tensor is not empty. The Tensorflow team has patched the issue in GitHub commit 2e0ee46f1a47675152d3d865797a18358881d7a6.", + "cve": "CVE-2021-37667", + "id": "pyup.io-55815", + "more_info_path": "/vulnerabilities/CVE-2021-37667/55815", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.4.0rc0,<2.4.3", @@ -162164,10 +162676,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37639: When restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer. Alternatively, attackers can read memory outside the bounds of heap allocated data by providing some tensor names but not enough for a successful restoration. The implementation (https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/save_restore_tensor.cc#L158-L159) retrieves the tensor list corresponding to the 'tensor_name' user controlled input and immediately retrieves the tensor at the restoration index (controlled via 'preferred_shard' argument). This occurs without validating that the provided list has enough values. If the list is empty this results in dereferencing a null pointer (undefined behavior). If, however, the list has some elements and if the restoration index is outside the bounds, this results in heap OOB read. The Tensorflow team has patched the issue in GitHub commit 9e82dce6e6bd1f36a57e08fa85af213e2b2f2622.", - "cve": "CVE-2021-37639", - "id": "pyup.io-55805", - "more_info_path": "/vulnerabilities/CVE-2021-37639/55805", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37664: In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/stats_ops.cc) needs to validate that each value in `stats_summary_indices` is in range. The Tensorflow team has patched the issue in GitHub commit e84c975313e8e8e38bb2ea118196369c45c51378.", + "cve": "CVE-2021-37664", + "id": "pyup.io-55809", + "more_info_path": "/vulnerabilities/CVE-2021-37664/55809", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162177,10 +162689,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37656: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.RaggedTensorToSparse'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/ragged_tensor_to_sparse_kernel.cc#L30) has an incomplete validation of the splits values: it does not check that they are in increasing order. The Tensorflow team has patched the issue in GitHub commit 1071f554dbd09f7e101324d366eec5f4fe5a3ece.", - "cve": "CVE-2021-37656", - "id": "pyup.io-55804", - "more_info_path": "/vulnerabilities/CVE-2021-37656/55804", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37647: When a user does not supply arguments that determine a valid sparse tensor, 'tf.raw_ops.SparseTensorSliceDataset' implementation can be made to dereference a null pointer. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L240-L251) has some argument validation but fails to consider the case when either 'indices' or 'values' are provided for an empty sparse tensor when the other is not. If 'indices' is empty, then code that performs validation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L260-L261) (i.e., checking that the indices are monotonically increasing) results in a null pointer dereference. If 'indices' as provided by the user is empty, then 'indices' in the C++ code above is backed by an empty 'std::vector', hence calling 'indices->dim_size(0)' results in null pointer dereferencing (same as calling 'std::vector::at()' on an empty vector). The Tensorflow team has patched the issue in GitHub commit 02cc160e29d20631de3859c6653184e3f876b9d7.", + "cve": "CVE-2021-37647", + "id": "pyup.io-55810", + "more_info_path": "/vulnerabilities/CVE-2021-37647/55810", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162190,10 +162702,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37658: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type 'tf.raw_ops.MatrixSetDiagV*'. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/linalg/matrix_diag_op.cc) has incomplete validation that the value of 'k' is a valid tensor. We have check that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong. The Tensorflow team has patched the issue in GitHub commit ff8894044dfae5568ecbf2ed514c1a37dc394f1b.", - "cve": "CVE-2021-37658", - "id": "pyup.io-55806", - "more_info_path": "/vulnerabilities/CVE-2021-37658/55806", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37652: In affected versions the implementation for 'tf.raw_ops.BoostedTreesCreateEnsemble' can result in a use after free error if an attacker supplies specially crafted arguments. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/boosted_trees/resource_ops.cc#L55) uses a reference counted resource and decrements the refcount if the initialization fails, as it should. However, when the code was written, the resource was represented as a naked pointer but later refactoring has changed it to be a smart pointer. Thus, when the pointer leaves the scope, a subsequent 'free'-ing of the resource occurs, but this fails to take into account that the refcount has already reached 0, thus the resource has been already freed. During this double-free process, members of the resource object are accessed for cleanup but they are invalid as the entire resource has been freed. The Tensorflow team has patched the issue in GitHub commit 5ecec9c6fbdbc6be03295685190a45e7eee726ab.", + "cve": "CVE-2021-37652", + "id": "pyup.io-55800", + "more_info_path": "/vulnerabilities/CVE-2021-37652/55800", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162203,10 +162715,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37659: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting (e.g., gradients of binary cwise operations). The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/cwise_ops_common.h#L264) assumes that the two inputs have exactly the same number of elements but does not check that. Hence, when the eigen functor executes it triggers heap OOB reads and undefined behavior due to binding to nullptr. We have patched the issue in GitHub commit 93f428fd1768df147171ed674fee1fc5ab8309ec.", - "cve": "CVE-2021-37659", - "id": "pyup.io-55808", - "more_info_path": "/vulnerabilities/CVE-2021-37659/55808", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37639: When restoring tensors via raw APIs, if the tensor name is not provided, TensorFlow can be tricked into dereferencing a null pointer. Alternatively, attackers can read memory outside the bounds of heap allocated data by providing some tensor names but not enough for a successful restoration. The implementation (https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/save_restore_tensor.cc#L158-L159) retrieves the tensor list corresponding to the 'tensor_name' user controlled input and immediately retrieves the tensor at the restoration index (controlled via 'preferred_shard' argument). This occurs without validating that the provided list has enough values. If the list is empty this results in dereferencing a null pointer (undefined behavior). If, however, the list has some elements and if the restoration index is outside the bounds, this results in heap OOB read. The Tensorflow team has patched the issue in GitHub commit 9e82dce6e6bd1f36a57e08fa85af213e2b2f2622.", + "cve": "CVE-2021-37639", + "id": "pyup.io-55805", + "more_info_path": "/vulnerabilities/CVE-2021-37639/55805", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162229,10 +162741,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37654: In affected versions an attacker can trigger a crash via a 'CHECK'-fail in debug builds of TensorFlow using 'tf.raw_ops.ResourceGather' or a read from outside the bounds of heap allocated data in the same API in a release build. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L660-L668) does not check that the 'batch_dims' value that the user supplies is less than the rank of the input tensor. Since the implementation uses several for loops over the dimensions of 'tensor', this results in reading data from outside the bounds of heap allocated buffer backing the tensor. The Tensorflow team has patched the issue in GitHub commit bc9c546ce7015c57c2f15c168b3d9201de679a1d.", - "cve": "CVE-2021-37654", - "id": "pyup.io-55802", - "more_info_path": "/vulnerabilities/CVE-2021-37654/55802", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37658: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all operations of type 'tf.raw_ops.MatrixSetDiagV*'. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/linalg/matrix_diag_op.cc) has incomplete validation that the value of 'k' is a valid tensor. We have check that this value is either a scalar or a vector, but there is no check for the number of elements. If this is an empty tensor, then code that accesses the first element of the tensor is wrong. The Tensorflow team has patched the issue in GitHub commit ff8894044dfae5568ecbf2ed514c1a37dc394f1b.", + "cve": "CVE-2021-37658", + "id": "pyup.io-55806", + "more_info_path": "/vulnerabilities/CVE-2021-37658/55806", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162242,10 +162754,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37638: Sending invalid argument for 'row_partition_types' of 'tf.raw_ops.RaggedTensorToTensor' API results in a null pointer dereference and undefined behavior. The implementation (https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L328) accesses the first element of a user supplied list of values without validating that the provided list is not empty. The Tensorflow team has patched the issue in GitHub commit 301ae88b331d37a2a16159b65b255f4f9eb39314.", - "cve": "CVE-2021-37638", - "id": "pyup.io-55801", - "more_info_path": "/vulnerabilities/CVE-2021-37638/55801", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37649: The code for 'tf.raw_ops.UncompressElement' can be made to trigger a null pointer dereference. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/data/experimental/compression_ops.cc#L50-L53) obtains a pointer to a 'CompressedElement' from a 'Variant' tensor and then proceeds to dereference it for decompressing. There is no check that the 'Variant' tensor contained a 'CompressedElement', so the pointer is actually 'nullptr'. The Tensorflow team has patched the issue in GitHub commit 7bdf50bb4f5c54a4997c379092888546c97c3ebd.", + "cve": "CVE-2021-37649", + "id": "pyup.io-55807", + "more_info_path": "/vulnerabilities/CVE-2021-37649/55807", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162255,10 +162767,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37652: In affected versions the implementation for 'tf.raw_ops.BoostedTreesCreateEnsemble' can result in a use after free error if an attacker supplies specially crafted arguments. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/boosted_trees/resource_ops.cc#L55) uses a reference counted resource and decrements the refcount if the initialization fails, as it should. However, when the code was written, the resource was represented as a naked pointer but later refactoring has changed it to be a smart pointer. Thus, when the pointer leaves the scope, a subsequent 'free'-ing of the resource occurs, but this fails to take into account that the refcount has already reached 0, thus the resource has been already freed. During this double-free process, members of the resource object are accessed for cleanup but they are invalid as the entire resource has been freed. The Tensorflow team has patched the issue in GitHub commit 5ecec9c6fbdbc6be03295685190a45e7eee726ab.", - "cve": "CVE-2021-37652", - "id": "pyup.io-55800", - "more_info_path": "/vulnerabilities/CVE-2021-37652/55800", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37654: In affected versions an attacker can trigger a crash via a 'CHECK'-fail in debug builds of TensorFlow using 'tf.raw_ops.ResourceGather' or a read from outside the bounds of heap allocated data in the same API in a release build. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L660-L668) does not check that the 'batch_dims' value that the user supplies is less than the rank of the input tensor. Since the implementation uses several for loops over the dimensions of 'tensor', this results in reading data from outside the bounds of heap allocated buffer backing the tensor. The Tensorflow team has patched the issue in GitHub commit bc9c546ce7015c57c2f15c168b3d9201de679a1d.", + "cve": "CVE-2021-37654", + "id": "pyup.io-55802", + "more_info_path": "/vulnerabilities/CVE-2021-37654/55802", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162268,10 +162780,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37649: The code for 'tf.raw_ops.UncompressElement' can be made to trigger a null pointer dereference. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/data/experimental/compression_ops.cc#L50-L53) obtains a pointer to a 'CompressedElement' from a 'Variant' tensor and then proceeds to dereference it for decompressing. There is no check that the 'Variant' tensor contained a 'CompressedElement', so the pointer is actually 'nullptr'. The Tensorflow team has patched the issue in GitHub commit 7bdf50bb4f5c54a4997c379092888546c97c3ebd.", - "cve": "CVE-2021-37649", - "id": "pyup.io-55807", - "more_info_path": "/vulnerabilities/CVE-2021-37649/55807", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37638: Sending invalid argument for 'row_partition_types' of 'tf.raw_ops.RaggedTensorToTensor' API results in a null pointer dereference and undefined behavior. The implementation (https://github.com/tensorflow/tensorflow/blob/47a06f40411a69c99f381495f490536972152ac0/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L328) accesses the first element of a user supplied list of values without validating that the provided list is not empty. The Tensorflow team has patched the issue in GitHub commit 301ae88b331d37a2a16159b65b255f4f9eb39314.", + "cve": "CVE-2021-37638", + "id": "pyup.io-55801", + "more_info_path": "/vulnerabilities/CVE-2021-37638/55801", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162281,10 +162793,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37664: In affected versions an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to `BoostedTreesSparseCalculateBestFeatureSplit`. The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/stats_ops.cc) needs to validate that each value in `stats_summary_indices` is in range. The Tensorflow team has patched the issue in GitHub commit e84c975313e8e8e38bb2ea118196369c45c51378.", - "cve": "CVE-2021-37664", - "id": "pyup.io-55809", - "more_info_path": "/vulnerabilities/CVE-2021-37664/55809", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37659: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in all binary cwise operations that don't require broadcasting (e.g., gradients of binary cwise operations). The [implementation](https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/cwise_ops_common.h#L264) assumes that the two inputs have exactly the same number of elements but does not check that. Hence, when the eigen functor executes it triggers heap OOB reads and undefined behavior due to binding to nullptr. We have patched the issue in GitHub commit 93f428fd1768df147171ed674fee1fc5ab8309ec.", + "cve": "CVE-2021-37659", + "id": "pyup.io-55808", + "more_info_path": "/vulnerabilities/CVE-2021-37659/55808", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162294,10 +162806,10 @@ "v": ">=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37647: When a user does not supply arguments that determine a valid sparse tensor, 'tf.raw_ops.SparseTensorSliceDataset' implementation can be made to dereference a null pointer. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L240-L251) has some argument validation but fails to consider the case when either 'indices' or 'values' are provided for an empty sparse tensor when the other is not. If 'indices' is empty, then code that performs validation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/data/sparse_tensor_slice_dataset_op.cc#L260-L261) (i.e., checking that the indices are monotonically increasing) results in a null pointer dereference. If 'indices' as provided by the user is empty, then 'indices' in the C++ code above is backed by an empty 'std::vector', hence calling 'indices->dim_size(0)' results in null pointer dereferencing (same as calling 'std::vector::at()' on an empty vector). The Tensorflow team has patched the issue in GitHub commit 02cc160e29d20631de3859c6653184e3f876b9d7.", - "cve": "CVE-2021-37647", - "id": "pyup.io-55810", - "more_info_path": "/vulnerabilities/CVE-2021-37647/55810", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37656: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.RaggedTensorToSparse'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/ragged_tensor_to_sparse_kernel.cc#L30) has an incomplete validation of the splits values: it does not check that they are in increasing order. The Tensorflow team has patched the issue in GitHub commit 1071f554dbd09f7e101324d366eec5f4fe5a3ece.", + "cve": "CVE-2021-37656", + "id": "pyup.io-55804", + "more_info_path": "/vulnerabilities/CVE-2021-37656/55804", "specs": [ ">=2.3.0rc0,<2.3.4", ">=2.5.0rc0,<2.5.1", @@ -162344,10 +162856,10 @@ "v": ">=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4,>=2.5.0rc0,<2.5.0" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a stack overflow in 'ParseAttrValue' with nested tensors. See CVE-2021-29615.", - "cve": "CVE-2021-29615", - "id": "pyup.io-55796", - "more_info_path": "/vulnerabilities/CVE-2021-29615/55796", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv2DBackpropFilter'. See CVE-2021-29524.", + "cve": "CVE-2021-29524", + "id": "pyup.io-55781", + "more_info_path": "/vulnerabilities/CVE-2021-29524/55781", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162358,10 +162870,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29513: Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++ array (https://github.com/tensorflow/tensorflow/blob/ff70c47a396ef1e3cb73c90513da4f5cb71bebba/tensorflow/python/lib/core/ndarray_tensor.cc#L113-L169) is vulnerable to a type confusion.", - "cve": "CVE-2021-29513", - "id": "pyup.io-55790", - "more_info_path": "/vulnerabilities/CVE-2021-29513/55790", + "advisory": "Tensorflow-cpu 2.5.0, 2.4.2, 2.3.3, 2.2.3 and 2.1.4 include a fix for CVE-2021-29548: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc) does not validate all constraints specified in the op's contract (https://www.tensorflow.org/api_docs/python/tf/raw_ops/QuantizedBatchNormWithGlobalNormalization).", + "cve": "CVE-2021-29548", + "id": "pyup.io-55786", + "more_info_path": "/vulnerabilities/CVE-2021-29548/55786", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162372,10 +162884,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.5.0, 2.4.2, 2.3.3, 2.2.3 and 2.1.4 include a fix for CVE-2021-29548: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc) does not validate all constraints specified in the op's contract (https://www.tensorflow.org/api_docs/python/tf/raw_ops/QuantizedBatchNormWithGlobalNormalization).", - "cve": "CVE-2021-29548", - "id": "pyup.io-55786", - "more_info_path": "/vulnerabilities/CVE-2021-29548/55786", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 includes a fix for CVE-2021-29533: An attacker can trigger a denial of service via a 'CHECK' failure by passing an empty image to 'tf.raw_ops.DrawBoundingBoxes'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/ea34a18dc3f5c8d80a40ccca1404f343b5d55f91/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L148-L165) uses 'CHECK_*' assertions instead of 'OP_REQUIRES' to validate user controlled inputs. Whereas 'OP_REQUIRES' allows returning an error condition back to the user, the 'CHECK_*' macros result in a crash if the condition is false, similar to 'assert'. In this case, 'height' is 0 from the 'images' input. This results in 'max_box_row_clamp' being negative and the assertion being falsified, followed by aborting program execution.", + "cve": "CVE-2021-29533", + "id": "pyup.io-55787", + "more_info_path": "/vulnerabilities/CVE-2021-29533/55787", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162386,10 +162898,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29549: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L289-L295) computes a modulo operation without validating that the divisor is not zero. Since `vector_num_elements` is determined based on input shapes (https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L522-L544), a user can trigger scenarios where this quantity is 0.", - "cve": "CVE-2021-29549", - "id": "pyup.io-55794", - "more_info_path": "/vulnerabilities/CVE-2021-29549/55794", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29539: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.resource` or `tf.variant` results in a segfault in the implementation as code assumes that the tensor contents are pure scalars. We have patched the issue in 4f663d4b8f0bec1b48da6fa091a7d29609980fa4 and will release TensorFlow 2.5.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved. If using `tf.raw_ops.ImmutableConst` in code, you can prevent the segfault by inserting a filter for the `dtype` argument.", + "cve": "CVE-2021-29539", + "id": "pyup.io-55797", + "more_info_path": "/vulnerabilities/CVE-2021-29539/55797", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162400,10 +162912,66 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 includes a fix for CVE-2021-29533: An attacker can trigger a denial of service via a 'CHECK' failure by passing an empty image to 'tf.raw_ops.DrawBoundingBoxes'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/ea34a18dc3f5c8d80a40ccca1404f343b5d55f91/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L148-L165) uses 'CHECK_*' assertions instead of 'OP_REQUIRES' to validate user controlled inputs. Whereas 'OP_REQUIRES' allows returning an error condition back to the user, the 'CHECK_*' macros result in a crash if the condition is false, similar to 'assert'. In this case, 'height' is 0 from the 'images' input. This results in 'max_box_row_clamp' being negative and the assertion being falsified, followed by aborting program execution.", - "cve": "CVE-2021-29533", - "id": "pyup.io-55787", - "more_info_path": "/vulnerabilities/CVE-2021-29533/55787", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29532: An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.RaggedCross`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/efea03b38fb8d3b81762237dc85e579cc5fc6e87/tensorflow/core/kernels/ragged_cross_op.cc#L456-L487) lacks validation for the user supplied arguments. Each of the above branches call a helper function after accessing array elements via a `*_list[next_*]` pattern, followed by incrementing the `next_*` index. However, as there is no validation that the `next_*` values are in the valid range for the corresponding `*_list` arrays, this results in heap OOB reads.", + "cve": "CVE-2021-29532", + "id": "pyup.io-55780", + "more_info_path": "/vulnerabilities/CVE-2021-29532/55780", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.1.0rc0,<2.1.4", + ">=2.2.0rc0,<2.2.3", + ">=2.3.0rc0,<2.3.3", + ">=2.4.0rc0,<2.4.2" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" + }, + { + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix vulnerabilities where session operations in eager mode lead to null pointer dereferences. See CVE-2021-29518.", + "cve": "CVE-2021-29518", + "id": "pyup.io-55782", + "more_info_path": "/vulnerabilities/CVE-2021-29518/55782", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.1.0rc0,<2.1.4", + ">=2.2.0rc0,<2.2.3", + ">=2.3.0rc0,<2.3.3", + ">=2.4.0rc0,<2.4.2" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" + }, + { + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29534: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.SparseConcat'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/b432a38fe0e1b4b904a6c222cbce794c39703e87/tensorflow/core/kernels/sparse_concat_op.cc#L76) takes the values specified in 'shapes[0]' as dimensions for the output shape. The 'TensorShape' constructor (https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L183-L188) uses a 'CHECK' operation which triggers when 'InitDims' (https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L212-L296) returns a non-OK status. This is a legacy implementation of the constructor and operations should use 'BuildTensorShapeBase' or 'AddDimWithStatus' to prevent 'CHECK'-failures in the presence of overflows.", + "cve": "CVE-2021-29534", + "id": "pyup.io-55789", + "more_info_path": "/vulnerabilities/CVE-2021-29534/55789", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.1.0rc0,<2.1.4", + ">=2.2.0rc0,<2.2.3", + ">=2.3.0rc0,<2.3.3", + ">=2.4.0rc0,<2.4.2" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" + }, + { + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29538: An attacker can cause a division by zero to occur in 'Conv2DBackpropFilter'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L513-L522) computes a divisor based on user provided data (i.e., the shape of the tensors given as arguments). If all shapes are empty then 'work_unit_size' is 0. Since there is no check for this case before division, this results in a runtime exception, with potential to be abused for a denial of service.", + "cve": "CVE-2021-29538", + "id": "pyup.io-55793", + "more_info_path": "/vulnerabilities/CVE-2021-29538/55793", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.1.0rc0,<2.1.4", + ">=2.2.0rc0,<2.2.3", + ">=2.3.0rc0,<2.3.3", + ">=2.4.0rc0,<2.4.2" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" + }, + { + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29552: An attacker can cause a denial of service by controlling the values of `num_segments` tensor argument for `UnsortedSegmentJoin`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a2a607db15c7cd01d754d37e5448d72a13491bdb/tensorflow/core/kernels/unsorted_segment_join_op.cc#L92-L93) assumes that the `num_segments` tensor is a valid scalar. Since the tensor is empty the `CHECK` involved in `.scalar()()` that checks that the number of elements is exactly 1 will be invalidated and this would result in process termination.", + "cve": "CVE-2021-29552", + "id": "pyup.io-55785", + "more_info_path": "/vulnerabilities/CVE-2021-29552/55785", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162455,20 +163023,6 @@ ], "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, - { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a heap buffer overflow in 'Conv3DBackprop*'. See CVE-2021-29520.", - "cve": "CVE-2021-29520", - "id": "pyup.io-55788", - "more_info_path": "/vulnerabilities/CVE-2021-29520/55788", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.1.0rc0,<2.1.4", - ">=2.2.0rc0,<2.2.3", - ">=2.3.0rc0,<2.3.3", - ">=2.4.0rc0,<2.4.2" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" - }, { "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv3DBackprop*'. See CVE-2021-29522.", "cve": "CVE-2021-29522", @@ -162483,34 +163037,6 @@ ], "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, - { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix vulnerabilities where session operations in eager mode lead to null pointer dereferences. See CVE-2021-29518.", - "cve": "CVE-2021-29518", - "id": "pyup.io-55782", - "more_info_path": "/vulnerabilities/CVE-2021-29518/55782", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.1.0rc0,<2.1.4", - ">=2.2.0rc0,<2.2.3", - ">=2.3.0rc0,<2.3.3", - ">=2.4.0rc0,<2.4.2" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" - }, - { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29534: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.SparseConcat'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/b432a38fe0e1b4b904a6c222cbce794c39703e87/tensorflow/core/kernels/sparse_concat_op.cc#L76) takes the values specified in 'shapes[0]' as dimensions for the output shape. The 'TensorShape' constructor (https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L183-L188) uses a 'CHECK' operation which triggers when 'InitDims' (https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L212-L296) returns a non-OK status. This is a legacy implementation of the constructor and operations should use 'BuildTensorShapeBase' or 'AddDimWithStatus' to prevent 'CHECK'-failures in the presence of overflows.", - "cve": "CVE-2021-29534", - "id": "pyup.io-55789", - "more_info_path": "/vulnerabilities/CVE-2021-29534/55789", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.1.0rc0,<2.1.4", - ">=2.2.0rc0,<2.2.3", - ">=2.3.0rc0,<2.3.3", - ">=2.4.0rc0,<2.4.2" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" - }, { "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a 'CHECK'-fail in 'tf.raw_ops.EncodePng'. See CVE-2021-29531.", "cve": "CVE-2021-29531", @@ -162554,10 +163080,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29538: An attacker can cause a division by zero to occur in 'Conv2DBackpropFilter'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L513-L522) computes a divisor based on user provided data (i.e., the shape of the tensors given as arguments). If all shapes are empty then 'work_unit_size' is 0. Since there is no check for this case before division, this results in a runtime exception, with potential to be abused for a denial of service.", - "cve": "CVE-2021-29538", - "id": "pyup.io-55793", - "more_info_path": "/vulnerabilities/CVE-2021-29538/55793", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a heap buffer overflow in 'Conv3DBackprop*'. See CVE-2021-29520.", + "cve": "CVE-2021-29520", + "id": "pyup.io-55788", + "more_info_path": "/vulnerabilities/CVE-2021-29520/55788", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162568,10 +163094,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29539: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.ImmutableConst`(https://www.tensorflow.org/api_docs/python/tf/raw_ops/ImmutableConst) with a `dtype` of `tf.resource` or `tf.variant` results in a segfault in the implementation as code assumes that the tensor contents are pure scalars. We have patched the issue in 4f663d4b8f0bec1b48da6fa091a7d29609980fa4 and will release TensorFlow 2.5.0 containing the patch. TensorFlow nightly packages after this commit will also have the issue resolved. If using `tf.raw_ops.ImmutableConst` in code, you can prevent the segfault by inserting a filter for the `dtype` argument.", - "cve": "CVE-2021-29539", - "id": "pyup.io-55797", - "more_info_path": "/vulnerabilities/CVE-2021-29539/55797", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by invalid validation in 'SparseMatrixSparseCholesky'. See CVE-2021-29530.", + "cve": "CVE-2021-29530", + "id": "pyup.io-55776", + "more_info_path": "/vulnerabilities/CVE-2021-29530/55776", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162582,10 +163108,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv2DBackpropFilter'. See CVE-2021-29524.", - "cve": "CVE-2021-29524", - "id": "pyup.io-55781", - "more_info_path": "/vulnerabilities/CVE-2021-29524/55781", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv2DBackpropInput'. See CVE-2021-29525.", + "cve": "CVE-2021-29525", + "id": "pyup.io-55777", + "more_info_path": "/vulnerabilities/CVE-2021-29525/55777", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162596,10 +163122,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29532: An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to `tf.raw_ops.RaggedCross`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/efea03b38fb8d3b81762237dc85e579cc5fc6e87/tensorflow/core/kernels/ragged_cross_op.cc#L456-L487) lacks validation for the user supplied arguments. Each of the above branches call a helper function after accessing array elements via a `*_list[next_*]` pattern, followed by incrementing the `next_*` index. However, as there is no validation that the `next_*` values are in the valid range for the corresponding `*_list` arrays, this results in heap OOB reads.", - "cve": "CVE-2021-29532", - "id": "pyup.io-55780", - "more_info_path": "/vulnerabilities/CVE-2021-29532/55780", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a stack overflow in 'ParseAttrValue' with nested tensors. See CVE-2021-29615.", + "cve": "CVE-2021-29615", + "id": "pyup.io-55796", + "more_info_path": "/vulnerabilities/CVE-2021-29615/55796", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162610,10 +163136,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29552: An attacker can cause a denial of service by controlling the values of `num_segments` tensor argument for `UnsortedSegmentJoin`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/a2a607db15c7cd01d754d37e5448d72a13491bdb/tensorflow/core/kernels/unsorted_segment_join_op.cc#L92-L93) assumes that the `num_segments` tensor is a valid scalar. Since the tensor is empty the `CHECK` involved in `.scalar()()` that checks that the number of elements is exactly 1 will be invalidated and this would result in process termination.", - "cve": "CVE-2021-29552", - "id": "pyup.io-55785", - "more_info_path": "/vulnerabilities/CVE-2021-29552/55785", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29513: Calling TF operations with tensors of non-numeric types when the operations expect numeric tensors result in null pointer dereferences. The conversion from Python array to C++ array (https://github.com/tensorflow/tensorflow/blob/ff70c47a396ef1e3cb73c90513da4f5cb71bebba/tensorflow/python/lib/core/ndarray_tensor.cc#L113-L169) is vulnerable to a type confusion.", + "cve": "CVE-2021-29513", + "id": "pyup.io-55790", + "more_info_path": "/vulnerabilities/CVE-2021-29513/55790", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162624,10 +163150,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by invalid validation in 'SparseMatrixSparseCholesky'. See CVE-2021-29530.", - "cve": "CVE-2021-29530", - "id": "pyup.io-55776", - "more_info_path": "/vulnerabilities/CVE-2021-29530/55776", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29549: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L289-L295) computes a modulo operation without validating that the divisor is not zero. Since `vector_num_elements` is determined based on input shapes (https://github.com/tensorflow/tensorflow/blob/6f26b3f3418201479c264f2a02000880d8df151c/tensorflow/core/kernels/quantized_add_op.cc#L522-L544), a user can trigger scenarios where this quantity is 0.", + "cve": "CVE-2021-29549", + "id": "pyup.io-55794", + "more_info_path": "/vulnerabilities/CVE-2021-29549/55794", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -162638,18 +163164,18 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix a division by 0 in 'Conv2DBackpropInput'. See CVE-2021-29525.", - "cve": "CVE-2021-29525", - "id": "pyup.io-55777", - "more_info_path": "/vulnerabilities/CVE-2021-29525/55777", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a null pointer dereference in 'StringNGrams'. See CVE-2021-29541.", + "cve": "CVE-2021-29541", + "id": "pyup.io-55774", + "more_info_path": "/vulnerabilities/CVE-2021-29541/55774", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", ">=2.2.0rc0,<2.2.3", - ">=2.3.0rc0,<2.3.3", - ">=2.4.0rc0,<2.4.2" + ">=2.4.0rc0,<2.4.2", + ">=2.3.0rc0,<2.3.3" ], - "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2" + "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3" }, { "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29535: An attacker can cause a heap buffer overflow in 'QuantizedMul' by passing in invalid thresholds for the quantization. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/87cf4d3ea9949051e50ca3f071fc909538a51cd0/tensorflow/core/kernels/quantized_mul_op.cc#L287-L290) assumes that the 4 arguments are always valid scalars and tries to access the numeric value directly. However, if any of these tensors is empty, then '.flat()' is an empty buffer and accessing the element at position 0 results in overflow.", @@ -162665,20 +163191,6 @@ ], "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3" }, - { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a null pointer dereference in 'StringNGrams'. See CVE-2021-29541.", - "cve": "CVE-2021-29541", - "id": "pyup.io-55774", - "more_info_path": "/vulnerabilities/CVE-2021-29541/55774", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.1.0rc0,<2.1.4", - ">=2.2.0rc0,<2.2.3", - ">=2.4.0rc0,<2.4.2", - ">=2.3.0rc0,<2.3.3" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3" - }, { "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29536: An attacker can cause a heap buffer overflow in 'QuantizedReshape' by passing in invalid thresholds for the quantization. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/a324ac84e573fba362a5e53d4e74d5de6729933e/tensorflow/core/kernels/quantized_reshape_op.cc#L38-L55) assumes that the 2 arguments are always valid scalars and tries to access the numeric value directly. However, if any of these tensors is empty, then '.flat()' is an empty buffer and accessing the element at position 0 results in overflow.", "cve": "CVE-2021-29536", @@ -162778,10 +163290,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in 'Conv3D'. See CVE-2021-29517.", - "cve": "CVE-2021-29517", - "id": "pyup.io-55767", - "more_info_path": "/vulnerabilities/CVE-2021-29517/55767", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix fixes a null pointer dereference via invalid Ragged Tensors. See CVE-2021-29516.", + "cve": "CVE-2021-29516", + "id": "pyup.io-55766", + "more_info_path": "/vulnerabilities/CVE-2021-29516/55766", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.2.0rc0,<2.2.3", @@ -162792,10 +163304,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 fix fixes a null pointer dereference via invalid Ragged Tensors. See CVE-2021-29516.", - "cve": "CVE-2021-29516", - "id": "pyup.io-55766", - "more_info_path": "/vulnerabilities/CVE-2021-29516/55766", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in 'Conv3D'. See CVE-2021-29517.", + "cve": "CVE-2021-29517", + "id": "pyup.io-55767", + "more_info_path": "/vulnerabilities/CVE-2021-29517/55767", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.2.0rc0,<2.2.3", @@ -162848,10 +163360,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4,>=2.4.0rc0,<2.4.2" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29545: An attacker can trigger a denial of service via a 'CHECK'-fail in converting sparse tensors to CSR Sparse matrices. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/800346f2c03a27e182dd4fba48295f65e7790739/tensorflow/core/kernels/sparse/kernels.cc#L66) does a double redirection to access an element of an array allocated on the heap. If the value at 'indices(i, 0)' is such that 'indices(i, 0) + 1' is outside the bounds of 'csr_row_ptr', this results in writing outside of bounds of heap allocated data.", - "cve": "CVE-2021-29545", - "id": "pyup.io-55761", - "more_info_path": "/vulnerabilities/CVE-2021-29545/55761", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29551: The implementation of 'MatrixTriangularSolve' (https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrix_triangular_solve_op_impl.h#L160-L240) fails to terminate kernel execution if one validation condition fails.", + "cve": "CVE-2021-29551", + "id": "pyup.io-55760", + "more_info_path": "/vulnerabilities/CVE-2021-29551/55760", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.3.0rc0,<2.3.3", @@ -162862,10 +163374,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.4.0rc0,<2.4.2,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29551: The implementation of 'MatrixTriangularSolve' (https://github.com/tensorflow/tensorflow/blob/8cae746d8449c7dda5298327353d68613f16e798/tensorflow/core/kernels/linalg/matrix_triangular_solve_op_impl.h#L160-L240) fails to terminate kernel execution if one validation condition fails.", - "cve": "CVE-2021-29551", - "id": "pyup.io-55760", - "more_info_path": "/vulnerabilities/CVE-2021-29551/55760", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29545: An attacker can trigger a denial of service via a 'CHECK'-fail in converting sparse tensors to CSR Sparse matrices. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/800346f2c03a27e182dd4fba48295f65e7790739/tensorflow/core/kernels/sparse/kernels.cc#L66) does a double redirection to access an element of an array allocated on the heap. If the value at 'indices(i, 0)' is such that 'indices(i, 0) + 1' is outside the bounds of 'csr_row_ptr', this results in writing outside of bounds of heap allocated data.", + "cve": "CVE-2021-29545", + "id": "pyup.io-55761", + "more_info_path": "/vulnerabilities/CVE-2021-29545/55761", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.3.0rc0,<2.3.3", @@ -162946,10 +163458,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'tf.raw_ops.CTCLoss'. See CVE-2021-29613.", - "cve": "CVE-2021-29613", - "id": "pyup.io-55754", - "more_info_path": "/vulnerabilities/CVE-2021-29613/55754", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29556: An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.Reverse`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/36229ea9e9451dac14a8b1f4711c435a1d84a594/tensorflow/core/kernels/reverse_op.cc#L75-L76) performs a division based on the first dimension of the tensor argument.", + "cve": "CVE-2021-29556", + "id": "pyup.io-55753", + "more_info_path": "/vulnerabilities/CVE-2021-29556/55753", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -162960,10 +163472,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29556: An attacker can cause a denial of service via a FPE runtime error in `tf.raw_ops.Reverse`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/36229ea9e9451dac14a8b1f4711c435a1d84a594/tensorflow/core/kernels/reverse_op.cc#L75-L76) performs a division based on the first dimension of the tensor argument.", - "cve": "CVE-2021-29556", - "id": "pyup.io-55753", - "more_info_path": "/vulnerabilities/CVE-2021-29556/55753", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'tf.raw_ops.CTCLoss'. See CVE-2021-29613.", + "cve": "CVE-2021-29613", + "id": "pyup.io-55754", + "more_info_path": "/vulnerabilities/CVE-2021-29613/55754", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163002,10 +163514,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4,>=2.3.0rc0,<2.3.3" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29595: The implementation of the `DepthToSpace` TFLite operator is vulnerable to a division by zero error (https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/depth_to_space.cc#L63-L69). An attacker can craft a model such that `params->block_size` is 0.", - "cve": "CVE-2021-29595", - "id": "pyup.io-55751", - "more_info_path": "/vulnerabilities/CVE-2021-29595/55751", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'QuantizedConv2D'. See CVE-2021-29527.", + "cve": "CVE-2021-29527", + "id": "pyup.io-55750", + "more_info_path": "/vulnerabilities/CVE-2021-29527/55750", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163016,10 +163528,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4,>=2.3.0rc0,<2.3.3" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'QuantizedConv2D'. See CVE-2021-29527.", - "cve": "CVE-2021-29527", - "id": "pyup.io-55750", - "more_info_path": "/vulnerabilities/CVE-2021-29527/55750", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29595: The implementation of the `DepthToSpace` TFLite operator is vulnerable to a division by zero error (https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/depth_to_space.cc#L63-L69). An attacker can craft a model such that `params->block_size` is 0.", + "cve": "CVE-2021-29595", + "id": "pyup.io-55751", + "more_info_path": "/vulnerabilities/CVE-2021-29595/55751", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163072,10 +163584,24 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'SparseMatMul'. See CVE-2021-29557.", - "cve": "CVE-2021-29557", - "id": "pyup.io-55741", - "more_info_path": "/vulnerabilities/CVE-2021-29557/55741", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29514: If the 'splits' argument of 'RaggedBincount' does not specify a valid 'SparseTensor' (https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the 'splits' tensor buffer in the implementation of the 'RaggedBincount' op (https://github.com/tensorflow/tensorflow/blob/8b677d79167799f71c42fd3fa074476e0295413a/tensorflow/core/kernels/bincount_op.cc#L430-L446). Before the 'for' loop, 'batch_idx' is set to 0. The attacker sets 'splits(0)' to be 7, hence the 'while' loop does not execute and 'batch_idx' remains 0. This then results in writing to 'out(-1, bin)', which is before the heap allocated buffer for the output tensor.", + "cve": "CVE-2021-29514", + "id": "pyup.io-55747", + "more_info_path": "/vulnerabilities/CVE-2021-29514/55747", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.4.0rc0,<2.4.2", + ">=2.3.0rc0,<2.3.3", + ">=2.1.0rc0,<2.1.4", + ">=2.2.0rc0,<2.2.3" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" + }, + { + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29589: The reference implementation of the `GatherNd` TFLite operator is vulnerable to a division by zero error (https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/internal/reference/reference_ops.h#L966). An attacker can craft a model such that `params` input would be an empty tensor. In turn, `params_shape.Dims(.)` would be zero, in at least one dimension.", + "cve": "CVE-2021-29589", + "id": "pyup.io-55744", + "more_info_path": "/vulnerabilities/CVE-2021-29589/55744", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163114,10 +163640,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29589: The reference implementation of the `GatherNd` TFLite operator is vulnerable to a division by zero error (https://github.com/tensorflow/tensorflow/blob/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7/tensorflow/lite/kernels/internal/reference/reference_ops.h#L966). An attacker can craft a model such that `params` input would be an empty tensor. In turn, `params_shape.Dims(.)` would be zero, in at least one dimension.", - "cve": "CVE-2021-29589", - "id": "pyup.io-55744", - "more_info_path": "/vulnerabilities/CVE-2021-29589/55744", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB access in unicode ops. See CVE-2021-29559.", + "cve": "CVE-2021-29559", + "id": "pyup.io-55745", + "more_info_path": "/vulnerabilities/CVE-2021-29559/55745", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163128,10 +163654,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB access in unicode ops. See CVE-2021-29559.", - "cve": "CVE-2021-29559", - "id": "pyup.io-55745", - "more_info_path": "/vulnerabilities/CVE-2021-29559/55745", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'SparseMatMul'. See CVE-2021-29557.", + "cve": "CVE-2021-29557", + "id": "pyup.io-55741", + "more_info_path": "/vulnerabilities/CVE-2021-29557/55741", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163142,24 +163668,24 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29514: If the 'splits' argument of 'RaggedBincount' does not specify a valid 'SparseTensor' (https://www.tensorflow.org/api_docs/python/tf/sparse/SparseTensor), then an attacker can trigger a heap buffer overflow. This will cause a read from outside the bounds of the 'splits' tensor buffer in the implementation of the 'RaggedBincount' op (https://github.com/tensorflow/tensorflow/blob/8b677d79167799f71c42fd3fa074476e0295413a/tensorflow/core/kernels/bincount_op.cc#L430-L446). Before the 'for' loop, 'batch_idx' is set to 0. The attacker sets 'splits(0)' to be 7, hence the 'while' loop does not execute and 'batch_idx' remains 0. This then results in writing to 'out(-1, bin)', which is before the heap allocated buffer for the output tensor.", - "cve": "CVE-2021-29514", - "id": "pyup.io-55747", - "more_info_path": "/vulnerabilities/CVE-2021-29514/55747", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix fixes a heap OOB read in TFLite. See CVE-2021-29606.", + "cve": "CVE-2021-29606", + "id": "pyup.io-55690", + "more_info_path": "/vulnerabilities/CVE-2021-29606/55690", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", ">=2.3.0rc0,<2.3.3", - ">=2.1.0rc0,<2.1.4", - ">=2.2.0rc0,<2.2.3" + ">=2.2.0rc0,<2.2.3", + ">=2.1.0rc0,<2.1.4" ], - "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.1.0rc0,<2.1.4,>=2.2.0rc0,<2.2.3" + "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'BatchToSpaceNd'. See CVE-2021-29593.", - "cve": "CVE-2021-29593", - "id": "pyup.io-55706", - "more_info_path": "/vulnerabilities/CVE-2021-29593/55706", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap out of bounds read in 'RequantizationRange'. See CVE-2021-29569.", + "cve": "CVE-2021-29569", + "id": "pyup.io-55722", + "more_info_path": "/vulnerabilities/CVE-2021-29569/55722", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163170,10 +163696,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 update 'curl' to '7.76.0' to handle CVE-2020-8177.", - "cve": "CVE-2020-8177", - "id": "pyup.io-55704", - "more_info_path": "/vulnerabilities/CVE-2020-8177/55704", + "advisory": "Tensorflow-cpu versions 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 update its dependency \"curl\" to handle CVE-2020-8284.", + "cve": "CVE-2020-8284", + "id": "pyup.io-55709", + "more_info_path": "/vulnerabilities/CVE-2020-8284/55709", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163184,10 +163710,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a integer overflow in TFLite concatentation. See CVE-2021-29601.", - "cve": "CVE-2021-29601", - "id": "pyup.io-55725", - "more_info_path": "/vulnerabilities/CVE-2021-29601/55725", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB write in TFLite. See CVE-2021-29603.", + "cve": "CVE-2021-29603", + "id": "pyup.io-55716", + "more_info_path": "/vulnerabilities/CVE-2021-29603/55716", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163198,10 +163724,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29560: An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L219-L222) uses the same index to access two arrays in parallel. Since the user controls the shape of the input arguments, an attacker could trigger a heap OOB access when 'parent_output_index' is shorter than 'row_split'.", - "cve": "CVE-2021-29560", - "id": "pyup.io-55738", - "more_info_path": "/vulnerabilities/CVE-2021-29560/55738", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 update 'curl' to '7.76.0' to handle CVE-2020-8177.", + "cve": "CVE-2020-8177", + "id": "pyup.io-55704", + "more_info_path": "/vulnerabilities/CVE-2020-8177/55704", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163226,10 +163752,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a null pointer dereference in 'EditDistance'. See CVE-2021-29564.", - "cve": "CVE-2021-29564", - "id": "pyup.io-55714", - "more_info_path": "/vulnerabilities/CVE-2021-29564/55714", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29608: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in 'tf.raw_ops.RaggedTensorToTensor', an attacker can exploit an undefined behavior if input arguments are empty. The implementation (https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L356-L360) only checks that one of the tensors is not empty, but does not check for the other ones. There are multiple 'DCHECK' validations to prevent heap OOB, but these are no-op in release builds, hence they don't prevent anything.", + "cve": "CVE-2021-29608", + "id": "pyup.io-55698", + "more_info_path": "/vulnerabilities/CVE-2021-29608/55698", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163240,10 +163766,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29610: The validation in 'tf.raw_ops.QuantizeAndDequantizeV2' allows invalid values for 'axis' argument:. The validation (https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74-L77) uses '||' to mix two different conditions. If 'axis_ < -1' the condition in 'OP_REQUIRES' will still be true, but this value of 'axis_' results in heap underflow. This allows attackers to read/write to other data on the heap.", - "cve": "CVE-2021-29610", - "id": "pyup.io-55739", - "more_info_path": "/vulnerabilities/CVE-2021-29610/55739", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a 'CHECK'-fail due to integer overflow. See CVE-2021-29584.", + "cve": "CVE-2021-29584", + "id": "pyup.io-55686", + "more_info_path": "/vulnerabilities/CVE-2021-29584/55686", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163268,38 +163794,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu versions 2.1.4, 2.2.3, 2.3.3, 2.4.2 and 2.5.0 update its dependency \"curl\" to handle CVE-2020-8284.", - "cve": "CVE-2020-8284", - "id": "pyup.io-55709", - "more_info_path": "/vulnerabilities/CVE-2020-8284/55709", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.4.0rc0,<2.4.2", - ">=2.3.0rc0,<2.3.3", - ">=2.2.0rc0,<2.2.3", - ">=2.1.0rc0,<2.1.4" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" - }, - { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB write in TFLite. See CVE-2021-29603.", - "cve": "CVE-2021-29603", - "id": "pyup.io-55716", - "more_info_path": "/vulnerabilities/CVE-2021-29603/55716", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.4.0rc0,<2.4.2", - ">=2.3.0rc0,<2.3.3", - ">=2.2.0rc0,<2.2.3", - ">=2.1.0rc0,<2.1.4" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" - }, - { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29566: An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to 'tf.raw_ops.Dilation2DBackpropInput'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/afd954e65f15aea4d438d0a219136fc4a63a573d/tensorflow/core/kernels/dilation_ops.cc#L321-L322) does not validate before writing to the output array. The values for 'h_out' and 'w_out' are guaranteed to be in range for 'out_backprop' (as they are loop indices bounded by the size of the array). However, there are no similar guarantees relating 'h_in_max'/'w_in_max' and 'in_backprop'.", - "cve": "CVE-2021-29566", - "id": "pyup.io-55718", - "more_info_path": "/vulnerabilities/CVE-2021-29566/55718", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29571: The implementation of 'tf.raw_ops.MaxPoolGradWithArgmax' can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation (https://github.com/tensorflow/tensorflow/blob/31bd5026304677faa8a0b77602c6154171b9aec1/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L116-L130) assumes that the last element of 'boxes' input is 4, as required by the op (https://www.tensorflow.org/api_docs/python/tf/raw_ops/DrawBoundingBoxesV2). Since this is not checked attackers passing values less than 4 can write outside of bounds of heap allocated objects and cause memory corruption. If the last dimension in 'boxes' is less than 4, accesses similar to 'tboxes(b, bb, 3)' will access data outside of bounds. Further during code execution there are also writes to these indices.", + "cve": "CVE-2021-29571", + "id": "pyup.io-55721", + "more_info_path": "/vulnerabilities/CVE-2021-29571/55721", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163310,10 +163808,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29608: TensorFlow is an end-to-end open source platform for machine learning. Due to lack of validation in 'tf.raw_ops.RaggedTensorToTensor', an attacker can exploit an undefined behavior if input arguments are empty. The implementation (https://github.com/tensorflow/tensorflow/blob/656e7673b14acd7835dc778867f84916c6d1cac2/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L356-L360) only checks that one of the tensors is not empty, but does not check for the other ones. There are multiple 'DCHECK' validations to prevent heap OOB, but these are no-op in release builds, hence they don't prevent anything.", - "cve": "CVE-2021-29608", - "id": "pyup.io-55698", - "more_info_path": "/vulnerabilities/CVE-2021-29608/55698", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'AvgPool3DGrad'. See CVE-2021-29577.", + "cve": "CVE-2021-29577", + "id": "pyup.io-55708", + "more_info_path": "/vulnerabilities/CVE-2021-29577/55708", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163324,10 +163822,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a stack overflow due to looping TFLite subgraph. See CVE-2021-29591.", - "cve": "CVE-2021-29591", - "id": "pyup.io-55687", - "more_info_path": "/vulnerabilities/CVE-2021-29591/55687", + "advisory": "Tensorflow-cpu 2.5.0, 2.4.2, 2.3.3, 2.2.3, and 2.1.4 include a fix for CVE-2021-29572: The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementation (https://github.com/tensorflow/tensorflow/blob/60a45c8b6192a4699f2e2709a2645a751d435cc3/tensorflow/core/kernels/sdca_internal.cc) does not validate that the user supplied arguments satisfy all constraints expected by the op(https://www.tensorflow.org/api_docs/python/tf/raw_ops/SdcaOptimizer).", + "cve": "CVE-2021-29572", + "id": "pyup.io-55723", + "more_info_path": "/vulnerabilities/CVE-2021-29572/55723", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163338,10 +163836,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29583: The implementation of 'tf.raw_ops.FusedBatchNorm' is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The implementation(https://github.com/tensorflow/tensorflow/blob/57d86e0db5d1365f19adcce848dfc1bf89fdd4c7/tensorflow/core/kernels/fused_batch_norm_op.cc) fails to validate that 'scale', 'offset', 'mean' and 'variance' (the last two only when required) all have the same number of elements as the number of channels of 'x'. This results in heap out of bounds reads when the buffers backing these tensors are indexed past their boundary. If the tensors are empty, the validation mentioned in the above paragraph would also trigger and prevent the undefined behavior.", - "cve": "CVE-2021-29583", - "id": "pyup.io-55697", - "more_info_path": "/vulnerabilities/CVE-2021-29583/55697", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a null pointer dereference in 'EditDistance'. See CVE-2021-29564.", + "cve": "CVE-2021-29564", + "id": "pyup.io-55714", + "more_info_path": "/vulnerabilities/CVE-2021-29564/55714", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163352,10 +163850,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseReshape'. See CVE-2021-29611.", - "cve": "CVE-2021-29611", - "id": "pyup.io-55733", - "more_info_path": "/vulnerabilities/CVE-2021-29611/55733", + "advisory": "TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in 'tf.raw_ops.ParameterizedTruncatedNormal'. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3f6fe4dfef6f57e768260b48166c27d148f3015f/tensorflow/core/kernels/parameterized_truncated_normal_op.cc#L630) does not validate input arguments before accessing the first element of 'shape'. If 'shape' argument is empty, then 'shape_tensor.flat()' is an empty array. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.", + "cve": "CVE-2021-29568", + "id": "pyup.io-55720", + "more_info_path": "/vulnerabilities/CVE-2021-29568/55720", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163366,10 +163864,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'QuantizedMul'. See CVE-2021-29528.", - "cve": "CVE-2021-29528", - "id": "pyup.io-55731", - "more_info_path": "/vulnerabilities/CVE-2021-29528/55731", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29587: TensorFlow is an end-to-end open source platform for machine learning. The `Prepare` step of the `SpaceToDepth` TFLite operator does not check for 0 before division (https://github.com/tensorflow/tensorflow/blob/5f7975d09eac0f10ed8a17dbb6f5964977725adc/tensorflow/lite/kernels/space_to_depth.cc#L63-L67). An attacker can craft a model such that `params->block_size` would be zero.", + "cve": "CVE-2021-29587", + "id": "pyup.io-55719", + "more_info_path": "/vulnerabilities/CVE-2021-29587/55719", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163380,10 +163878,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'MaxPool3DGradGrad'. See CVE-2021-29576.", - "cve": "CVE-2021-29576", - "id": "pyup.io-55712", - "more_info_path": "/vulnerabilities/CVE-2021-29576/55712", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29546: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the implementation of the Eigen kernel (https://github.com/tensorflow/tensorflow/blob/61bca8bd5ba8a68b2d97435ddfafcdf2b85672cd/tensorflow/core/kernels/quantization_utils.h#L812-L849) does a division by the number of elements of the smaller input (based on shape) without checking that this is not zero.", + "cve": "CVE-2021-29546", + "id": "pyup.io-55736", + "more_info_path": "/vulnerabilities/CVE-2021-29546/55736", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163449,20 +163947,6 @@ ], "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, - { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix an overflow and a denial of service in 'tf.raw_ops.ReverseSequence'. See CVE-2021-29575.", - "cve": "CVE-2021-29575", - "id": "pyup.io-55688", - "more_info_path": "/vulnerabilities/CVE-2021-29575/55688", - "specs": [ - ">=2.5.0rc0,<2.5.0", - ">=2.4.0rc0,<2.4.2", - ">=2.3.0rc0,<2.3.3", - ">=2.2.0rc0,<2.2.3", - ">=2.1.0rc0,<2.1.4" - ], - "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" - }, { "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a 'CHECK'-fail in 'tf.raw_ops.IRFFT'. See CVE-2021-29562.", "cve": "CVE-2021-29562", @@ -163506,10 +163990,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29546: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger an integer division by zero undefined behavior in `tf.raw_ops.QuantizedBiasAdd`. This is because the implementation of the Eigen kernel (https://github.com/tensorflow/tensorflow/blob/61bca8bd5ba8a68b2d97435ddfafcdf2b85672cd/tensorflow/core/kernels/quantization_utils.h#L812-L849) does a division by the number of elements of the smaller input (based on shape) without checking that this is not zero.", - "cve": "CVE-2021-29546", - "id": "pyup.io-55736", - "more_info_path": "/vulnerabilities/CVE-2021-29546/55736", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB in 'QuantizeAndDequantizeV3'. See CVE-2021-29553.", + "cve": "CVE-2021-29553", + "id": "pyup.io-55732", + "more_info_path": "/vulnerabilities/CVE-2021-29553/55732", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163520,10 +164004,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'AvgPool3DGrad'. See CVE-2021-29577.", - "cve": "CVE-2021-29577", - "id": "pyup.io-55708", - "more_info_path": "/vulnerabilities/CVE-2021-29577/55708", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'OneHot'. See CVE-2021-29600.", + "cve": "CVE-2021-29600", + "id": "pyup.io-55713", + "more_info_path": "/vulnerabilities/CVE-2021-29600/55713", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163534,10 +164018,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB in 'QuantizeAndDequantizeV3'. See CVE-2021-29553.", - "cve": "CVE-2021-29553", - "id": "pyup.io-55732", - "more_info_path": "/vulnerabilities/CVE-2021-29553/55732", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'FractionalAvgPoolGrad'. See CVE-2021-29578.", + "cve": "CVE-2021-29578", + "id": "pyup.io-55701", + "more_info_path": "/vulnerabilities/CVE-2021-29578/55701", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163548,10 +164032,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'OneHot'. See CVE-2021-29600.", - "cve": "CVE-2021-29600", - "id": "pyup.io-55713", - "more_info_path": "/vulnerabilities/CVE-2021-29600/55713", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'DenseCountSparseOutput'. See CVE-2021-29554.", + "cve": "CVE-2021-29554", + "id": "pyup.io-55707", + "more_info_path": "/vulnerabilities/CVE-2021-29554/55707", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163562,10 +164046,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29587: TensorFlow is an end-to-end open source platform for machine learning. The `Prepare` step of the `SpaceToDepth` TFLite operator does not check for 0 before division (https://github.com/tensorflow/tensorflow/blob/5f7975d09eac0f10ed8a17dbb6f5964977725adc/tensorflow/lite/kernels/space_to_depth.cc#L63-L67). An attacker can craft a model such that `params->block_size` would be zero.", - "cve": "CVE-2021-29587", - "id": "pyup.io-55719", - "more_info_path": "/vulnerabilities/CVE-2021-29587/55719", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29616: The implementation of TrySimplify (https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc#L390-L401) has undefined behavior due to dereferencing a null pointer in corner cases that result in optimizing a node with no inputs.", + "cve": "CVE-2021-29616", + "id": "pyup.io-55696", + "more_info_path": "/vulnerabilities/CVE-2021-29616/55696", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163576,10 +164060,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29616: The implementation of TrySimplify (https://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/grappler/optimizers/arithmetic_optimizer.cc#L390-L401) has undefined behavior due to dereferencing a null pointer in corner cases that result in optimizing a node with no inputs.", - "cve": "CVE-2021-29616", - "id": "pyup.io-55696", - "more_info_path": "/vulnerabilities/CVE-2021-29616/55696", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'BatchToSpaceNd'. See CVE-2021-29593.", + "cve": "CVE-2021-29593", + "id": "pyup.io-55706", + "more_info_path": "/vulnerabilities/CVE-2021-29593/55706", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163590,10 +164074,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'FractionalAvgPoolGrad'. See CVE-2021-29578.", - "cve": "CVE-2021-29578", - "id": "pyup.io-55701", - "more_info_path": "/vulnerabilities/CVE-2021-29578/55701", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29560: An attacker can cause a heap buffer overflow in `tf.raw_ops.RaggedTensorToTensor`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/d94227d43aa125ad8b54115c03cece54f6a1977b/tensorflow/core/kernels/ragged_tensor_to_tensor_op.cc#L219-L222) uses the same index to access two arrays in parallel. Since the user controls the shape of the input arguments, an attacker could trigger a heap OOB access when 'parent_output_index' is shorter than 'row_split'.", + "cve": "CVE-2021-29560", + "id": "pyup.io-55738", + "more_info_path": "/vulnerabilities/CVE-2021-29560/55738", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163604,10 +164088,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29571: The implementation of 'tf.raw_ops.MaxPoolGradWithArgmax' can cause reads outside of bounds of heap allocated data if attacker supplies specially crafted inputs. The implementation (https://github.com/tensorflow/tensorflow/blob/31bd5026304677faa8a0b77602c6154171b9aec1/tensorflow/core/kernels/image/draw_bounding_box_op.cc#L116-L130) assumes that the last element of 'boxes' input is 4, as required by the op (https://www.tensorflow.org/api_docs/python/tf/raw_ops/DrawBoundingBoxesV2). Since this is not checked attackers passing values less than 4 can write outside of bounds of heap allocated objects and cause memory corruption. If the last dimension in 'boxes' is less than 4, accesses similar to 'tboxes(b, bb, 3)' will access data outside of bounds. Further during code execution there are also writes to these indices.", - "cve": "CVE-2021-29571", - "id": "pyup.io-55721", - "more_info_path": "/vulnerabilities/CVE-2021-29571/55721", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'QuantizedMul'. See CVE-2021-29528.", + "cve": "CVE-2021-29528", + "id": "pyup.io-55731", + "more_info_path": "/vulnerabilities/CVE-2021-29528/55731", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163618,10 +164102,38 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by 0 in 'DenseCountSparseOutput'. See CVE-2021-29554.", - "cve": "CVE-2021-29554", - "id": "pyup.io-55707", - "more_info_path": "/vulnerabilities/CVE-2021-29554/55707", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a stack overflow due to looping TFLite subgraph. See CVE-2021-29591.", + "cve": "CVE-2021-29591", + "id": "pyup.io-55687", + "more_info_path": "/vulnerabilities/CVE-2021-29591/55687", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.4.0rc0,<2.4.2", + ">=2.3.0rc0,<2.3.3", + ">=2.2.0rc0,<2.2.3", + ">=2.1.0rc0,<2.1.4" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" + }, + { + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseReshape'. See CVE-2021-29611.", + "cve": "CVE-2021-29611", + "id": "pyup.io-55733", + "more_info_path": "/vulnerabilities/CVE-2021-29611/55733", + "specs": [ + ">=2.5.0rc0,<2.5.0", + ">=2.4.0rc0,<2.4.2", + ">=2.3.0rc0,<2.3.3", + ">=2.2.0rc0,<2.2.3", + ">=2.1.0rc0,<2.1.4" + ], + "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" + }, + { + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29550: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L85-L89) computes a divisor quantity by dividing two user controlled values. The user controls the values of `input_size[i]` and `pooling_ratio_[i]` (via the `value.shape()` and `pooling_ratio` arguments). If the value in `input_size[i]` is smaller than the `pooling_ratio_[i]`, then the floor operation results in `output_size[i]` being 0. The `DCHECK_GT` line is a no-op outside of debug mode, so in released versions of TF this does not trigger. Later, these computed values are used as arguments (https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L96-L99) to `GeneratePoolingSequence`(https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_pool_common.cc#L100-L108). There, the first computation is a division in a modulo operation. Since `output_length` can be 0, this results in runtime crashing.", + "cve": "CVE-2021-29550", + "id": "pyup.io-55735", + "more_info_path": "/vulnerabilities/CVE-2021-29550/55735", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163646,10 +164158,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'SpaceToBatchNd'. See CVE-2021-29597.", - "cve": "CVE-2021-29597", - "id": "pyup.io-55692", - "more_info_path": "/vulnerabilities/CVE-2021-29597/55692", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29563: An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination.", + "cve": "CVE-2021-29563", + "id": "pyup.io-55730", + "more_info_path": "/vulnerabilities/CVE-2021-29563/55730", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163660,10 +164172,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB read in TFLite's implementation of 'Minimum' or 'Maximum'. See CVE-2021-29590.", - "cve": "CVE-2021-29590", - "id": "pyup.io-55728", - "more_info_path": "/vulnerabilities/CVE-2021-29590/55728", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29583: The implementation of 'tf.raw_ops.FusedBatchNorm' is vulnerable to a heap buffer overflow. If the tensors are empty, the same implementation can trigger undefined behavior by dereferencing null pointers. The implementation(https://github.com/tensorflow/tensorflow/blob/57d86e0db5d1365f19adcce848dfc1bf89fdd4c7/tensorflow/core/kernels/fused_batch_norm_op.cc) fails to validate that 'scale', 'offset', 'mean' and 'variance' (the last two only when required) all have the same number of elements as the number of channels of 'x'. This results in heap out of bounds reads when the buffers backing these tensors are indexed past their boundary. If the tensors are empty, the validation mentioned in the above paragraph would also trigger and prevent the undefined behavior.", + "cve": "CVE-2021-29583", + "id": "pyup.io-55697", + "more_info_path": "/vulnerabilities/CVE-2021-29583/55697", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163674,10 +164186,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29547: An attacker can cause a segfault and denial of service via accessing data outside of bounds in 'tf.raw_ops.QuantizedBatchNormWithGlobalNormalization'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc#L176-L189) assumes the inputs are not empty. If any of these inputs is empty, '.flat()' is an empty buffer, so accessing the element at index 0 is accessing data outside of bounds.", - "cve": "CVE-2021-29547", - "id": "pyup.io-55715", - "more_info_path": "/vulnerabilities/CVE-2021-29547/55715", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in TFLite's implementation of 'SpaceToBatchNd'. See CVE-2021-29597.", + "cve": "CVE-2021-29597", + "id": "pyup.io-55692", + "more_info_path": "/vulnerabilities/CVE-2021-29597/55692", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163688,10 +164200,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix fixes a heap OOB read in TFLite. See CVE-2021-29606.", - "cve": "CVE-2021-29606", - "id": "pyup.io-55690", - "more_info_path": "/vulnerabilities/CVE-2021-29606/55690", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap OOB read in TFLite's implementation of 'Minimum' or 'Maximum'. See CVE-2021-29590.", + "cve": "CVE-2021-29590", + "id": "pyup.io-55728", + "more_info_path": "/vulnerabilities/CVE-2021-29590/55728", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163702,10 +164214,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29550: An attacker can cause a runtime division by zero error and denial of service in `tf.raw_ops.FractionalAvgPool`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L85-L89) computes a divisor quantity by dividing two user controlled values. The user controls the values of `input_size[i]` and `pooling_ratio_[i]` (via the `value.shape()` and `pooling_ratio` arguments). If the value in `input_size[i]` is smaller than the `pooling_ratio_[i]`, then the floor operation results in `output_size[i]` being 0. The `DCHECK_GT` line is a no-op outside of debug mode, so in released versions of TF this does not trigger. Later, these computed values are used as arguments (https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_avg_pool_op.cc#L96-L99) to `GeneratePoolingSequence`(https://github.com/tensorflow/tensorflow/blob/acc8ee69f5f46f92a3f1f11230f49c6ac266f10c/tensorflow/core/kernels/fractional_pool_common.cc#L100-L108). There, the first computation is a division in a modulo operation. Since `output_length` can be 0, this results in runtime crashing.", - "cve": "CVE-2021-29550", - "id": "pyup.io-55735", - "more_info_path": "/vulnerabilities/CVE-2021-29550/55735", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29547: An attacker can cause a segfault and denial of service via accessing data outside of bounds in 'tf.raw_ops.QuantizedBatchNormWithGlobalNormalization'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/55a97caa9e99c7f37a0bbbeb414dc55553d3ae7f/tensorflow/core/kernels/quantized_batch_norm_op.cc#L176-L189) assumes the inputs are not empty. If any of these inputs is empty, '.flat()' is an empty buffer, so accessing the element at index 0 is accessing data outside of bounds.", + "cve": "CVE-2021-29547", + "id": "pyup.io-55715", + "more_info_path": "/vulnerabilities/CVE-2021-29547/55715", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163716,10 +164228,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a 'CHECK'-fail due to integer overflow. See CVE-2021-29584.", - "cve": "CVE-2021-29584", - "id": "pyup.io-55686", - "more_info_path": "/vulnerabilities/CVE-2021-29584/55686", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap buffer overflow in 'MaxPool3DGradGrad'. See CVE-2021-29576.", + "cve": "CVE-2021-29576", + "id": "pyup.io-55712", + "more_info_path": "/vulnerabilities/CVE-2021-29576/55712", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163730,10 +164242,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu versions 2.5.0, 2.4.2, 2.3.3, 2.2.3 and 2.1.4 updates its dependency \"curl\" to a secure version (7.76.0).", - "cve": "CVE-2020-8285", - "id": "pyup.io-55724", - "more_info_path": "/vulnerabilities/CVE-2020-8285/55724", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix an overflow and a denial of service in 'tf.raw_ops.ReverseSequence'. See CVE-2021-29575.", + "cve": "CVE-2021-29575", + "id": "pyup.io-55688", + "more_info_path": "/vulnerabilities/CVE-2021-29575/55688", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163744,10 +164256,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseAdd'. See CVE-2021-29609.", - "cve": "CVE-2021-29609", - "id": "pyup.io-55699", - "more_info_path": "/vulnerabilities/CVE-2021-29609/55699", + "advisory": "Tensorflow-cpu versions 2.5.0, 2.4.2, 2.3.3, 2.2.3 and 2.1.4 updates its dependency \"curl\" to a secure version (7.76.0).", + "cve": "CVE-2020-8285", + "id": "pyup.io-55724", + "more_info_path": "/vulnerabilities/CVE-2020-8285/55724", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163758,10 +164270,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.5.0, 2.4.2, 2.3.3, 2.2.3, and 2.1.4 include a fix for CVE-2021-29572: The implementation of `tf.raw_ops.SdcaOptimizer` triggers undefined behavior due to dereferencing a null pointer. The implementation (https://github.com/tensorflow/tensorflow/blob/60a45c8b6192a4699f2e2709a2645a751d435cc3/tensorflow/core/kernels/sdca_internal.cc) does not validate that the user supplied arguments satisfy all constraints expected by the op(https://www.tensorflow.org/api_docs/python/tf/raw_ops/SdcaOptimizer).", - "cve": "CVE-2021-29572", - "id": "pyup.io-55723", - "more_info_path": "/vulnerabilities/CVE-2021-29572/55723", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix vulnerabilities caused by incomplete validation in 'SparseAdd'. See CVE-2021-29609.", + "cve": "CVE-2021-29609", + "id": "pyup.io-55699", + "more_info_path": "/vulnerabilities/CVE-2021-29609/55699", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163814,10 +164326,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29563: An attacker can cause a denial of service by exploiting a `CHECK`-failure coming from the implementation of `tf.raw_ops.RFFT`. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination.", - "cve": "CVE-2021-29563", - "id": "pyup.io-55730", - "more_info_path": "/vulnerabilities/CVE-2021-29563/55730", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 update its dependency \"curl\" to v7.76.0 to include security fixes.", + "cve": "CVE-2020-8231", + "id": "pyup.io-55703", + "more_info_path": "/vulnerabilities/CVE-2020-8231/55703", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163828,10 +164340,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 update its dependency \"curl\" to v7.76.0 to include security fixes.", - "cve": "CVE-2020-8231", - "id": "pyup.io-55703", - "more_info_path": "/vulnerabilities/CVE-2020-8231/55703", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29610: The validation in 'tf.raw_ops.QuantizeAndDequantizeV2' allows invalid values for 'axis' argument:. The validation (https://github.com/tensorflow/tensorflow/blob/eccb7ec454e6617738554a255d77f08e60ee0808/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L74-L77) uses '||' to mix two different conditions. If 'axis_ < -1' the condition in 'OP_REQUIRES' will still be true, but this value of 'axis_' results in heap underflow. This allows attackers to read/write to other data on the heap.", + "cve": "CVE-2021-29610", + "id": "pyup.io-55739", + "more_info_path": "/vulnerabilities/CVE-2021-29610/55739", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163842,10 +164354,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a heap out of bounds read in 'RequantizationRange'. See CVE-2021-29569.", - "cve": "CVE-2021-29569", - "id": "pyup.io-55722", - "more_info_path": "/vulnerabilities/CVE-2021-29569/55722", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29618: Passing a complex argument to `tf.transpose` at the same time as passing 'conjugate=True' argument results in a crash.", + "cve": "CVE-2021-29618", + "id": "pyup.io-55737", + "more_info_path": "/vulnerabilities/CVE-2021-29618/55737", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163856,10 +164368,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29618: Passing a complex argument to `tf.transpose` at the same time as passing 'conjugate=True' argument results in a crash.", - "cve": "CVE-2021-29618", - "id": "pyup.io-55737", - "more_info_path": "/vulnerabilities/CVE-2021-29618/55737", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a integer overflow in TFLite concatentation. See CVE-2021-29601.", + "cve": "CVE-2021-29601", + "id": "pyup.io-55725", + "more_info_path": "/vulnerabilities/CVE-2021-29601/55725", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163884,10 +164396,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger undefined behavior by binding to null pointer in 'tf.raw_ops.ParameterizedTruncatedNormal'. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3f6fe4dfef6f57e768260b48166c27d148f3015f/tensorflow/core/kernels/parameterized_truncated_normal_op.cc#L630) does not validate input arguments before accessing the first element of 'shape'. If 'shape' argument is empty, then 'shape_tensor.flat()' is an empty array. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.", - "cve": "CVE-2021-29568", - "id": "pyup.io-55720", - "more_info_path": "/vulnerabilities/CVE-2021-29568/55720", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in optimized pooling implementations in TFLite. See CVE-2021-29586.", + "cve": "CVE-2021-29586", + "id": "pyup.io-55727", + "more_info_path": "/vulnerabilities/CVE-2021-29586/55727", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163898,10 +164410,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 fix a division by zero in optimized pooling implementations in TFLite. See CVE-2021-29586.", - "cve": "CVE-2021-29586", - "id": "pyup.io-55727", - "more_info_path": "/vulnerabilities/CVE-2021-29586/55727", + "advisory": "Tensorflow-cpu 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29566: An attacker can write outside the bounds of heap allocated arrays by passing invalid arguments to 'tf.raw_ops.Dilation2DBackpropInput'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/afd954e65f15aea4d438d0a219136fc4a63a573d/tensorflow/core/kernels/dilation_ops.cc#L321-L322) does not validate before writing to the output array. The values for 'h_out' and 'w_out' are guaranteed to be in range for 'out_backprop' (as they are loop indices bounded by the size of the array). However, there are no similar guarantees relating 'h_in_max'/'w_in_max' and 'in_backprop'.", + "cve": "CVE-2021-29566", + "id": "pyup.io-55718", + "more_info_path": "/vulnerabilities/CVE-2021-29566/55718", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.4.0rc0,<2.4.2", @@ -163912,10 +164424,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.4.0rc0,<2.4.2,>=2.3.0rc0,<2.3.3,>=2.2.0rc0,<2.2.3,>=2.1.0rc0,<2.1.4" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37688: In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The [implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/internal/optimized/optimized_ops.h#L268-L285) unconditionally dereferences a pointer. The Tensorflow team has patched the issue in GitHub commit 15691e456c7dc9bd6be203b09765b063bf4a380c.", - "cve": "CVE-2021-37688", - "id": "pyup.io-55683", - "more_info_path": "/vulnerabilities/CVE-2021-37688/55683", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37645: In affected versions the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L126) uses the `axis` value as the size argument to `absl::InlinedVector` constructor. But, the constructor uses an unsigned type for the argument, so the implicit conversion transforms the negative value to a large integer. The Tensorflow team has patched the issue in GitHub commit 96f364a1ca3009f98980021c4b32be5fdcca33a1.", + "cve": "CVE-2021-37645", + "id": "pyup.io-55684", + "more_info_path": "/vulnerabilities/CVE-2021-37645/55684", "specs": [ ">=2.5.0rc0,<2.5.1", ">=2.4.0rc0,<2.4.3", @@ -163925,10 +164437,10 @@ "v": ">=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4,>=2.6.0rc0,<2.6.0" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37645: In affected versions the implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on this value. The [implementation](https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L126) uses the `axis` value as the size argument to `absl::InlinedVector` constructor. But, the constructor uses an unsigned type for the argument, so the implicit conversion transforms the negative value to a large integer. The Tensorflow team has patched the issue in GitHub commit 96f364a1ca3009f98980021c4b32be5fdcca33a1.", - "cve": "CVE-2021-37645", - "id": "pyup.io-55684", - "more_info_path": "/vulnerabilities/CVE-2021-37645/55684", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37688: In affected versions an attacker can craft a TFLite model that would trigger a null pointer dereference, which would result in a crash and denial of service. The [implementation](https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/internal/optimized/optimized_ops.h#L268-L285) unconditionally dereferences a pointer. The Tensorflow team has patched the issue in GitHub commit 15691e456c7dc9bd6be203b09765b063bf4a380c.", + "cve": "CVE-2021-37688", + "id": "pyup.io-55683", + "more_info_path": "/vulnerabilities/CVE-2021-37688/55683", "specs": [ ">=2.5.0rc0,<2.5.1", ">=2.4.0rc0,<2.4.3", @@ -163986,10 +164498,10 @@ "v": ">=2.6.0a1,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37663:\nIn affected versions, due to incomplete validation in \"tf.raw_ops.QuantizeV2\", an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/quantize_op.cc#L59) has some validation but does not check that \"min_range\" and \"max_range\" both have the same non-zero number of elements. If \"axis\" is provided (i.e., not \"-1\"), then validation should check that it is a value in range for the rank of \"input\" tensor and then the lengths of \"min_range\" and \"max_range\" inputs match the \"axis\" dimension of the \"input\" tensor. The Tensorflow team has patched the issue in GitHub commit 6da6620efad397c85493b8f8667b821403516708. \nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j\nhttps://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708", - "cve": "CVE-2021-37663", - "id": "pyup.io-55671", - "more_info_path": "/vulnerabilities/CVE-2021-37663/55671", + "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37665:\nIn affected versions, due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantization_range_per_channel_op.cc) does not validate the dimensions of the \"input\" tensor. A similar issue occurs in \"MklRequantizePerChannelOp\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantize_per_channel_op.cc) does not perform full validation for all the input arguments. The Tensorflow team has patched the issue in GitHub commit 9e62869465573cb2d9b5053f1fa02a81fce21d69 and in the Github commit 203214568f5bc237603dbab6e1fd389f1572f5c9.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v82p-hv3v-p6qp\nhttps://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9\nhttps://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69", + "cve": "CVE-2021-37665", + "id": "pyup.io-55674", + "more_info_path": "/vulnerabilities/CVE-2021-37665/55674", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -163999,10 +164511,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37660: In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/inplace_ops.cc#L283) has a logic error: it should skip processing if 'x' and 'v' are empty but the code uses '||' instead of '&&'. The Tensorflow team has patched the issue in GitHub commit e86605c0a336c088b638da02135ea6f9f6753618.", - "cve": "CVE-2021-37660", - "id": "pyup.io-55679", - "more_info_path": "/vulnerabilities/CVE-2021-37660/55679", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37661: In affected versions an attacker can cause a denial of service in 'boosted_trees_create_quantile_stream_resource' by using negative arguments. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/quantile_ops.cc#L96) does not validate that 'num_streams' only contains non-negative numbers. In turn, this results in using this value to allocate memory (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/quantiles/quantile_stream_resource.h#L31-L40). However, 'reserve' receives an unsigned integer so there is an implicit conversion from a negative value to a large positive unsigned. This results in a crash from the standard library. The Tensorflow team has patched the issue in GitHub commit 8a84f7a2b5a2b27ecf88d25bad9ac777cd2f7992.", + "cve": "CVE-2021-37661", + "id": "pyup.io-55673", + "more_info_path": "/vulnerabilities/CVE-2021-37661/55673", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -164012,10 +164524,23 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37675: In affected versions most implementations of convolution operators in TensorFlow are affected by a division by 0 vulnerability where an attacker can trigger a denial of service via a crash. The shape inference implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/framework/common_shape_fns.cc#L577) is missing several validations before doing divisions and modulo operations. The Tensorflow team has patched the issue in GitHub commit 8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4.", - "cve": "CVE-2021-37675", - "id": "pyup.io-55675", - "more_info_path": "/vulnerabilities/CVE-2021-37675/55675", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37685: In affected versions TFLite's 'expand_dims.cc' (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50) contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If 'axis' is a large negative value (e.g., '-100000'), then after the first 'if' it would still be negative. The check following the 'if' statement will pass and the 'for' loop would read one element before the start of 'input_dims.data' (when 'i = 0'). The Tensorflow team has patched the issue in GitHub commit d94ffe08a65400f898241c0374e9edc6fa8ed257.", + "cve": "CVE-2021-37685", + "id": "pyup.io-55672", + "more_info_path": "/vulnerabilities/CVE-2021-37685/55672", + "specs": [ + ">=2.6.0rc0,<2.6.0", + ">=2.3.0rc0,<2.3.4", + ">=2.4.0rc0,<2.4.3", + ">=2.5.0rc0,<2.5.1" + ], + "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" + }, + { + "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37668:\nIn affected versions, an attacker can cause denial of service in applications serving models using \"tf.raw_ops.UnravelIndex\" by triggering a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unravel_index_op.cc#L36) does not check that the tensor subsumed by \"dims\" is not empty. Hence, if one element of \"dims\" is 0, the implementation does a division by 0. The Tensorflow team has patched the issue in GitHub commit a776040a5e7ebf76eeb7eb923bf1ae417dd4d233.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2wmv-37vq-52g5\nhttps://github.com/tensorflow/tensorflow/commit/a776040a5e7ebf76eeb7eb923bf1ae417dd4d233", + "cve": "CVE-2021-37668", + "id": "pyup.io-55670", + "more_info_path": "/vulnerabilities/CVE-2021-37668/55670", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -164051,10 +164576,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37665:\nIn affected versions, due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantization_range_per_channel_op.cc) does not validate the dimensions of the \"input\" tensor. A similar issue occurs in \"MklRequantizePerChannelOp\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/mkl/mkl_requantize_per_channel_op.cc) does not perform full validation for all the input arguments. The Tensorflow team has patched the issue in GitHub commit 9e62869465573cb2d9b5053f1fa02a81fce21d69 and in the Github commit 203214568f5bc237603dbab6e1fd389f1572f5c9.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v82p-hv3v-p6qp\nhttps://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9\nhttps://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69", - "cve": "CVE-2021-37665", - "id": "pyup.io-55674", - "more_info_path": "/vulnerabilities/CVE-2021-37665/55674", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37675: In affected versions most implementations of convolution operators in TensorFlow are affected by a division by 0 vulnerability where an attacker can trigger a denial of service via a crash. The shape inference implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/framework/common_shape_fns.cc#L577) is missing several validations before doing divisions and modulo operations. The Tensorflow team has patched the issue in GitHub commit 8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4.", + "cve": "CVE-2021-37675", + "id": "pyup.io-55675", + "more_info_path": "/vulnerabilities/CVE-2021-37675/55675", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -164064,10 +164589,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37668:\nIn affected versions, an attacker can cause denial of service in applications serving models using \"tf.raw_ops.UnravelIndex\" by triggering a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/unravel_index_op.cc#L36) does not check that the tensor subsumed by \"dims\" is not empty. Hence, if one element of \"dims\" is 0, the implementation does a division by 0. The Tensorflow team has patched the issue in GitHub commit a776040a5e7ebf76eeb7eb923bf1ae417dd4d233.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2wmv-37vq-52g5\nhttps://github.com/tensorflow/tensorflow/commit/a776040a5e7ebf76eeb7eb923bf1ae417dd4d233", - "cve": "CVE-2021-37668", - "id": "pyup.io-55670", - "more_info_path": "/vulnerabilities/CVE-2021-37668/55670", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37687: In affected versions TFLite's 'GatherNd' implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124) does not support negative indices but there are no checks for this situation. Hence, an attacker can read arbitrary data from the heap by carefully crafting a model with negative values in 'indices'. Similar issue exists in 'Gather' implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather.cc). The Tensorflow team has patched the issue in GitHub commits bb6a0383ed553c286f87ca88c207f6774d5c4a8f and eb921122119a6b6e470ee98b89e65d721663179d.", + "cve": "CVE-2021-37687", + "id": "pyup.io-55676", + "more_info_path": "/vulnerabilities/CVE-2021-37687/55676", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -164077,10 +164602,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37661: In affected versions an attacker can cause a denial of service in 'boosted_trees_create_quantile_stream_resource' by using negative arguments. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/quantile_ops.cc#L96) does not validate that 'num_streams' only contains non-negative numbers. In turn, this results in using this value to allocate memory (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/boosted_trees/quantiles/quantile_stream_resource.h#L31-L40). However, 'reserve' receives an unsigned integer so there is an implicit conversion from a negative value to a large positive unsigned. This results in a crash from the standard library. The Tensorflow team has patched the issue in GitHub commit 8a84f7a2b5a2b27ecf88d25bad9ac777cd2f7992.", - "cve": "CVE-2021-37661", - "id": "pyup.io-55673", - "more_info_path": "/vulnerabilities/CVE-2021-37661/55673", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37660: In affected versions an attacker can cause a floating point exception by calling inplace operations with crafted arguments that would result in a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/inplace_ops.cc#L283) has a logic error: it should skip processing if 'x' and 'v' are empty but the code uses '||' instead of '&&'. The Tensorflow team has patched the issue in GitHub commit e86605c0a336c088b638da02135ea6f9f6753618.", + "cve": "CVE-2021-37660", + "id": "pyup.io-55679", + "more_info_path": "/vulnerabilities/CVE-2021-37660/55679", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -164090,10 +164615,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37687: In affected versions TFLite's 'GatherNd' implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather_nd.cc#L124) does not support negative indices but there are no checks for this situation. Hence, an attacker can read arbitrary data from the heap by carefully crafting a model with negative values in 'indices'. Similar issue exists in 'Gather' implementation (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/gather.cc). The Tensorflow team has patched the issue in GitHub commits bb6a0383ed553c286f87ca88c207f6774d5c4a8f and eb921122119a6b6e470ee98b89e65d721663179d.", - "cve": "CVE-2021-37687", - "id": "pyup.io-55676", - "more_info_path": "/vulnerabilities/CVE-2021-37687/55676", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37653: In affected versions an attacker can trigger a crash via a floating point exception in 'tf.raw_ops.ResourceGather'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L725-L731) computes the value of a value, 'batch_size', and then divides by it without checking that this value is not 0. The Tensorflow team has patched the issue in GitHub commit ac117ee8a8ea57b73d34665cdf00ef3303bc0b11.", + "cve": "CVE-2021-37653", + "id": "pyup.io-55678", + "more_info_path": "/vulnerabilities/CVE-2021-37653/55678", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -164103,10 +164628,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37653: In affected versions an attacker can trigger a crash via a floating point exception in 'tf.raw_ops.ResourceGather'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L725-L731) computes the value of a value, 'batch_size', and then divides by it without checking that this value is not 0. The Tensorflow team has patched the issue in GitHub commit ac117ee8a8ea57b73d34665cdf00ef3303bc0b11.", - "cve": "CVE-2021-37653", - "id": "pyup.io-55678", - "more_info_path": "/vulnerabilities/CVE-2021-37653/55678", + "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37663:\nIn affected versions, due to incomplete validation in \"tf.raw_ops.QuantizeV2\", an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap allocated arrays. The implementation (https://github.com/tensorflow/tensorflow/blob/84d053187cb80d975ef2b9684d4b61981bca0c41/tensorflow/core/kernels/quantize_op.cc#L59) has some validation but does not check that \"min_range\" and \"max_range\" both have the same non-zero number of elements. If \"axis\" is provided (i.e., not \"-1\"), then validation should check that it is a value in range for the rank of \"input\" tensor and then the lengths of \"min_range\" and \"max_range\" inputs match the \"axis\" dimension of the \"input\" tensor. The Tensorflow team has patched the issue in GitHub commit 6da6620efad397c85493b8f8667b821403516708. \nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j\nhttps://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708", + "cve": "CVE-2021-37663", + "id": "pyup.io-55671", + "more_info_path": "/vulnerabilities/CVE-2021-37663/55671", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -164116,17 +164641,30 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37685: In affected versions TFLite's 'expand_dims.cc' (https://github.com/tensorflow/tensorflow/blob/149562d49faa709ea80df1d99fc41d005b81082a/tensorflow/lite/kernels/expand_dims.cc#L36-L50) contains a vulnerability which allows reading one element outside of bounds of heap allocated data. If 'axis' is a large negative value (e.g., '-100000'), then after the first 'if' it would still be negative. The check following the 'if' statement will pass and the 'for' loop would read one element before the start of 'input_dims.data' (when 'i = 0'). The Tensorflow team has patched the issue in GitHub commit d94ffe08a65400f898241c0374e9edc6fa8ed257.", - "cve": "CVE-2021-37685", - "id": "pyup.io-55672", - "more_info_path": "/vulnerabilities/CVE-2021-37685/55672", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37681: In affected versions the implementation of SVDF in TFLite is vulnerable to a null pointer error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/svdf.cc#L300-L313). The 'GetVariableInput' function (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/kernel_util.cc#L115-L119) can return a null pointer but 'GetTensorData' assumes that the argument is always a valid tensor. Furthermore, because 'GetVariableInput' calls 'GetMutableInput' (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/kernel_util.cc#L82-L90) which might return 'nullptr', the 'tensor->is_variable' expression can also trigger a null pointer exception. The Tensorflow team has patched the issue in GitHub commit 5b048e87e4e55990dae6b547add4dae59f4e1c76.", + "cve": "CVE-2021-37681", + "id": "pyup.io-55665", + "more_info_path": "/vulnerabilities/CVE-2021-37681/55665", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", - ">=2.4.0rc0,<2.4.3", - ">=2.5.0rc0,<2.5.1" + ">=2.5.0rc0,<2.5.1", + ">=2.4.0rc0,<2.4.3" ], - "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.4.0rc0,<2.4.3,>=2.5.0rc0,<2.5.1" + "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" + }, + { + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37641: In affected versions if the arguments to 'tf.raw_ops.RaggedGather' don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/ragged_gather_op.cc#L70) directly reads the first dimension of a tensor shape before checking that said tensor has rank of at least 1 (i.e., it is not a scalar). Furthermore, the implementation does not check that the list given by 'params_nested_splits' is not an empty list of tensors. The Tensorflow team has patched the issue in GitHub commit a2b743f6017d7b97af1fe49087ae15f0ac634373.", + "cve": "CVE-2021-37641", + "id": "pyup.io-55664", + "more_info_path": "/vulnerabilities/CVE-2021-37641/55664", + "specs": [ + ">=2.6.0rc0,<2.6.0", + ">=2.3.0rc0,<2.3.4", + ">=2.5.0rc0,<2.5.1", + ">=2.4.0rc0,<2.4.3" + ], + "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, { "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37643: If a user does not provide a valid padding value to 'tf.raw_ops.MatrixDiagPartOp', then the code triggers a null pointer dereference (if input is empty) or produces invalid behavior, ignoring all values after the first. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/linalg/matrix_diag_op.cc#L89) reads the first value from a tensor buffer without first checking that the tensor has values to read from. The Tensorflow team has patched the issue in GitHub commit 482da92095c4d48f8784b1f00dda4f81c28d2988.", @@ -164167,19 +164705,6 @@ ], "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, - { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37641: In affected versions if the arguments to 'tf.raw_ops.RaggedGather' don't determine a valid ragged tensor code can trigger a read from outside of bounds of heap allocated buffers. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/ragged_gather_op.cc#L70) directly reads the first dimension of a tensor shape before checking that said tensor has rank of at least 1 (i.e., it is not a scalar). Furthermore, the implementation does not check that the list given by 'params_nested_splits' is not an empty list of tensors. The Tensorflow team has patched the issue in GitHub commit a2b743f6017d7b97af1fe49087ae15f0ac634373.", - "cve": "CVE-2021-37641", - "id": "pyup.io-55664", - "more_info_path": "/vulnerabilities/CVE-2021-37641/55664", - "specs": [ - ">=2.6.0rc0,<2.6.0", - ">=2.3.0rc0,<2.3.4", - ">=2.5.0rc0,<2.5.1", - ">=2.4.0rc0,<2.4.3" - ], - "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" - }, { "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37644: In affected versions providing a negative element to 'num_elements' list argument of 'tf.raw_ops.TensorListReserve' causes the runtime to abort the process due to reallocating a 'std::vector' to have a negative number of elements. The implementation (https://github.com/tensorflow/tensorflow/blob/8d72537c6abf5a44103b57b9c2e22c14f5f49698/tensorflow/core/kernels/list_kernels.cc#L312) calls 'std::vector.resize()' with the new size controlled by input given by the user, without checking that this input is valid. The Tensorflow team has patched the issue in GitHub commit 8a6e874437670045e6c7dc6154c7412b4a2135e2.", "cve": "CVE-2021-37644", @@ -164194,10 +164719,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37681: In affected versions the implementation of SVDF in TFLite is vulnerable to a null pointer error (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/svdf.cc#L300-L313). The 'GetVariableInput' function (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/kernel_util.cc#L115-L119) can return a null pointer but 'GetTensorData' assumes that the argument is always a valid tensor. Furthermore, because 'GetVariableInput' calls 'GetMutableInput' (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/lite/kernels/kernel_util.cc#L82-L90) which might return 'nullptr', the 'tensor->is_variable' expression can also trigger a null pointer exception. The Tensorflow team has patched the issue in GitHub commit 5b048e87e4e55990dae6b547add4dae59f4e1c76.", - "cve": "CVE-2021-37681", - "id": "pyup.io-55665", - "more_info_path": "/vulnerabilities/CVE-2021-37681/55665", + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37666: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.RaggedTensorToVariant'. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L129) has an incomplete validation of the splits values, missing the case when the argument would be empty. The Tensorflow team has patched the issue in GitHub commit be7a4de6adfbd303ce08be4332554dff70362612.", + "cve": "CVE-2021-37666", + "id": "pyup.io-55668", + "more_info_path": "/vulnerabilities/CVE-2021-37666/55668", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.3.0rc0,<2.3.4", @@ -164219,19 +164744,6 @@ ], "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" }, - { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37666: In affected versions an attacker can cause undefined behavior via binding a reference to null pointer in 'tf.raw_ops.RaggedTensorToVariant'. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/ragged_tensor_to_variant_op.cc#L129) has an incomplete validation of the splits values, missing the case when the argument would be empty. The Tensorflow team has patched the issue in GitHub commit be7a4de6adfbd303ce08be4332554dff70362612.", - "cve": "CVE-2021-37666", - "id": "pyup.io-55668", - "more_info_path": "/vulnerabilities/CVE-2021-37666/55668", - "specs": [ - ">=2.6.0rc0,<2.6.0", - ">=2.3.0rc0,<2.3.4", - ">=2.5.0rc0,<2.5.1", - ">=2.4.0rc0,<2.4.3" - ], - "v": ">=2.6.0rc0,<2.6.0,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3" - }, { "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37690:\nIn affected versions when running shape functions, some functions (such as 'MutableHashTableShape') produce extra output information in the form of a 'ShapeAndType' struct. The shapes embedded in this struct are owned by an inference context that is cleaned up almost immediately; if the upstream code attempts to access this shape information, it can trigger a segfault. 'ShapeRefiner' is mitigating this for normal output shapes by cloning them (and thus putting the newly created shape under ownership of an inference context that will not die), but the Tensorflow team was not doing the same for shapes and types. This commit fixes that by doing similar logic on output shapes and types. The Tensorflow team has patched the issue in GitHub commit ee119d4a498979525046fba1c3dd3f13a039fbb1.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-3hxh-8cp2-g4hg\nhttps://github.com/tensorflow/tensorflow/commit/ee119d4a498979525046fba1c3dd3f13a039fbb1", "cve": "CVE-2021-37690", @@ -164259,10 +164771,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4,>=2.5.0rc0,<2.5.1" }, { - "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37655: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to 'tf.raw_ops.ResourceScatterUpdate'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L919-L923) has an incomplete validation of the relationship between the shapes of 'indices' and 'updates': instead of checking that the shape of 'indices' is a prefix of the shape of 'updates' (so that broadcasting can happen), code only checks that the number of elements in these two tensors are in a divisibility relationship. The Tensorflow team has patched the issue in GitHub commit 01cff3f986259d661103412a20745928c727326f.", - "cve": "CVE-2021-37655", - "id": "pyup.io-55646", - "more_info_path": "/vulnerabilities/CVE-2021-37655/55646", + "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37670:\nIn affected versions, an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to \"tf.raw_ops.UpperBound\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/searchsorted_op.cc#L85-L104) does not validate the rank of \"sorted_input\" argument. A similar issue occurs in \"tf.raw_ops.LowerBound\". The Tensorflow team has patched the issue in GitHub commit 42459e4273c2e47a3232cc16c4f4fff3b3a35c38.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9697-98pf-4rw7\nhttps://github.com/tensorflow/tensorflow/commit/42459e4273c2e47a3232cc16c4f4fff3b3a35c38", + "cve": "CVE-2021-37670", + "id": "pyup.io-55648", + "more_info_path": "/vulnerabilities/CVE-2021-37670/55648", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -164272,10 +164784,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37670:\nIn affected versions, an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to \"tf.raw_ops.UpperBound\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/searchsorted_op.cc#L85-L104) does not validate the rank of \"sorted_input\" argument. A similar issue occurs in \"tf.raw_ops.LowerBound\". The Tensorflow team has patched the issue in GitHub commit 42459e4273c2e47a3232cc16c4f4fff3b3a35c38.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9697-98pf-4rw7\nhttps://github.com/tensorflow/tensorflow/commit/42459e4273c2e47a3232cc16c4f4fff3b3a35c38", - "cve": "CVE-2021-37670", - "id": "pyup.io-55648", - "more_info_path": "/vulnerabilities/CVE-2021-37670/55648", + "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37672:\nIn affected versions, an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to \"tf.raw_ops.SdcaOptimizerV2\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/sdca_internal.cc#L320-L353) does not check that the length of \"example_labels\" is the same as the number of examples. The Tensorflow team has patched the issue in GitHub commit a4e138660270e7599793fa438cd7b2fc2ce215a6.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7\nhttps://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6", + "cve": "CVE-2021-37672", + "id": "pyup.io-55647", + "more_info_path": "/vulnerabilities/CVE-2021-37672/55647", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -164285,10 +164797,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for 'tf.raw_ops.Dequantize' has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/array_ops.cc#L2999-L3014) uses 'axis' to select between two different values for 'minmax_rank' which is then used to retrieve tensor dimensions. However, code assumes that 'axis' can be either '-1' or a value greater than '-1', with no validation for the other values. We have patched the issue in GitHub commit da857cfa0fde8f79ad0afdbc94e88b5d4bbec764. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.", - "cve": "CVE-2021-37677", - "id": "pyup.io-55657", - "more_info_path": "/vulnerabilities/CVE-2021-37677/55657", + "advisory": "TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a segmentation fault in 'tf.raw_ops.MaxPoolGrad' caused by missing validation. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/maxpooling_op.cc) misses some validation for the 'orig_input' and 'orig_output' tensors. The fixes for CVE-2021-29579 were incomplete. We have patched the issue in GitHub commit 136b51f10903e044308cf77117c0ed9871350475. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.", + "cve": "CVE-2021-37674", + "id": "pyup.io-55655", + "more_info_path": "/vulnerabilities/CVE-2021-37674/55655", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -164298,10 +164810,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37672:\nIn affected versions, an attacker can read from outside of bounds of heap allocated data by sending specially crafted illegal arguments to \"tf.raw_ops.SdcaOptimizerV2\". The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/sdca_internal.cc#L320-L353) does not check that the length of \"example_labels\" is the same as the number of examples. The Tensorflow team has patched the issue in GitHub commit a4e138660270e7599793fa438cd7b2fc2ce215a6.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7\nhttps://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6", - "cve": "CVE-2021-37672", - "id": "pyup.io-55647", - "more_info_path": "/vulnerabilities/CVE-2021-37672/55647", + "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37669:\nIn affected versions, an attacker can cause denial of service in applications serving models using \"tf.raw_ops.NonMaxSuppressionV5\" by triggering a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/image/non_max_suppression_op.cc#L170-L271) uses a user controlled argument to resize a \"std::vector\". However, as \"std::vector::resize\" takes the size argument as a \"size_t\" and \"output_size\" is an \"int\", there is an implicit conversion to unsigned. If the attacker supplies a negative value, this conversion results in a crash. A similar issue occurs in \"CombinedNonMaxSuppression\". The Tensorflow team has patched the issue in GitHub commit 3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d and commit b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vmjw-c2vp-p33c\nhttps://github.com/tensorflow/tensorflow/commit/3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d\nhttps://github.com/tensorflow/tensorflow/commit/b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58", + "cve": "CVE-2021-37669", + "id": "pyup.io-55656", + "more_info_path": "/vulnerabilities/CVE-2021-37669/55656", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -164311,10 +164823,10 @@ "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, { - "advisory": "TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via a segmentation fault in 'tf.raw_ops.MaxPoolGrad' caused by missing validation. The [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/maxpooling_op.cc) misses some validation for the 'orig_input' and 'orig_output' tensors. The fixes for CVE-2021-29579 were incomplete. We have patched the issue in GitHub commit 136b51f10903e044308cf77117c0ed9871350475. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.", - "cve": "CVE-2021-37674", - "id": "pyup.io-55655", - "more_info_path": "/vulnerabilities/CVE-2021-37674/55655", + "advisory": "TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for 'tf.raw_ops.Dequantize' has a vulnerability that could trigger a denial of service via a segfault if an attacker provides invalid arguments. The shape inference [implementation](https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/ops/array_ops.cc#L2999-L3014) uses 'axis' to select between two different values for 'minmax_rank' which is then used to retrieve tensor dimensions. However, code assumes that 'axis' can be either '-1' or a value greater than '-1', with no validation for the other values. We have patched the issue in GitHub commit da857cfa0fde8f79ad0afdbc94e88b5d4bbec764. The fix will be included in TensorFlow 2.6.0. We will also cherrypick this commit on TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4, as these are also affected and still in supported range.", + "cve": "CVE-2021-37677", + "id": "pyup.io-55657", + "more_info_path": "/vulnerabilities/CVE-2021-37677/55657", "specs": [ ">=2.6.0rc0,<2.6.0", ">=2.5.0rc0,<2.5.1", @@ -164349,19 +164861,6 @@ ], "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, - { - "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37669:\nIn affected versions, an attacker can cause denial of service in applications serving models using \"tf.raw_ops.NonMaxSuppressionV5\" by triggering a division by 0. The implementation (https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/core/kernels/image/non_max_suppression_op.cc#L170-L271) uses a user controlled argument to resize a \"std::vector\". However, as \"std::vector::resize\" takes the size argument as a \"size_t\" and \"output_size\" is an \"int\", there is an implicit conversion to unsigned. If the attacker supplies a negative value, this conversion results in a crash. A similar issue occurs in \"CombinedNonMaxSuppression\". The Tensorflow team has patched the issue in GitHub commit 3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d and commit b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vmjw-c2vp-p33c\nhttps://github.com/tensorflow/tensorflow/commit/3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d\nhttps://github.com/tensorflow/tensorflow/commit/b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58", - "cve": "CVE-2021-37669", - "id": "pyup.io-55656", - "more_info_path": "/vulnerabilities/CVE-2021-37669/55656", - "specs": [ - ">=2.6.0rc0,<2.6.0", - ">=2.5.0rc0,<2.5.1", - ">=2.4.0rc0,<2.4.3", - ">=2.3.0rc0,<2.3.4" - ], - "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" - }, { "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1, and 2.6.0 updates its dependency 'curl' to v7.77.0 to include security fixes.", "cve": "CVE-2021-22901", @@ -164414,6 +164913,19 @@ ], "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" }, + { + "advisory": "Tensorflow-cpu 2.3.4, 2.4.3, 2.5.1 and 2.6.0 include a fix for CVE-2021-37655: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of bounds of heap allocated data by sending invalid arguments to 'tf.raw_ops.ResourceScatterUpdate'. The implementation (https://github.com/tensorflow/tensorflow/blob/f24faa153ad31a4b51578f8181d3aaab77a1ddeb/tensorflow/core/kernels/resource_variable_ops.cc#L919-L923) has an incomplete validation of the relationship between the shapes of 'indices' and 'updates': instead of checking that the shape of 'indices' is a prefix of the shape of 'updates' (so that broadcasting can happen), code only checks that the number of elements in these two tensors are in a divisibility relationship. The Tensorflow team has patched the issue in GitHub commit 01cff3f986259d661103412a20745928c727326f.", + "cve": "CVE-2021-37655", + "id": "pyup.io-55646", + "more_info_path": "/vulnerabilities/CVE-2021-37655/55646", + "specs": [ + ">=2.6.0rc0,<2.6.0", + ">=2.5.0rc0,<2.5.1", + ">=2.4.0rc0,<2.4.3", + ">=2.3.0rc0,<2.3.4" + ], + "v": ">=2.6.0rc0,<2.6.0,>=2.5.0rc0,<2.5.1,>=2.4.0rc0,<2.4.3,>=2.3.0rc0,<2.3.4" + }, { "advisory": "Tensorflow-cpu version 2.3.4, 2.4.3, 2.5.1, 2.6.0 and 2.7.0 include a fix for CVE-2021-37678:\nIn affected versions, TensorFlow and Keras can be tricked to perform arbitrary code execution when deserializing a Keras model from YAML format. The implementation(https://github.com/tensorflow/tensorflow/blob/460e000de3a83278fb00b61a16d161b1964f15f4/tensorflow/python/keras/saving/model_config.py#L66-L104) uses \"yaml.unsafe_load\" which can perform arbitrary code execution on the input. Given that YAML format support requires a significant amount of work, the Tensorflow team has removed it for now. The Tensorflow team has patched the issue in GitHub commit 23d6383eb6c14084a8fc3bdf164043b974818012.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6jx-9g48-2r5r\nhttps://github.com/tensorflow/tensorflow/commit/23d6383eb6c14084a8fc3bdf164043b974818012", "cve": "CVE-2021-37678", @@ -164758,20 +165270,20 @@ "v": "<2.12.1,>=2.13.0rc0,<2.13.0" }, { - "advisory": "Tensorflow-cpu-aws updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", - "cve": "CVE-2023-38545", - "id": "pyup.io-72941", - "more_info_path": "/vulnerabilities/CVE-2023-38545/72941", + "advisory": "Tensorflow-cpu-aws updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", + "cve": "CVE-2023-38546", + "id": "pyup.io-72942", + "more_info_path": "/vulnerabilities/CVE-2023-38546/72942", "specs": [ "<2.14.1" ], "v": "<2.14.1" }, { - "advisory": "Tensorflow-cpu-aws updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", - "cve": "CVE-2023-38546", - "id": "pyup.io-72942", - "more_info_path": "/vulnerabilities/CVE-2023-38546/72942", + "advisory": "Tensorflow-cpu-aws 2.14.1 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", + "cve": "CVE-2023-38545", + "id": "pyup.io-72941", + "more_info_path": "/vulnerabilities/CVE-2023-38545/72941", "specs": [ "<2.14.1" ], @@ -167398,20 +167910,20 @@ "v": "<2.12.1,>=2.13.0rc0,<2.13.0" }, { - "advisory": "TensorFlow-GPU updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", - "cve": "CVE-2023-38545", - "id": "pyup.io-72615", - "more_info_path": "/vulnerabilities/CVE-2023-38545/72615", + "advisory": "TensorFlow-GPU updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", + "cve": "CVE-2023-38546", + "id": "pyup.io-72614", + "more_info_path": "/vulnerabilities/CVE-2023-38546/72614", "specs": [ "<2.14.1" ], "v": "<2.14.1" }, { - "advisory": "TensorFlow-GPU updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", - "cve": "CVE-2023-38546", - "id": "pyup.io-72614", - "more_info_path": "/vulnerabilities/CVE-2023-38546/72614", + "advisory": "TensorFlow-GPU uses a version of curl vulnerable to CVE-2023-38545.", + "cve": "CVE-2023-38545", + "id": "pyup.io-72615", + "more_info_path": "/vulnerabilities/CVE-2023-38545/72615", "specs": [ "<2.14.1" ], @@ -172822,10 +173334,10 @@ "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36011: Null dereference on MLIR on empty function attributes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fv43-93gv-vm8f", - "cve": "CVE-2022-36011", - "id": "pyup.io-56574", - "more_info_path": "/vulnerabilities/CVE-2022-36011/56574", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35993: 'CHECK' fail in 'SetSize'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wq6q-6m32-9rv9", + "cve": "CVE-2022-35993", + "id": "pyup.io-56578", + "more_info_path": "/vulnerabilities/CVE-2022-35993/56578", "specs": [ "<2.10.0" ], @@ -172841,16 +173353,6 @@ ], "v": "<2.10.0" }, - { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35993: 'CHECK' fail in 'SetSize'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wq6q-6m32-9rv9", - "cve": "CVE-2022-35993", - "id": "pyup.io-56578", - "more_info_path": "/vulnerabilities/CVE-2022-35993/56578", - "specs": [ - "<2.10.0" - ], - "v": "<2.10.0" - }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35965: Segfault in 'LowerBound' and 'UpperBound'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qxpx-j395-pw36", "cve": "CVE-2022-35965", @@ -172881,6 +173383,46 @@ ], "v": "<2.10.0" }, + { + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36026: 'CHECK' fail in 'QuantizeAndDequantizeV3'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9cr2-8pwr-fhfq", + "cve": "CVE-2022-36026", + "id": "pyup.io-56572", + "more_info_path": "/vulnerabilities/CVE-2022-36026/56572", + "specs": [ + "<2.10.0" + ], + "v": "<2.10.0" + }, + { + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35964: Segfault in 'BlockLSTMGradV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f7r5-q7cx-h668", + "cve": "CVE-2022-35964", + "id": "pyup.io-56561", + "more_info_path": "/vulnerabilities/CVE-2022-35964/56561", + "specs": [ + "<2.10.0" + ], + "v": "<2.10.0" + }, + { + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36002: 'CHECK' fail in 'Unbatch'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mh3m-62v7-68xg", + "cve": "CVE-2022-36002", + "id": "pyup.io-56554", + "more_info_path": "/vulnerabilities/CVE-2022-36002/56554", + "specs": [ + "<2.10.0" + ], + "v": "<2.10.0" + }, + { + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35988: 'CHECK' fail in 'tf.linalg.matrix_rank'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vqj-64pv-w55c", + "cve": "CVE-2022-35988", + "id": "pyup.io-56582", + "more_info_path": "/vulnerabilities/CVE-2022-35988/56582", + "specs": [ + "<2.10.0" + ], + "v": "<2.10.0" + }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35994: 'CHECK' fail in 'CollectiveGather'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fhfc-2q7x-929f", "cve": "CVE-2022-35994", @@ -172941,16 +173483,6 @@ ], "v": "<2.10.0" }, - { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35964: Segfault in 'BlockLSTMGradV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f7r5-q7cx-h668", - "cve": "CVE-2022-35964", - "id": "pyup.io-56561", - "more_info_path": "/vulnerabilities/CVE-2022-35964/56561", - "specs": [ - "<2.10.0" - ], - "v": "<2.10.0" - }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35967: Segfault in 'QuantizedAdd'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6h3-348g-6h5x", "cve": "CVE-2022-35967", @@ -172981,6 +173513,26 @@ ], "v": "<2.10.0" }, + { + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35937: OOB read in 'Gather_nd' op in TF Lite.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pxrw-j2fv-hx3h", + "cve": "CVE-2022-35937", + "id": "pyup.io-56543", + "more_info_path": "/vulnerabilities/CVE-2022-35937/56543", + "specs": [ + "<2.10.0" + ], + "v": "<2.10.0" + }, + { + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35939: OOB write in 'scatter_nd' op in TF Lite.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-ffjm-4qwc-7cmf", + "cve": "CVE-2022-35939", + "id": "pyup.io-56544", + "more_info_path": "/vulnerabilities/CVE-2022-35939/56544", + "specs": [ + "<2.10.0" + ], + "v": "<2.10.0" + }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35979: Segfault in 'QuantizedRelu' and 'QuantizedRelu6'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v7vw-577f-vp8x", "cve": "CVE-2022-35979", @@ -173001,16 +173553,6 @@ ], "v": "<2.10.0" }, - { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35989: 'CHECK' fail in 'MaxPool'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j43h-pgmg-5hjq", - "cve": "CVE-2022-35989", - "id": "pyup.io-56597", - "more_info_path": "/vulnerabilities/CVE-2022-35989/56597", - "specs": [ - "<2.10.0" - ], - "v": "<2.10.0" - }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36017: Segfault in 'Requantize'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-wqmc-pm8c-2jhc", "cve": "CVE-2022-36017", @@ -173061,16 +173603,6 @@ ], "v": "<2.10.0" }, - { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35939: OOB write in 'scatter_nd' op in TF Lite.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-ffjm-4qwc-7cmf", - "cve": "CVE-2022-35939", - "id": "pyup.io-56544", - "more_info_path": "/vulnerabilities/CVE-2022-35939/56544", - "specs": [ - "<2.10.0" - ], - "v": "<2.10.0" - }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35952: 'CHECK' failures in 'UnbatchGradOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h5vq-gw2c-pq47", "cve": "CVE-2022-35952", @@ -173111,16 +173643,6 @@ ], "v": "<2.10.0" }, - { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35997: 'CHECK' fail in 'tf.sparse.cross'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p7hr-f446-x6qf", - "cve": "CVE-2022-35997", - "id": "pyup.io-56562", - "more_info_path": "/vulnerabilities/CVE-2022-35997/56562", - "specs": [ - "<2.10.0" - ], - "v": "<2.10.0" - }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35990: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannelGradient'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h7ff-cfc9-wmmh", "cve": "CVE-2022-35990", @@ -173131,16 +173653,6 @@ ], "v": "<2.10.0" }, - { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35937: OOB read in 'Gather_nd' op in TF Lite.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pxrw-j2fv-hx3h", - "cve": "CVE-2022-35937", - "id": "pyup.io-56543", - "more_info_path": "/vulnerabilities/CVE-2022-35937/56543", - "specs": [ - "<2.10.0" - ], - "v": "<2.10.0" - }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36019: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannel'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9j4v-pp28-mxv7", "cve": "CVE-2022-36019", @@ -173181,16 +173693,6 @@ ], "v": "<2.10.0" }, - { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35960: 'CHECK' failure in 'TensorListReserve' via missing validation.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v5xg-3q2c-c2r4", - "cve": "CVE-2022-35960", - "id": "pyup.io-56546", - "more_info_path": "/vulnerabilities/CVE-2022-35960/56546", - "specs": [ - "<2.10.0" - ], - "v": "<2.10.0" - }, { "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36012: Assertion fail on MLIR empty edge names.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jvhc-5hhr-w3v5", "cve": "CVE-2022-36012", @@ -173212,160 +173714,170 @@ "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36014: Null-dereference in 'mlir::tfg::TFOp::nameAttr'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7j3m-8g3c-9qqq", - "cve": "CVE-2022-36014", - "id": "pyup.io-56579", - "more_info_path": "/vulnerabilities/CVE-2022-36014/56579", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35968: 'CHECK' fail in 'AvgPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2475-53vw-vp25", + "cve": "CVE-2022-35968", + "id": "pyup.io-56586", + "more_info_path": "/vulnerabilities/CVE-2022-35968/56586", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36026: 'CHECK' fail in 'QuantizeAndDequantizeV3'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9cr2-8pwr-fhfq", - "cve": "CVE-2022-36026", - "id": "pyup.io-56572", - "more_info_path": "/vulnerabilities/CVE-2022-36026/56572", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36005: 'CHECK' fail in 'FakeQuantWithMinMaxVarsGradient'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-r26c-679w-mrjm", + "cve": "CVE-2022-36005", + "id": "pyup.io-56598", + "more_info_path": "/vulnerabilities/CVE-2022-36005/56598", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35968: 'CHECK' fail in 'AvgPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-2475-53vw-vp25", - "cve": "CVE-2022-35968", - "id": "pyup.io-56586", - "more_info_path": "/vulnerabilities/CVE-2022-35968/56586", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35963: 'CHECK' failures in 'FractionalAvgPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-84jm-4cf3-9jfm", + "cve": "CVE-2022-35963", + "id": "pyup.io-56591", + "more_info_path": "/vulnerabilities/CVE-2022-35963/56591", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36005: 'CHECK' fail in 'FakeQuantWithMinMaxVarsGradient'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-r26c-679w-mrjm", - "cve": "CVE-2022-36005", - "id": "pyup.io-56598", - "more_info_path": "/vulnerabilities/CVE-2022-36005/56598", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35983: 'CHECK' fail in 'Save' and 'SaveSlices'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6vp-8q9j-whx4", + "cve": "CVE-2022-35983", + "id": "pyup.io-56556", + "more_info_path": "/vulnerabilities/CVE-2022-35983/56556", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35941: 'CHECK' failure in 'AvgPoolOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mgmh-g2v6-mqw5", - "cve": "CVE-2022-35941", - "id": "pyup.io-56580", - "more_info_path": "/vulnerabilities/CVE-2022-35941/56580", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36018: 'CHECK' fail in 'RaggedTensorToVariant'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6cv-4fmf-66xf", + "cve": "CVE-2022-36018", + "id": "pyup.io-56596", + "more_info_path": "/vulnerabilities/CVE-2022-36018/56596", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36002: 'CHECK' fail in 'Unbatch'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mh3m-62v7-68xg", - "cve": "CVE-2022-36002", - "id": "pyup.io-56554", - "more_info_path": "/vulnerabilities/CVE-2022-36002/56554", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35995: 'CHECK' fail in 'AudioSummaryV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9h5-vr8m-x2h4", + "cve": "CVE-2022-35995", + "id": "pyup.io-56593", + "more_info_path": "/vulnerabilities/CVE-2022-35995/56593", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35963: 'CHECK' failures in 'FractionalAvgPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-84jm-4cf3-9jfm", - "cve": "CVE-2022-35963", - "id": "pyup.io-56591", - "more_info_path": "/vulnerabilities/CVE-2022-35963/56591", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35981: 'CHECK' fail in 'FractionalMaxPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vxv8-r8q2-63xw", + "cve": "CVE-2022-35981", + "id": "pyup.io-56565", + "more_info_path": "/vulnerabilities/CVE-2022-35981/56565", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35988: 'CHECK' fail in 'tf.linalg.matrix_rank'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vqj-64pv-w55c", - "cve": "CVE-2022-35988", - "id": "pyup.io-56582", - "more_info_path": "/vulnerabilities/CVE-2022-35988/56582", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36011: Null dereference on MLIR on empty function attributes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fv43-93gv-vm8f", + "cve": "CVE-2022-36011", + "id": "pyup.io-56574", + "more_info_path": "/vulnerabilities/CVE-2022-36011/56574", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35983: 'CHECK' fail in 'Save' and 'SaveSlices'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6vp-8q9j-whx4", - "cve": "CVE-2022-35983", - "id": "pyup.io-56556", - "more_info_path": "/vulnerabilities/CVE-2022-35983/56556", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35998: 'CHECK' fail in 'EmptyTensorList'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhw4-wwr7-gjc5", + "cve": "CVE-2022-35998", + "id": "pyup.io-56563", + "more_info_path": "/vulnerabilities/CVE-2022-35998/56563", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35982: Segfault in 'SparseBincount'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv", - "cve": "CVE-2022-35982", - "id": "pyup.io-56576", - "more_info_path": "/vulnerabilities/CVE-2022-35982/56576", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35989: 'CHECK' fail in 'MaxPool'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j43h-pgmg-5hjq", + "cve": "CVE-2022-35989", + "id": "pyup.io-56597", + "more_info_path": "/vulnerabilities/CVE-2022-35989/56597", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36001: 'CHECK' fail in 'DrawBoundingBoxes'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jqm7-m5q7-3hm5", - "cve": "CVE-2022-36001", - "id": "pyup.io-56590", - "more_info_path": "/vulnerabilities/CVE-2022-36001/56590", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35997: 'CHECK' fail in 'tf.sparse.cross'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-p7hr-f446-x6qf", + "cve": "CVE-2022-35997", + "id": "pyup.io-56562", + "more_info_path": "/vulnerabilities/CVE-2022-35997/56562", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35998: 'CHECK' fail in 'EmptyTensorList'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhw4-wwr7-gjc5", - "cve": "CVE-2022-35998", - "id": "pyup.io-56563", - "more_info_path": "/vulnerabilities/CVE-2022-35998/56563", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35960: 'CHECK' failure in 'TensorListReserve' via missing validation.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-v5xg-3q2c-c2r4", + "cve": "CVE-2022-35960", + "id": "pyup.io-56546", + "more_info_path": "/vulnerabilities/CVE-2022-35960/56546", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36018: 'CHECK' fail in 'RaggedTensorToVariant'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6cv-4fmf-66xf", - "cve": "CVE-2022-36018", - "id": "pyup.io-56596", - "more_info_path": "/vulnerabilities/CVE-2022-36018/56596", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36014: Null-dereference in 'mlir::tfg::TFOp::nameAttr'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7j3m-8g3c-9qqq", + "cve": "CVE-2022-36014", + "id": "pyup.io-56579", + "more_info_path": "/vulnerabilities/CVE-2022-36014/56579", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35995: 'CHECK' fail in 'AudioSummaryV2'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9h5-vr8m-x2h4", - "cve": "CVE-2022-35995", - "id": "pyup.io-56593", - "more_info_path": "/vulnerabilities/CVE-2022-35995/56593", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35941: 'CHECK' failure in 'AvgPoolOp'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mgmh-g2v6-mqw5", + "cve": "CVE-2022-35941", + "id": "pyup.io-56580", + "more_info_path": "/vulnerabilities/CVE-2022-35941/56580", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35981: 'CHECK' fail in 'FractionalMaxPoolGrad'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-vxv8-r8q2-63xw", - "cve": "CVE-2022-35981", - "id": "pyup.io-56565", - "more_info_path": "/vulnerabilities/CVE-2022-35981/56565", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-35982: Segfault in 'SparseBincount'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv", + "cve": "CVE-2022-35982", + "id": "pyup.io-56576", + "more_info_path": "/vulnerabilities/CVE-2022-35982/56576", "specs": [ "<2.10.0" ], "v": "<2.10.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25673: Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", - "cve": "CVE-2023-25673", - "id": "pyup.io-56495", - "more_info_path": "/vulnerabilities/CVE-2023-25673/56495", + "advisory": "Tensorflow-intel 2.10.0 includes a fix for CVE-2022-36001: 'CHECK' fail in 'DrawBoundingBoxes'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-jqm7-m5q7-3hm5", + "cve": "CVE-2022-36001", + "id": "pyup.io-56590", + "more_info_path": "/vulnerabilities/CVE-2022-36001/56590", + "specs": [ + "<2.10.0" + ], + "v": "<2.10.0" + }, + { + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25664: Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr", + "cve": "CVE-2023-25664", + "id": "pyup.io-56510", + "more_info_path": "/vulnerabilities/CVE-2023-25664/56510", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173384,10 +173896,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25675: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.Bincount' segfaults when given a parameter 'weights' that is neither the same shape as parameter 'arr' nor a length-0 tensor.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj", - "cve": "CVE-2023-25675", - "id": "pyup.io-56503", - "more_info_path": "/vulnerabilities/CVE-2023-25675/56503", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25673: Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", + "cve": "CVE-2023-25673", + "id": "pyup.io-56495", + "more_info_path": "/vulnerabilities/CVE-2023-25673/56495", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173395,10 +173907,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25659: Prior to versions 2.12.0 and 2.11.1, if the parameter 'indices' for 'DynamicStitch' does not match the shape of the parameter 'data', it can trigger an stack OOB read.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p", - "cve": "CVE-2023-25659", - "id": "pyup.io-56514", - "more_info_path": "/vulnerabilities/CVE-2023-25659/56514", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25665: Prior to versions 2.12.0 and 2.11.1, when 'SparseSparseMaximum' is given invalid sparse tensors as inputs, it can give a null pointer error.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g", + "cve": "CVE-2023-25665", + "id": "pyup.io-56504", + "more_info_path": "/vulnerabilities/CVE-2023-25665/56504", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173406,10 +173918,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25669: Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for 'tf.raw_ops.AvgPoolGrad', it can give a floating point exception.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p", - "cve": "CVE-2023-25669", - "id": "pyup.io-56508", - "more_info_path": "/vulnerabilities/CVE-2023-25669/56508", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25672: The function 'tf.raw_ops.LookupTableImportV2' cannot handle scalars in the 'values' parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", + "cve": "CVE-2023-25672", + "id": "pyup.io-56496", + "more_info_path": "/vulnerabilities/CVE-2023-25672/56496", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173417,10 +173929,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-27579: Constructing a tflite model with a paramater 'filter_input_channel' of less than 1 gives a FPE.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8", - "cve": "CVE-2023-27579", - "id": "pyup.io-56505", - "more_info_path": "/vulnerabilities/CVE-2023-27579/56505", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25670: Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w", + "cve": "CVE-2023-25670", + "id": "pyup.io-56507", + "more_info_path": "/vulnerabilities/CVE-2023-25670/56507", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173428,10 +173940,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25662: Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw", - "cve": "CVE-2023-25662", - "id": "pyup.io-56512", - "more_info_path": "/vulnerabilities/CVE-2023-25662/56512", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25669: Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for 'tf.raw_ops.AvgPoolGrad', it can give a floating point exception.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p", + "cve": "CVE-2023-25669", + "id": "pyup.io-56508", + "more_info_path": "/vulnerabilities/CVE-2023-25669/56508", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173461,10 +173973,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25661: In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the 'Convolution3DTranspose' function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a 'Convolution3DTranspose' call.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq", - "cve": "CVE-2023-25661", - "id": "pyup.io-56501", - "more_info_path": "/vulnerabilities/CVE-2023-25661/56501", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25663: Prior to versions 2.12.0 and 2.11.1, when 'ctx->step_containter()' is a null ptr, the Lookup function will be executed with a null pointer.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w", + "cve": "CVE-2023-25663", + "id": "pyup.io-56511", + "more_info_path": "/vulnerabilities/CVE-2023-25663/56511", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173472,10 +173984,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25672: The function 'tf.raw_ops.LookupTableImportV2' cannot handle scalars in the 'values' parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.", - "cve": "CVE-2023-25672", - "id": "pyup.io-56496", - "more_info_path": "/vulnerabilities/CVE-2023-25672/56496", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25676: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.ParallelConcat' segfaults with a nullptr dereference when given a parameter 'shape' with rank that is not greater than zero.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq", + "cve": "CVE-2023-25676", + "id": "pyup.io-56497", + "more_info_path": "/vulnerabilities/CVE-2023-25676/56497", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173483,10 +173995,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25663: Prior to versions 2.12.0 and 2.11.1, when 'ctx->step_containter()' is a null ptr, the Lookup function will be executed with a null pointer.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w", - "cve": "CVE-2023-25663", - "id": "pyup.io-56511", - "more_info_path": "/vulnerabilities/CVE-2023-25663/56511", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25660: Prior to versions 2.12.0 and 2.11.1, when the parameter 'summarize' of 'tf.raw_ops.Print' is zero, the new method 'SummarizeArray' will reference to a nullptr, leading to a seg fault.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj", + "cve": "CVE-2023-25660", + "id": "pyup.io-56513", + "more_info_path": "/vulnerabilities/CVE-2023-25660/56513", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173494,10 +174006,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25666: Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2", - "cve": "CVE-2023-25666", - "id": "pyup.io-56498", - "more_info_path": "/vulnerabilities/CVE-2023-25666/56498", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25667: Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when '2^31 <= num_frames * height * width * channels < 2^32', for example Full HD screencast of at least 346 frames.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68", + "cve": "CVE-2023-25667", + "id": "pyup.io-56499", + "more_info_path": "/vulnerabilities/CVE-2023-25667/56499", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173505,10 +174017,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25670: Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w", - "cve": "CVE-2023-25670", - "id": "pyup.io-56507", - "more_info_path": "/vulnerabilities/CVE-2023-25670/56507", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25662: Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw", + "cve": "CVE-2023-25662", + "id": "pyup.io-56512", + "more_info_path": "/vulnerabilities/CVE-2023-25662/56512", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173516,10 +174028,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25664: Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr", - "cve": "CVE-2023-25664", - "id": "pyup.io-56510", - "more_info_path": "/vulnerabilities/CVE-2023-25664/56510", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25661: In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the 'Convolution3DTranspose' function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a 'Convolution3DTranspose' call.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq", + "cve": "CVE-2023-25661", + "id": "pyup.io-56501", + "more_info_path": "/vulnerabilities/CVE-2023-25661/56501", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173527,10 +174039,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25676: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.ParallelConcat' segfaults with a nullptr dereference when given a parameter 'shape' with rank that is not greater than zero.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq", - "cve": "CVE-2023-25676", - "id": "pyup.io-56497", - "more_info_path": "/vulnerabilities/CVE-2023-25676/56497", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25671: There is out-of-bounds access due to mismatched integer type sizes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j5w9-hmfh-4cr6", + "cve": "CVE-2023-25671", + "id": "pyup.io-56506", + "more_info_path": "/vulnerabilities/CVE-2023-25671/56506", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173538,10 +174050,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25665: Prior to versions 2.12.0 and 2.11.1, when 'SparseSparseMaximum' is given invalid sparse tensors as inputs, it can give a null pointer error.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g", - "cve": "CVE-2023-25665", - "id": "pyup.io-56504", - "more_info_path": "/vulnerabilities/CVE-2023-25665/56504", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25675: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.Bincount' segfaults when given a parameter 'weights' that is neither the same shape as parameter 'arr' nor a length-0 tensor.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj", + "cve": "CVE-2023-25675", + "id": "pyup.io-56503", + "more_info_path": "/vulnerabilities/CVE-2023-25675/56503", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173549,10 +174061,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25660: Prior to versions 2.12.0 and 2.11.1, when the parameter 'summarize' of 'tf.raw_ops.Print' is zero, the new method 'SummarizeArray' will reference to a nullptr, leading to a seg fault.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj", - "cve": "CVE-2023-25660", - "id": "pyup.io-56513", - "more_info_path": "/vulnerabilities/CVE-2023-25660/56513", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25659: Prior to versions 2.12.0 and 2.11.1, if the parameter 'indices' for 'DynamicStitch' does not match the shape of the parameter 'data', it can trigger an stack OOB read.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p", + "cve": "CVE-2023-25659", + "id": "pyup.io-56514", + "more_info_path": "/vulnerabilities/CVE-2023-25659/56514", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173560,10 +174072,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25671: There is out-of-bounds access due to mismatched integer type sizes.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-j5w9-hmfh-4cr6", - "cve": "CVE-2023-25671", - "id": "pyup.io-56506", - "more_info_path": "/vulnerabilities/CVE-2023-25671/56506", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-27579: Constructing a tflite model with a paramater 'filter_input_channel' of less than 1 gives a FPE.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8", + "cve": "CVE-2023-27579", + "id": "pyup.io-56505", + "more_info_path": "/vulnerabilities/CVE-2023-27579/56505", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173571,10 +174083,10 @@ "v": "<2.11.1,>=2.12.0rc0,<2.12.0" }, { - "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25667: Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when '2^31 <= num_frames * height * width * channels < 2^32', for example Full HD screencast of at least 346 frames.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68", - "cve": "CVE-2023-25667", - "id": "pyup.io-56499", - "more_info_path": "/vulnerabilities/CVE-2023-25667/56499", + "advisory": "Tensorflow-intel 2.11.1 and 2.12.0 include a fix for CVE-2023-25666: Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2", + "cve": "CVE-2023-25666", + "id": "pyup.io-56498", + "more_info_path": "/vulnerabilities/CVE-2023-25666/56498", "specs": [ "<2.11.1", ">=2.12.0rc0,<2.12.0" @@ -173624,7 +174136,7 @@ "v": "<2.14.1" }, { - "advisory": "Tensorflow-intel updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", + "advisory": "Tensorflow-intel 2.14.1 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", "cve": "CVE-2023-38545", "id": "pyup.io-72938", "more_info_path": "/vulnerabilities/CVE-2023-38545/72938", @@ -173658,10 +174170,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41898: If 'SparseFillEmptyRowsGrad' is given empty inputs, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h", - "cve": "CVE-2022-41898", - "id": "pyup.io-56539", - "more_info_path": "/vulnerabilities/CVE-2022-41898/56539", + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41897: If 'FractionMaxPoolGrad' is given outsize inputs 'row_pooling_sequence' and 'col_pooling_sequence', TensorFlow will crash.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j", + "cve": "CVE-2022-41897", + "id": "pyup.io-56535", + "more_info_path": "/vulnerabilities/CVE-2022-41897/56535", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173693,42 +174205,6 @@ ], "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, - { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41895: If 'MirrorPadGrad' is given outsize input 'paddings', TensorFlow will give a heap OOB error.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx", - "cve": "CVE-2022-41895", - "id": "pyup.io-56519", - "more_info_path": "/vulnerabilities/CVE-2022-41895/56519", - "specs": [ - "<2.8.4", - ">=2.9.0rc0,<2.9.3", - ">=2.10.0rc0,<2.10.1" - ], - "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" - }, - { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41889: If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a 'nullptr', which is not caught. An example can be seen in 'tf.compat.v1.extract_volume_patches' by passing in quantized tensors as input 'ksizes'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xxcj-rhqg-m46g", - "cve": "CVE-2022-41889", - "id": "pyup.io-56522", - "more_info_path": "/vulnerabilities/CVE-2022-41889/56522", - "specs": [ - "<2.8.4", - ">=2.9.0rc0,<2.9.3", - ">=2.10.0rc0,<2.10.1" - ], - "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" - }, - { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41880: When the 'BaseCandidateSamplerOp' function receives a value in 'true_classes' larger than 'range_max', a heap oob read occurs.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j", - "cve": "CVE-2022-41880", - "id": "pyup.io-56530", - "more_info_path": "/vulnerabilities/CVE-2022-41880/56530", - "specs": [ - "<2.8.4", - ">=2.9.0rc0,<2.9.3", - ">=2.10.0rc0,<2.10.1" - ], - "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" - }, { "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41894: The reference kernel of the 'CONV_3D_TRANSPOSE' TensorFlow Lite operator wrongly increments the data_ptr when adding the bias to the result. Instead of 'data_ptr += num_channels;' it should be 'data_ptr += output_num_channels;' as if the number of input channels is different than the number of output channels, the wrong result will be returned and a buffer overflow will occur if num_channels > output_num_channels. An attacker can craft a model with a specific number of input channels. It is then possible to write specific values through the bias of the layer outside the bounds of the buffer. This attack only works if the reference kernel resolver is used in the interpreter.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6q3-vv32-2cq5", "cve": "CVE-2022-41894", @@ -173754,10 +174230,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41900: The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472", - "cve": "CVE-2022-41900", - "id": "pyup.io-56528", - "more_info_path": "/vulnerabilities/CVE-2022-41900/56528", + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41911: When printing a tensor, we get it's data as a 'const char*' array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from 'char' to 'bool' are undefined if the 'char' is not '0' or '1', so sanitizers/fuzzers will crash.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j", + "cve": "CVE-2022-41911", + "id": "pyup.io-56521", + "more_info_path": "/vulnerabilities/CVE-2022-41911/56521", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173766,10 +174242,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41908: TensorFlow is an open source platform for machine learning. An input 'token' that is not a UTF-8 bytestring will trigger a 'CHECK' fail in 'tf.raw_ops.PyFunc'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3", - "cve": "CVE-2022-41908", - "id": "pyup.io-56527", - "more_info_path": "/vulnerabilities/CVE-2022-41908/56527", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41898: If 'SparseFillEmptyRowsGrad' is given empty inputs, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h", + "cve": "CVE-2022-41898", + "id": "pyup.io-56539", + "more_info_path": "/vulnerabilities/CVE-2022-41898/56539", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173778,10 +174254,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41901: An input 'sparse_matrix' that is not a matrix with a shape with rank 0 will trigger a 'CHECK' fail in 'tf.raw_ops.SparseMatrixNNZ'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f", - "cve": "CVE-2022-41901", - "id": "pyup.io-56518", - "more_info_path": "/vulnerabilities/CVE-2022-41901/56518", + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41880: When the 'BaseCandidateSamplerOp' function receives a value in 'true_classes' larger than 'range_max', a heap oob read occurs.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j", + "cve": "CVE-2022-41880", + "id": "pyup.io-56530", + "more_info_path": "/vulnerabilities/CVE-2022-41880/56530", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173790,10 +174266,34 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41890: If 'BCast::ToShape' is given input larger than an 'int32', it will crash, despite being supposed to handle up to an 'int64'. An example can be seen in 'tf.experimental.numpy.outer' by passing in large input to the input 'b'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475", - "cve": "CVE-2022-41890", - "id": "pyup.io-56529", - "more_info_path": "/vulnerabilities/CVE-2022-41890/56529", + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41900: The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472", + "cve": "CVE-2022-41900", + "id": "pyup.io-56528", + "more_info_path": "/vulnerabilities/CVE-2022-41900/56528", + "specs": [ + "<2.8.4", + ">=2.9.0rc0,<2.9.3", + ">=2.10.0rc0,<2.10.1" + ], + "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" + }, + { + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41888: When running on GPU, 'tf.image.generate_bounding_box_proposals' receives a 'scores' input that must be of rank 4 but is not checked.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v", + "cve": "CVE-2022-41888", + "id": "pyup.io-56538", + "more_info_path": "/vulnerabilities/CVE-2022-41888/56538", + "specs": [ + "<2.8.4", + ">=2.9.0rc0,<2.9.3", + ">=2.10.0rc0,<2.10.1" + ], + "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" + }, + { + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41895: If 'MirrorPadGrad' is given outsize input 'paddings', TensorFlow will give a heap OOB error.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx", + "cve": "CVE-2022-41895", + "id": "pyup.io-56519", + "more_info_path": "/vulnerabilities/CVE-2022-41895/56519", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173814,10 +174314,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.", - "cve": "CVE-2022-41902", - "id": "pyup.io-56532", - "more_info_path": "/vulnerabilities/CVE-2022-41902/56532", + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41889: If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a 'nullptr', which is not caught. An example can be seen in 'tf.compat.v1.extract_volume_patches' by passing in quantized tensors as input 'ksizes'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-xxcj-rhqg-m46g", + "cve": "CVE-2022-41889", + "id": "pyup.io-56522", + "more_info_path": "/vulnerabilities/CVE-2022-41889/56522", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173826,10 +174326,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41896: If 'ThreadUnsafeUnigramCandidateSampler' is given input 'filterbank_channel_count' greater than the allowed max size, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35", - "cve": "CVE-2022-41896", - "id": "pyup.io-56533", - "more_info_path": "/vulnerabilities/CVE-2022-41896/56533", + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41890: If 'BCast::ToShape' is given input larger than an 'int32', it will crash, despite being supposed to handle up to an 'int64'. An example can be seen in 'tf.experimental.numpy.outer' by passing in large input to the input 'b'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475", + "cve": "CVE-2022-41890", + "id": "pyup.io-56529", + "more_info_path": "/vulnerabilities/CVE-2022-41890/56529", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173838,10 +174338,22 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41885: When 'tf.raw_ops.FusedResizeAndPadConv2D' is given a large tensor shape, it overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx", - "cve": "CVE-2022-41885", - "id": "pyup.io-56523", - "more_info_path": "/vulnerabilities/CVE-2022-41885/56523", + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41908: TensorFlow is an open source platform for machine learning. An input 'token' that is not a UTF-8 bytestring will trigger a 'CHECK' fail in 'tf.raw_ops.PyFunc'.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3", + "cve": "CVE-2022-41908", + "id": "pyup.io-56527", + "more_info_path": "/vulnerabilities/CVE-2022-41908/56527", + "specs": [ + "<2.8.4", + ">=2.9.0rc0,<2.9.3", + ">=2.10.0rc0,<2.10.1" + ], + "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" + }, + { + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41896: If 'ThreadUnsafeUnigramCandidateSampler' is given input 'filterbank_channel_count' greater than the allowed max size, TensorFlow will crash.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35", + "cve": "CVE-2022-41896", + "id": "pyup.io-56533", + "more_info_path": "/vulnerabilities/CVE-2022-41896/56533", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173862,10 +174374,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41911: When printing a tensor, we get it's data as a 'const char*' array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from 'char' to 'bool' are undefined if the 'char' is not '0' or '1', so sanitizers/fuzzers will crash.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j", - "cve": "CVE-2022-41911", - "id": "pyup.io-56521", - "more_info_path": "/vulnerabilities/CVE-2022-41911/56521", + "advisory": "Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41901: An input 'sparse_matrix' that is not a matrix with a shape with rank 0 will trigger a 'CHECK' fail in 'tf.raw_ops.SparseMatrixNNZ'.\r\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9fm-r5mm-rf9f", + "cve": "CVE-2022-41901", + "id": "pyup.io-56518", + "more_info_path": "/vulnerabilities/CVE-2022-41901/56518", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173874,10 +174386,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41888: When running on GPU, 'tf.image.generate_bounding_box_proposals' receives a 'scores' input that must be of rank 4 but is not checked.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v", - "cve": "CVE-2022-41888", - "id": "pyup.io-56538", - "more_info_path": "/vulnerabilities/CVE-2022-41888/56538", + "advisory": "TensorFlow is an open source platform for machine learning. The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered. We have patched the issue in GitHub commit a65411a1d69edfb16b25907ffb8f73556ce36bb7. The fix will be included in TensorFlow 2.11.0. We will also cherrypick this commit on TensorFlow 2.8.4, 2.9.3, and 2.10.1.", + "cve": "CVE-2022-41902", + "id": "pyup.io-56532", + "more_info_path": "/vulnerabilities/CVE-2022-41902/56532", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -173886,10 +174398,10 @@ "v": "<2.8.4,>=2.9.0rc0,<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41897: If 'FractionMaxPoolGrad' is given outsize inputs 'row_pooling_sequence' and 'col_pooling_sequence', TensorFlow will crash.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j", - "cve": "CVE-2022-41897", - "id": "pyup.io-56535", - "more_info_path": "/vulnerabilities/CVE-2022-41897/56535", + "advisory": "Tensorflow-intel 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41885: When 'tf.raw_ops.FusedResizeAndPadConv2D' is given a large tensor shape, it overflows.\nhttps://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx", + "cve": "CVE-2022-41885", + "id": "pyup.io-56523", + "more_info_path": "/vulnerabilities/CVE-2022-41885/56523", "specs": [ "<2.8.4", ">=2.9.0rc0,<2.9.3", @@ -174201,20 +174713,20 @@ "v": "<2.12.1,>=2.13.0rc0,<2.13.0" }, { - "advisory": "Tensorflow-macos updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", - "cve": "CVE-2023-38545", - "id": "pyup.io-72940", - "more_info_path": "/vulnerabilities/CVE-2023-38545/72940", + "advisory": "Tensorflow-macos updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", + "cve": "CVE-2023-38546", + "id": "pyup.io-72939", + "more_info_path": "/vulnerabilities/CVE-2023-38546/72939", "specs": [ "<2.14.1" ], "v": "<2.14.1" }, { - "advisory": "Tensorflow-macos updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38546.", - "cve": "CVE-2023-38546", - "id": "pyup.io-72939", - "more_info_path": "/vulnerabilities/CVE-2023-38546/72939", + "advisory": "Tensorflow-macos 2.14.1 updates its curl dependency from version 8.2.1 to 8.4.0 to address CVE-2023-38545.", + "cve": "CVE-2023-38545", + "id": "pyup.io-72940", + "more_info_path": "/vulnerabilities/CVE-2023-38545/72940", "specs": [ "<2.14.1" ], @@ -180814,20 +181326,20 @@ "v": "<2.9.3,>=2.10.0rc0,<2.10.1" }, { - "advisory": "Tensorflow-rocm includes a vulnerable dependency, `curl` version 8.2.1, which is affected by CVE-2023-38545.", - "cve": "CVE-2023-38545", - "id": "pyup.io-72951", - "more_info_path": "/vulnerabilities/CVE-2023-38545/72951", + "advisory": "Tensorflow-rocm includes a vulnerable dependency, `curl` version 8.2.1, which is affected by CVE-2023-38546.", + "cve": "CVE-2023-38546", + "id": "pyup.io-72949", + "more_info_path": "/vulnerabilities/CVE-2023-38546/72949", "specs": [ ">=0" ], "v": ">=0" }, { - "advisory": "Tensorflow-rocm includes a vulnerable dependency, `curl` version 8.2.1, which is affected by CVE-2023-38546.", - "cve": "CVE-2023-38546", - "id": "pyup.io-72949", - "more_info_path": "/vulnerabilities/CVE-2023-38546/72949", + "advisory": "Tensorflow-rocm includes a vulnerable dependency, `curl` version 8.2.1, which is affected by CVE-2023-38545.", + "cve": "CVE-2023-38545", + "id": "pyup.io-72951", + "more_info_path": "/vulnerabilities/CVE-2023-38545/72951", "specs": [ ">=0" ], @@ -181738,10 +182250,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow-rocm 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29544: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.QuantizeAndDequantizeV4Grad'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the 'input_*' tensors. In turn, this results in the tensors being passes as they are to 'QuantizeAndDequantizePerChannelGradientImpl' (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the 'vec' method, requires the rank to 1 and triggers a 'CHECK' failure otherwise.", - "cve": "CVE-2021-29544", - "id": "pyup.io-57904", - "more_info_path": "/vulnerabilities/CVE-2021-29544/57904", + "advisory": "Tensorflow-rocm 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29543: An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.", + "cve": "CVE-2021-29543", + "id": "pyup.io-57903", + "more_info_path": "/vulnerabilities/CVE-2021-29543/57903", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -181752,10 +182264,10 @@ "v": ">=2.5.0rc0,<2.5.0,>=2.1.0rc0,<2.1.4,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3" }, { - "advisory": "Tensorflow-rocm 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29543: An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.", - "cve": "CVE-2021-29543", - "id": "pyup.io-57903", - "more_info_path": "/vulnerabilities/CVE-2021-29543/57903", + "advisory": "Tensorflow-rocm 2.1.4, 2.2.3, 2.3.3, 2.4.2, and 2.5.0 include a fix for CVE-2021-29544: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.QuantizeAndDequantizeV4Grad'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the 'input_*' tensors. In turn, this results in the tensors being passes as they are to 'QuantizeAndDequantizePerChannelGradientImpl' (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the 'vec' method, requires the rank to 1 and triggers a 'CHECK' failure otherwise.", + "cve": "CVE-2021-29544", + "id": "pyup.io-57904", + "more_info_path": "/vulnerabilities/CVE-2021-29544/57904", "specs": [ ">=2.5.0rc0,<2.5.0", ">=2.1.0rc0,<2.1.4", @@ -184302,10 +184814,10 @@ "v": "<2.1.4,>=2.3.0rc0,<2.3.3,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3" }, { - "advisory": "Tensorflow-rocm-enhanced 2.1.4, 2.2.3, 2.3.3 and 2.4.2 include a fix for CVE-2021-29544: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.QuantizeAndDequantizeV4Grad'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the 'input_*' tensors. In turn, this results in the tensors being passes as they are to 'QuantizeAndDequantizePerChannelGradientImpl' (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the 'vec' method, requires the rank to 1 and triggers a 'CHECK' failure otherwise.", - "cve": "CVE-2021-29544", - "id": "pyup.io-58143", - "more_info_path": "/vulnerabilities/CVE-2021-29544/58143", + "advisory": "Tensorflow-rocm-enhanced 2.1.4, 2.2.3, 2.3.3 and 2.4.2 include a fix for CVE-2021-29543: An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.", + "cve": "CVE-2021-29543", + "id": "pyup.io-58142", + "more_info_path": "/vulnerabilities/CVE-2021-29543/58142", "specs": [ "<2.1.4", ">=2.4.0rc0,<2.4.2", @@ -184315,10 +184827,10 @@ "v": "<2.1.4,>=2.4.0rc0,<2.4.2,>=2.2.0rc0,<2.2.3,>=2.3.0rc0,<2.3.3" }, { - "advisory": "Tensorflow-rocm-enhanced 2.1.4, 2.2.3, 2.3.3 and 2.4.2 include a fix for CVE-2021-29543: An attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.CTCGreedyDecoder`. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/1615440b17b364b875eb06f43d087381f1460a65/tensorflow/core/kernels/ctc_decoder_ops.cc#L37-L50) has a `CHECK_LT` inserted to validate some invariants. When this condition is false, the program aborts, instead of returning a valid error to the user. This abnormal termination can be weaponized in denial of service attacks.", - "cve": "CVE-2021-29543", - "id": "pyup.io-58142", - "more_info_path": "/vulnerabilities/CVE-2021-29543/58142", + "advisory": "Tensorflow-rocm-enhanced 2.1.4, 2.2.3, 2.3.3 and 2.4.2 include a fix for CVE-2021-29544: An attacker can trigger a denial of service via a 'CHECK'-fail in 'tf.raw_ops.QuantizeAndDequantizeV4Grad'. This is because the implementation (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the 'input_*' tensors. In turn, this results in the tensors being passes as they are to 'QuantizeAndDequantizePerChannelGradientImpl' (https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306). However, the 'vec' method, requires the rank to 1 and triggers a 'CHECK' failure otherwise.", + "cve": "CVE-2021-29544", + "id": "pyup.io-58143", + "more_info_path": "/vulnerabilities/CVE-2021-29544/58143", "specs": [ "<2.1.4", ">=2.4.0rc0,<2.4.2", @@ -189478,20 +189990,20 @@ "v": "<0.3.0.dev15" }, { - "advisory": "Toga-core 0.3.0.dev15 updates its NPM dependency 'eslint' minimum requirement to versions >=4.18.2 to include a fix for a ReDoS vulnerability.", - "cve": "PVE-2017-47145", - "id": "pyup.io-47145", - "more_info_path": "/vulnerabilities/PVE-2017-47145/47145", + "advisory": "Toga-core 0.3.0.dev15 updates its NPM dependency 'bootstrap' minimum requirement to versions >=4.3.1 to include a security fix.", + "cve": "CVE-2019-8331", + "id": "pyup.io-48156", + "more_info_path": "/vulnerabilities/CVE-2019-8331/48156", "specs": [ "<0.3.0.dev15" ], "v": "<0.3.0.dev15" }, { - "advisory": "Toga-core 0.3.0.dev15 updates its NPM dependency 'bootstrap' minimum requirement to versions >=4.3.1 to include a security fix.", - "cve": "CVE-2019-8331", - "id": "pyup.io-48156", - "more_info_path": "/vulnerabilities/CVE-2019-8331/48156", + "advisory": "Toga-core 0.3.0.dev15 updates its NPM dependency 'eslint' minimum requirement to versions >=4.18.2 to include a fix for a ReDoS vulnerability.", + "cve": "PVE-2017-47145", + "id": "pyup.io-47145", + "more_info_path": "/vulnerabilities/PVE-2017-47145/47145", "specs": [ "<0.3.0.dev15" ], @@ -189569,9 +190081,9 @@ "tomtoolkit": [ { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2020-9402", - "id": "pyup.io-49467", - "more_info_path": "/vulnerabilities/CVE-2020-9402/49467", + "cve": "CVE-2019-14232", + "id": "pyup.io-49474", + "more_info_path": "/vulnerabilities/CVE-2019-14232/49474", "specs": [ "<1.6.1" ], @@ -189579,9 +190091,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2019-14234", - "id": "pyup.io-49471", - "more_info_path": "/vulnerabilities/CVE-2019-14234/49471", + "cve": "CVE-2019-19118", + "id": "pyup.io-49470", + "more_info_path": "/vulnerabilities/CVE-2019-19118/49470", "specs": [ "<1.6.1" ], @@ -189589,9 +190101,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2019-14232", - "id": "pyup.io-49474", - "more_info_path": "/vulnerabilities/CVE-2019-14232/49474", + "cve": "CVE-2020-13596", + "id": "pyup.io-38397", + "more_info_path": "/vulnerabilities/CVE-2020-13596/38397", "specs": [ "<1.6.1" ], @@ -189599,9 +190111,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2019-14233", - "id": "pyup.io-49473", - "more_info_path": "/vulnerabilities/CVE-2019-14233/49473", + "cve": "CVE-2019-14235", + "id": "pyup.io-49472", + "more_info_path": "/vulnerabilities/CVE-2019-14235/49472", "specs": [ "<1.6.1" ], @@ -189609,9 +190121,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2019-19118", - "id": "pyup.io-49470", - "more_info_path": "/vulnerabilities/CVE-2019-19118/49470", + "cve": "CVE-2019-12781", + "id": "pyup.io-49475", + "more_info_path": "/vulnerabilities/CVE-2019-12781/49475", "specs": [ "<1.6.1" ], @@ -189629,9 +190141,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2019-19844", - "id": "pyup.io-49469", - "more_info_path": "/vulnerabilities/CVE-2019-19844/49469", + "cve": "CVE-2019-14233", + "id": "pyup.io-49473", + "more_info_path": "/vulnerabilities/CVE-2019-14233/49473", "specs": [ "<1.6.1" ], @@ -189639,9 +190151,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2019-14235", - "id": "pyup.io-49472", - "more_info_path": "/vulnerabilities/CVE-2019-14235/49472", + "cve": "CVE-2019-14234", + "id": "pyup.io-49471", + "more_info_path": "/vulnerabilities/CVE-2019-14234/49471", "specs": [ "<1.6.1" ], @@ -189649,9 +190161,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2020-13254", - "id": "pyup.io-49466", - "more_info_path": "/vulnerabilities/CVE-2020-13254/49466", + "cve": "CVE-2020-9402", + "id": "pyup.io-49467", + "more_info_path": "/vulnerabilities/CVE-2020-9402/49467", "specs": [ "<1.6.1" ], @@ -189659,9 +190171,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2019-12308", - "id": "pyup.io-49476", - "more_info_path": "/vulnerabilities/CVE-2019-12308/49476", + "cve": "CVE-2020-13254", + "id": "pyup.io-49466", + "more_info_path": "/vulnerabilities/CVE-2020-13254/49466", "specs": [ "<1.6.1" ], @@ -189669,9 +190181,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2020-13596", - "id": "pyup.io-38397", - "more_info_path": "/vulnerabilities/CVE-2020-13596/38397", + "cve": "CVE-2019-19844", + "id": "pyup.io-49469", + "more_info_path": "/vulnerabilities/CVE-2019-19844/49469", "specs": [ "<1.6.1" ], @@ -189679,9 +190191,9 @@ }, { "advisory": "Tomtoolkit 1.6.1 updates its dependency 'Django' requirement to '>=3.0.7' to include security fixes.", - "cve": "CVE-2019-12781", - "id": "pyup.io-49475", - "more_info_path": "/vulnerabilities/CVE-2019-12781/49475", + "cve": "CVE-2019-12308", + "id": "pyup.io-49476", + "more_info_path": "/vulnerabilities/CVE-2019-12308/49476", "specs": [ "<1.6.1" ], @@ -189831,16 +190343,6 @@ ], "v": "<2.2.0" }, - { - "advisory": "A vulnerability in the PyTorch's torch.distributed.rpc framework, specifically in versions prior to 2.2.2, allows for remote code execution (RCE). The framework, which is used in distributed training scenarios, does not properly verify the functions being called during RPC (Remote Procedure Call) operations. This oversight permits attackers to execute arbitrary commands by leveraging built-in Python functions such as eval during multi-cpu RPC communication. The vulnerability arises from the lack of restriction on function calls when a worker node serializes and sends a PythonUDF (User Defined Function) to the master node, which then deserializes and executes the function without validation. This flaw can be exploited to compromise master nodes initiating distributed training, potentially leading to the theft of sensitive AI-related data.", - "cve": "CVE-2024-5480", - "id": "pyup.io-71670", - "more_info_path": "/vulnerabilities/CVE-2024-5480/71670", - "specs": [ - ">=0" - ], - "v": ">=0" - }, { "advisory": "In PyTorch before trunk/89695, torch.jit.annotations.parse_type_line can cause arbitrary code execution because eval is used unsafely.", "cve": "CVE-2022-45907", @@ -190375,20 +190877,20 @@ "v": "<2.0" }, { - "advisory": "Transformers version 2.0 updates its aiohttp dependency from 3.8.5 to 3.9.0 to address the security vulnerability identified as CVE-2023-49082.", - "cve": "CVE-2023-49082", - "id": "pyup.io-71287", - "more_info_path": "/vulnerabilities/CVE-2023-49082/71287", + "advisory": "Transformers version 2.0 updates its tensorflow dependency from 2.8.1 to 2.11.1 to address the security vulnerability identified as CVE-2023-25668.", + "cve": "CVE-2023-25668", + "id": "pyup.io-71289", + "more_info_path": "/vulnerabilities/CVE-2023-25668/71289", "specs": [ "<2.0" ], "v": "<2.0" }, { - "advisory": "Transformers version 2.0 updates its tensorflow dependency from 2.8.1 to 2.11.1 to address the security vulnerability identified as CVE-2023-25668.", - "cve": "CVE-2023-25668", - "id": "pyup.io-71289", - "more_info_path": "/vulnerabilities/CVE-2023-25668/71289", + "advisory": "Transformers version 2.0 updates its aiohttp dependency from 3.8.5 to 3.9.0 to address the security vulnerability identified as CVE-2023-49082.", + "cve": "CVE-2023-49082", + "id": "pyup.io-71287", + "more_info_path": "/vulnerabilities/CVE-2023-49082/71287", "specs": [ "<2.0" ], @@ -190486,9 +190988,9 @@ }, { "advisory": "Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.", - "cve": "CVE-2023-6730", - "id": "pyup.io-65215", - "more_info_path": "/vulnerabilities/CVE-2023-6730/65215", + "cve": "CVE-2023-7018", + "id": "pyup.io-65398", + "more_info_path": "/vulnerabilities/CVE-2023-7018/65398", "specs": [ ">=0,<4.36.0" ], @@ -190496,9 +190998,9 @@ }, { "advisory": "Deserialization of Untrusted Data in GitHub repository huggingface/transformers prior to 4.36.", - "cve": "CVE-2023-7018", - "id": "pyup.io-65398", - "more_info_path": "/vulnerabilities/CVE-2023-7018/65398", + "cve": "CVE-2023-6730", + "id": "pyup.io-65215", + "more_info_path": "/vulnerabilities/CVE-2023-6730/65215", "specs": [ ">=0,<4.36.0" ], @@ -190664,9 +191166,9 @@ }, { "advisory": "Tribler version 7.11.0rc1 has updated its Pygments dependency from version 2.5.2 to 2.7.4 to address the Denial of Service (DoS) vulnerability identified by CVE-2021-20270.\r\nhttps://github.com/Tribler/tribler/pull/6204/commits/c17ce53a03493a1e469f2860fc8a09154f5cc89d", - "cve": null, + "cve": "PVE-2024-66854", "id": "pyup.io-66854", - "more_info_path": "/vulnerabilities/None/66854", + "more_info_path": "/vulnerabilities/PVE-2024-66854/66854", "specs": [ "<7.11.0rc1" ], @@ -190944,10 +191446,10 @@ "v": "<2.4.0" }, { - "advisory": "Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors.", - "cve": "CVE-2016-1241", - "id": "pyup.io-54110", - "more_info_path": "/vulnerabilities/CVE-2016-1241/54110", + "advisory": "file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.", + "cve": "CVE-2016-1242", + "id": "pyup.io-54111", + "more_info_path": "/vulnerabilities/CVE-2016-1242/54111", "specs": [ ">=0,<3.2.17", ">=3.4,<3.4.14", @@ -190958,10 +191460,10 @@ "v": ">=0,<3.2.17,>=3.4,<3.4.14,>=3.6,<3.6.12,>=3.8,<3.8.8,>=4.0,<4.0.4" }, { - "advisory": "file_open in Tryton before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allows remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other vectors.", - "cve": "CVE-2016-1242", - "id": "pyup.io-54111", - "more_info_path": "/vulnerabilities/CVE-2016-1242/54111", + "advisory": "Tryton 3.x before 3.2.17, 3.4.x before 3.4.14, 3.6.x before 3.6.12, 3.8.x before 3.8.8, and 4.x before 4.0.4 allow remote authenticated users to discover user password hashes via unspecified vectors.", + "cve": "CVE-2016-1241", + "id": "pyup.io-54110", + "more_info_path": "/vulnerabilities/CVE-2016-1241/54110", "specs": [ ">=0,<3.2.17", ">=3.4,<3.4.14", @@ -191033,10 +191535,10 @@ "v": ">=4.2.0,<4.2.21,>=4.4.0,<4.4.19,>=4.6.0,<4.6.14,>=4.8.0,<4.8.10,>=5.0.0,<5.0.6" }, { - "advisory": "An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system.", - "cve": "CVE-2022-26661", - "id": "pyup.io-54404", - "more_info_path": "/vulnerabilities/CVE-2022-26661/54404", + "advisory": "An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server.", + "cve": "CVE-2022-26662", + "id": "pyup.io-54402", + "more_info_path": "/vulnerabilities/CVE-2022-26662/54402", "specs": [ ">=5.0.0,<5.0.46", ">=6.0.0,<6.0.16", @@ -191045,10 +191547,10 @@ "v": ">=5.0.0,<5.0.46,>=6.0.0,<6.0.16,>=6.1.0,<6.2.6" }, { - "advisory": "An XML Entity Expansion (XEE) issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An unauthenticated user can send a crafted XML-RPC message to consume all the resources of the server.", - "cve": "CVE-2022-26662", - "id": "pyup.io-54402", - "more_info_path": "/vulnerabilities/CVE-2022-26662/54402", + "advisory": "An XXE issue was discovered in Tryton Application Platform (Server) 5.x through 5.0.45, 6.x through 6.0.15, and 6.1.x and 6.2.x through 6.2.5, and Tryton Application Platform (Command Line Client (proteus)) 5.x through 5.0.11, 6.x through 6.0.4, and 6.1.x and 6.2.x through 6.2.1. An authenticated user can make the server parse a crafted XML SEPA file to access arbitrary files on the system.", + "cve": "CVE-2022-26661", + "id": "pyup.io-54404", + "more_info_path": "/vulnerabilities/CVE-2022-26661/54404", "specs": [ ">=5.0.0,<5.0.46", ">=6.0.0,<6.0.16", @@ -191468,9 +191970,9 @@ }, { "advisory": "Tutor 11.2.10 applies security patches for the 'Django' dependency by upgrading from 2.2.20 to 2.2.23.", - "cve": "CVE-2021-32052", - "id": "pyup.io-40906", - "more_info_path": "/vulnerabilities/CVE-2021-32052/40906", + "cve": "CVE-2021-28658", + "id": "pyup.io-49772", + "more_info_path": "/vulnerabilities/CVE-2021-28658/49772", "specs": [ "<11.2.10" ], @@ -191478,9 +191980,9 @@ }, { "advisory": "Tutor 11.2.10 applies security patches for the 'Django' dependency by upgrading from 2.2.20 to 2.2.23.", - "cve": "CVE-2021-28658", - "id": "pyup.io-49772", - "more_info_path": "/vulnerabilities/CVE-2021-28658/49772", + "cve": "CVE-2021-32052", + "id": "pyup.io-40906", + "more_info_path": "/vulnerabilities/CVE-2021-32052/40906", "specs": [ "<11.2.10" ], @@ -191676,16 +192178,6 @@ ], "v": "<3.6.3" }, - { - "advisory": "Tutor 3.9.0 includes security patches for the 'Django' underlying dependency (1.11.21 -> 1.11.27).", - "cve": "CVE-2019-14233", - "id": "pyup.io-49775", - "more_info_path": "/vulnerabilities/CVE-2019-14233/49775", - "specs": [ - "<3.9.0" - ], - "v": "<3.9.0" - }, { "advisory": "Tutor 3.9.0 includes security patches for the 'Django' underlying dependency (1.11.21 -> 1.11.27).", "cve": "CVE-2019-19118", @@ -191718,9 +192210,9 @@ }, { "advisory": "Tutor 3.9.0 includes security patches for the 'Django' underlying dependency (1.11.21 -> 1.11.27).", - "cve": "CVE-2019-14235", - "id": "pyup.io-49777", - "more_info_path": "/vulnerabilities/CVE-2019-14235/49777", + "cve": "CVE-2019-14234", + "id": "pyup.io-49776", + "more_info_path": "/vulnerabilities/CVE-2019-14234/49776", "specs": [ "<3.9.0" ], @@ -191738,9 +192230,19 @@ }, { "advisory": "Tutor 3.9.0 includes security patches for the 'Django' underlying dependency (1.11.21 -> 1.11.27).", - "cve": "CVE-2019-14234", - "id": "pyup.io-49776", - "more_info_path": "/vulnerabilities/CVE-2019-14234/49776", + "cve": "CVE-2019-14235", + "id": "pyup.io-49777", + "more_info_path": "/vulnerabilities/CVE-2019-14235/49777", + "specs": [ + "<3.9.0" + ], + "v": "<3.9.0" + }, + { + "advisory": "Tutor 3.9.0 includes security patches for the 'Django' underlying dependency (1.11.21 -> 1.11.27).", + "cve": "CVE-2019-14233", + "id": "pyup.io-49775", + "more_info_path": "/vulnerabilities/CVE-2019-14233/49775", "specs": [ "<3.9.0" ], @@ -191898,9 +192400,9 @@ }, { "advisory": "Twisted 19.10.0 includes security fixes to HTTP/2 DoS Attacks: Ping, Reset, and Settings Floods.\r\nhttps://github.com/advisories/GHSA-32gv-6cf3-wcmq", - "cve": "CVE-2019-9515", - "id": "pyup.io-55100", - "more_info_path": "/vulnerabilities/CVE-2019-9515/55100", + "cve": "CVE-2019-9514", + "id": "pyup.io-55099", + "more_info_path": "/vulnerabilities/CVE-2019-9514/55099", "specs": [ "<19.10.0" ], @@ -191908,9 +192410,9 @@ }, { "advisory": "Twisted 19.10.0 includes security fixes to HTTP/2 DoS Attacks: Ping, Reset, and Settings Floods.\r\nhttps://github.com/advisories/GHSA-32gv-6cf3-wcmq", - "cve": "CVE-2019-9514", - "id": "pyup.io-55099", - "more_info_path": "/vulnerabilities/CVE-2019-9514/55099", + "cve": "CVE-2019-9515", + "id": "pyup.io-55100", + "more_info_path": "/vulnerabilities/CVE-2019-9515/55100", "specs": [ "<19.10.0" ], @@ -191966,6 +192468,26 @@ ], "v": "<22.4.0rc1" }, + { + "advisory": "Affected versions of Twisted are vulnerable to HTTP Request Smuggling. The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined HTTP requests out-of-order, possibly resulting in information disclosure.", + "cve": "CVE-2024-41671", + "id": "pyup.io-73800", + "more_info_path": "/vulnerabilities/CVE-2024-41671/73800", + "specs": [ + "<24.7.0rc1" + ], + "v": "<24.7.0rc1" + }, + { + "advisory": "Affected versions of Twisted are vulnerable to XSS. The `twisted.web.util.redirectTo` function contains an HTML injection vulnerability. If application code allows an attacker to control the redirect URL this vulnerability may result in Reflected Cross-Site Scripting (XSS) in the redirect response HTML body.", + "cve": "CVE-2024-41810", + "id": "pyup.io-73795", + "more_info_path": "/vulnerabilities/CVE-2024-41810/73795", + "specs": [ + "<24.7.0rc1" + ], + "v": "<24.7.0rc1" + }, { "advisory": "Twisted 20.3.0 includes a fix for CVE-2020-10109: In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request.", "cve": "CVE-2020-10109", @@ -192460,9 +192982,9 @@ "unbabel-comet": [ { "advisory": "Unbabel-comet 1.1.0 updates its dependency 'pytorch-lightning' to v1.6.0 to include security fixes.", - "cve": "CVE-2022-0845", - "id": "pyup.io-49297", - "more_info_path": "/vulnerabilities/CVE-2022-0845/49297", + "cve": "CVE-2021-4118", + "id": "pyup.io-49247", + "more_info_path": "/vulnerabilities/CVE-2021-4118/49247", "specs": [ "<1.1.0" ], @@ -192470,9 +192992,9 @@ }, { "advisory": "Unbabel-comet 1.1.0 updates its dependency 'pytorch-lightning' to v1.6.0 to include security fixes.", - "cve": "CVE-2021-4118", - "id": "pyup.io-49247", - "more_info_path": "/vulnerabilities/CVE-2021-4118/49247", + "cve": "CVE-2022-0845", + "id": "pyup.io-49297", + "more_info_path": "/vulnerabilities/CVE-2022-0845/49297", "specs": [ "<1.1.0" ], @@ -193153,20 +193675,20 @@ ], "uvicorn": [ { - "advisory": "The request logger provided by Uvicorn prior to version 0.11.7 is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request crafted URLs with percent-encoded escape sequences, the logging component will log the URL after it's been processed with urllib.parse.unquote, therefore converting any percent-encoded characters into their single-character equivalent, which can have special meaning in terminal emulators. By requesting URLs with crafted paths, attackers can: * Pollute uvicorn's access logs, therefore jeopardising the integrity of such files. * Use ANSI sequence codes to attempt to interact with the terminal emulator that's displaying the logs (either in real time or from a file). See: CVE-2020-7694.", - "cve": "CVE-2020-7694", - "id": "pyup.io-38664", - "more_info_path": "/vulnerabilities/CVE-2020-7694/38664", + "advisory": "Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF sequences are not escaped in the value of HTTP headers. Attackers can exploit this to add arbitrary headers to HTTP responses, or even return an arbitrary response body, whenever crafted input is used to construct HTTP headers.", + "cve": "CVE-2020-7695", + "id": "pyup.io-38665", + "more_info_path": "/vulnerabilities/CVE-2020-7695/38665", "specs": [ "<0.11.7" ], "v": "<0.11.7" }, { - "advisory": "Uvicorn before 0.11.7 is vulnerable to HTTP response splitting. CRLF sequences are not escaped in the value of HTTP headers. Attackers can exploit this to add arbitrary headers to HTTP responses, or even return an arbitrary response body, whenever crafted input is used to construct HTTP headers.", - "cve": "CVE-2020-7695", - "id": "pyup.io-38665", - "more_info_path": "/vulnerabilities/CVE-2020-7695/38665", + "advisory": "The request logger provided by Uvicorn prior to version 0.11.7 is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request crafted URLs with percent-encoded escape sequences, the logging component will log the URL after it's been processed with urllib.parse.unquote, therefore converting any percent-encoded characters into their single-character equivalent, which can have special meaning in terminal emulators. By requesting URLs with crafted paths, attackers can: * Pollute uvicorn's access logs, therefore jeopardising the integrity of such files. * Use ANSI sequence codes to attempt to interact with the terminal emulator that's displaying the logs (either in real time or from a file). See: CVE-2020-7694.", + "cve": "CVE-2020-7694", + "id": "pyup.io-38664", + "more_info_path": "/vulnerabilities/CVE-2020-7694/38664", "specs": [ "<0.11.7" ], @@ -193293,20 +193815,20 @@ "v": "<=0.6.2" }, { - "advisory": "vanna-ai/vanna version affected versions are vulnerable to SQL injection in some file-critical functions such as `pg_read_file()`. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, including sensitive files like `/etc/passwd`, by exploiting the exposed SQL queries via a Python Flask API.", - "cve": "CVE-2024-5753", - "id": "pyup.io-72081", - "more_info_path": "/vulnerabilities/CVE-2024-5753/72081", + "advisory": "In affected versions, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server.", + "cve": "CVE-2024-5826", + "id": "pyup.io-72090", + "more_info_path": "/vulnerabilities/CVE-2024-5826/72090", "specs": [ ">=0" ], "v": ">=0" }, { - "advisory": "In affected versions, the `vanna.ask` function is vulnerable to remote code execution due to prompt injection. The root cause is the lack of a sandbox when executing LLM-generated code, allowing an attacker to manipulate the code executed by the `exec` function in `src/vanna/base/base.py`. This vulnerability can be exploited by an attacker to achieve remote code execution on the app backend server, potentially gaining full control of the server.", - "cve": "CVE-2024-5826", - "id": "pyup.io-72090", - "more_info_path": "/vulnerabilities/CVE-2024-5826/72090", + "advisory": "vanna-ai/vanna version affected versions are vulnerable to SQL injection in some file-critical functions such as `pg_read_file()`. This vulnerability allows unauthenticated remote users to read arbitrary local files on the victim server, including sensitive files like `/etc/passwd`, by exploiting the exposed SQL queries via a Python Flask API.", + "cve": "CVE-2024-5753", + "id": "pyup.io-72081", + "more_info_path": "/vulnerabilities/CVE-2024-5753/72081", "specs": [ ">=0" ], @@ -193315,20 +193837,20 @@ ], "vantage6": [ { - "advisory": "vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds.", - "cve": "CVE-2023-41882", - "id": "pyup.io-65239", - "more_info_path": "/vulnerabilities/CVE-2023-41882/65239", + "advisory": "vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.", + "cve": "CVE-2023-41881", + "id": "pyup.io-65244", + "more_info_path": "/vulnerabilities/CVE-2023-41881/65244", "specs": [ "<4.0.0" ], "v": "<4.0.0" }, { - "advisory": "vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.", - "cve": "CVE-2023-41881", - "id": "pyup.io-65244", - "more_info_path": "/vulnerabilities/CVE-2023-41881/65244", + "advisory": "vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds.", + "cve": "CVE-2023-41882", + "id": "pyup.io-65239", + "more_info_path": "/vulnerabilities/CVE-2023-41882/65239", "specs": [ "<4.0.0" ], @@ -193374,16 +193896,6 @@ ], "v": "<4.2.0" }, - { - "advisory": "The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches this vulnerability.", - "cve": "CVE-2024-21671", - "id": "pyup.io-66725", - "more_info_path": "/vulnerabilities/CVE-2024-21671/66725", - "specs": [ - "<4.2.0" - ], - "v": "<4.2.0" - }, { "advisory": "The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a task with sensitive input data that will then be stored unencrypted in a database. Users should ensure they set the encryption setting correctly. This vulnerability is patched in 4.2.0.", "cve": "CVE-2024-22193", @@ -193404,6 +193916,16 @@ ], "v": "<4.2.0" }, + { + "advisory": "The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches this vulnerability.", + "cve": "CVE-2024-21671", + "id": "pyup.io-66725", + "more_info_path": "/vulnerabilities/CVE-2024-21671/66725", + "specs": [ + "<4.2.0" + ], + "v": "<4.2.0" + }, { "advisory": "vantage6 is an open source framework built to enable, manage and deploy privacy enhancing technologies like Federated Learning and Multi-Party Computation. Much like GHSA-45gq-q4xh-cp53, it is possible to find which usernames exist in vantage6 by calling the API routes `/recover/lost` and `/2fa/lost`. These routes send emails to users if they have lost their password or MFA token.", "cve": "CVE-2024-24770", @@ -193445,20 +193967,20 @@ "v": ">=0,<3.8.0" }, { - "advisory": "From issue: \n\nProblem description\nCurrently, the refresh token is valid indefinitely. This is bad security practice.\n\nDesired solution\nThe refresh token should get a validity of 24-48 hours.\n\nAdditional context\n\nWhen implementing this, also check that the refresh token returns a new refresh token\nWhen implementing this, also adapt the UI so that it logs out if refresh token is no longer valid.\nWhen implementing this, ensure that nodes refresh their token periodically so that they do not have to be restarted manually.\n\n\n### Impact\n### Patches\nNone available \n\n### Workarounds\nNone available\n\n", - "cve": "CVE-2023-23929", - "id": "pyup.io-54661", - "more_info_path": "/vulnerabilities/CVE-2023-23929/54661", + "advisory": "### Impact\nAssigning existing users to a different organization is currently possible. It may lead to unintended access: if a user from organization A is accidentally assigned to organization B, they will retain their permissions and therefore might be able to access stuff they should not be allowed to access.\n\n### Patches\nUpdate to 3.8.0\n\n### Workarounds\nNone\n\n### References\nNone\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Email us at [vantage6@iknl.nl](mailto:vantage6@iknl.nl)\n", + "cve": "CVE-2023-22738", + "id": "pyup.io-54660", + "more_info_path": "/vulnerabilities/CVE-2023-22738/54660", "specs": [ ">=0,<3.8.0" ], "v": ">=0,<3.8.0" }, { - "advisory": "### Impact\nAssigning existing users to a different organization is currently possible. It may lead to unintended access: if a user from organization A is accidentally assigned to organization B, they will retain their permissions and therefore might be able to access stuff they should not be allowed to access.\n\n### Patches\nUpdate to 3.8.0\n\n### Workarounds\nNone\n\n### References\nNone\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Email us at [vantage6@iknl.nl](mailto:vantage6@iknl.nl)\n", - "cve": "CVE-2023-22738", - "id": "pyup.io-54660", - "more_info_path": "/vulnerabilities/CVE-2023-22738/54660", + "advisory": "From issue: \n\nProblem description\nCurrently, the refresh token is valid indefinitely. This is bad security practice.\n\nDesired solution\nThe refresh token should get a validity of 24-48 hours.\n\nAdditional context\n\nWhen implementing this, also check that the refresh token returns a new refresh token\nWhen implementing this, also adapt the UI so that it logs out if refresh token is no longer valid.\nWhen implementing this, ensure that nodes refresh their token periodically so that they do not have to be restarted manually.\n\n\n### Impact\n### Patches\nNone available \n\n### Workarounds\nNone available\n\n", + "cve": "CVE-2023-23929", + "id": "pyup.io-54661", + "more_info_path": "/vulnerabilities/CVE-2023-23929/54661", "specs": [ ">=0,<3.8.0" ], @@ -193467,20 +193989,20 @@ ], "vantage6-client": [ { - "advisory": "vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0, malicious users may try to get access to resources they are not allowed to see, by creating resources with integers as names. One example where this is a risk, is when users define which users are allowed to run algorithms on their node. This may be defined by username or user id. Now, for example, if user id 13 is allowed to run tasks, and an attacker creates a username with username '13', they would be wrongly allowed to run an algorithm. There may also be other places in the code where such a mixup of resource ID or name leads to issues. Version 4.0.0 contains a patch for this issue. The best solution is to check when resources are created or modified, that the resource name always starts with a character.", - "cve": "CVE-2023-28635", - "id": "pyup.io-62911", - "more_info_path": "/vulnerabilities/CVE-2023-28635/62911", + "advisory": "vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.", + "cve": "CVE-2023-41881", + "id": "pyup.io-65245", + "more_info_path": "/vulnerabilities/CVE-2023-41881/65245", "specs": [ "<4.0.0" ], "v": "<4.0.0" }, { - "advisory": "vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.", - "cve": "CVE-2023-41881", - "id": "pyup.io-65245", - "more_info_path": "/vulnerabilities/CVE-2023-41881/65245", + "advisory": "vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0, malicious users may try to get access to resources they are not allowed to see, by creating resources with integers as names. One example where this is a risk, is when users define which users are allowed to run algorithms on their node. This may be defined by username or user id. Now, for example, if user id 13 is allowed to run tasks, and an attacker creates a username with username '13', they would be wrongly allowed to run an algorithm. There may also be other places in the code where such a mixup of resource ID or name leads to issues. Version 4.0.0 contains a patch for this issue. The best solution is to check when resources are created or modified, that the resource name always starts with a character.", + "cve": "CVE-2023-28635", + "id": "pyup.io-62911", + "more_info_path": "/vulnerabilities/CVE-2023-28635/62911", "specs": [ "<4.0.0" ], @@ -193509,20 +194031,20 @@ ], "vantage6-common": [ { - "advisory": "vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds.", - "cve": "CVE-2023-41882", - "id": "pyup.io-65241", - "more_info_path": "/vulnerabilities/CVE-2023-41882/65241", + "advisory": "vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.", + "cve": "CVE-2023-41881", + "id": "pyup.io-65246", + "more_info_path": "/vulnerabilities/CVE-2023-41881/65246", "specs": [ "<4.0.0" ], "v": "<4.0.0" }, { - "advisory": "vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.", - "cve": "CVE-2023-41881", - "id": "pyup.io-65246", - "more_info_path": "/vulnerabilities/CVE-2023-41881/65246", + "advisory": "vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds.", + "cve": "CVE-2023-41882", + "id": "pyup.io-65241", + "more_info_path": "/vulnerabilities/CVE-2023-41882/65241", "specs": [ "<4.0.0" ], @@ -193541,20 +194063,20 @@ "v": "<4.0.0" }, { - "advisory": "vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0, malicious users may try to get access to resources they are not allowed to see, by creating resources with integers as names. One example where this is a risk, is when users define which users are allowed to run algorithms on their node. This may be defined by username or user id. Now, for example, if user id 13 is allowed to run tasks, and an attacker creates a username with username '13', they would be wrongly allowed to run an algorithm. There may also be other places in the code where such a mixup of resource ID or name leads to issues. Version 4.0.0 contains a patch for this issue. The best solution is to check when resources are created or modified, that the resource name always starts with a character.", - "cve": "CVE-2023-28635", - "id": "pyup.io-62910", - "more_info_path": "/vulnerabilities/CVE-2023-28635/62910", + "advisory": "vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds.", + "cve": "CVE-2023-41882", + "id": "pyup.io-65242", + "more_info_path": "/vulnerabilities/CVE-2023-41882/65242", "specs": [ "<4.0.0" ], "v": "<4.0.0" }, { - "advisory": "vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds.", - "cve": "CVE-2023-41882", - "id": "pyup.io-65242", - "more_info_path": "/vulnerabilities/CVE-2023-41882/65242", + "advisory": "vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0, malicious users may try to get access to resources they are not allowed to see, by creating resources with integers as names. One example where this is a risk, is when users define which users are allowed to run algorithms on their node. This may be defined by username or user id. Now, for example, if user id 13 is allowed to run tasks, and an attacker creates a username with username '13', they would be wrongly allowed to run an algorithm. There may also be other places in the code where such a mixup of resource ID or name leads to issues. Version 4.0.0 contains a patch for this issue. The best solution is to check when resources are created or modified, that the resource name always starts with a character.", + "cve": "CVE-2023-28635", + "id": "pyup.io-62910", + "more_info_path": "/vulnerabilities/CVE-2023-28635/62910", "specs": [ "<4.0.0" ], @@ -193612,16 +194134,6 @@ ], "v": "<4.1.2" }, - { - "advisory": "The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a task with sensitive input data that will then be stored unencrypted in a database. Users should ensure they set the encryption setting correctly. This vulnerability is patched in 4.2.0.", - "cve": "CVE-2024-22193", - "id": "pyup.io-66724", - "more_info_path": "/vulnerabilities/CVE-2024-22193/66724", - "specs": [ - "<4.2.0" - ], - "v": "<4.2.0" - }, { "advisory": "The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Prior to 4.2.0, authenticated users could inject code into algorithm environment variables, resulting in remote code execution. This vulnerability is patched in 4.2.0.", "cve": "CVE-2024-21649", @@ -193642,6 +194154,16 @@ ], "v": "<4.2.0" }, + { + "advisory": "The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a task with sensitive input data that will then be stored unencrypted in a database. Users should ensure they set the encryption setting correctly. This vulnerability is patched in 4.2.0.", + "cve": "CVE-2024-22193", + "id": "pyup.io-66724", + "more_info_path": "/vulnerabilities/CVE-2024-22193/66724", + "specs": [ + "<4.2.0" + ], + "v": "<4.2.0" + }, { "advisory": "The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. The vulnerability can be mitigated by removing the ssh part from the docker file and rebuilding the docker image. Version 4.2.0 patches the vulnerability.", "cve": "CVE-2024-21653", @@ -193904,9 +194426,9 @@ }, { "advisory": "Vhcalc 0.2.5 updates Dockerfile to \"python:3.9-slim-buster\" to include security fixes.", - "cve": "CVE-2022-0563", - "id": "pyup.io-49304", - "more_info_path": "/vulnerabilities/CVE-2022-0563/49304", + "cve": "CVE-2022-1587", + "id": "pyup.io-49302", + "more_info_path": "/vulnerabilities/CVE-2022-1587/49302", "specs": [ "<0.2.5" ], @@ -193914,9 +194436,9 @@ }, { "advisory": "Vhcalc 0.2.5 updates Dockerfile to \"python:3.9-slim-buster\" to include security fixes.", - "cve": "CVE-2022-1586", - "id": "pyup.io-49303", - "more_info_path": "/vulnerabilities/CVE-2022-1586/49303", + "cve": "CVE-2022-1292", + "id": "pyup.io-49301", + "more_info_path": "/vulnerabilities/CVE-2022-1292/49301", "specs": [ "<0.2.5" ], @@ -193924,9 +194446,9 @@ }, { "advisory": "Vhcalc 0.2.5 updates Dockerfile to \"python:3.9-slim-buster\" to include security fixes.", - "cve": "CVE-2022-1587", - "id": "pyup.io-49302", - "more_info_path": "/vulnerabilities/CVE-2022-1587/49302", + "cve": "CVE-2022-1586", + "id": "pyup.io-49303", + "more_info_path": "/vulnerabilities/CVE-2022-1586/49303", "specs": [ "<0.2.5" ], @@ -193934,9 +194456,9 @@ }, { "advisory": "Vhcalc 0.2.5 updates Dockerfile to \"python:3.9-slim-buster\" to include security fixes.", - "cve": "CVE-2022-1292", - "id": "pyup.io-49301", - "more_info_path": "/vulnerabilities/CVE-2022-1292/49301", + "cve": "CVE-2022-0563", + "id": "pyup.io-49304", + "more_info_path": "/vulnerabilities/CVE-2022-0563/49304", "specs": [ "<0.2.5" ], @@ -194395,6 +194917,18 @@ "v": "<9.0.1" } ], + "volttron-core": [ + { + "advisory": "Affected versions of the VOLTTRON package are potentially vulnerable to Improper Authorization (CWE-285). The issue lies in how configuration stores were managed, potentially allowing unauthorized users to modify or delete configuration files. This vulnerability could be exploited remotely if the configuration store is not properly protected, leading to unauthorized access and system misconfigurations. Mitigation involves upgrading to a version where automated authorization (AuthEntry) is enforced, ensuring proper access control for sensitive operations in the configuration store.", + "cve": "PVE-2024-73537", + "id": "pyup.io-73537", + "more_info_path": "/vulnerabilities/PVE-2024-73537/73537", + "specs": [ + "<10.0.5rc1" + ], + "v": "<10.0.5rc1" + } + ], "volumio-buddy": [ { "advisory": "Volumio-buddy 3.0.3 updates its dependency 'pillow' to v9.3.0 to include security fixes.", @@ -194604,16 +195138,6 @@ ], "v": "<0.3.0" }, - { - "advisory": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Prior to version 0.3.0, default functions don't respect nonreentrancy keys and the lock isn't emitted. No vulnerable production contracts were found. Additionally, using a lock on a `default` function is a very sparsely used pattern. As such, the impact is low. Version 0.3.0 contains a patch for the issue. See CVE-2024-32648.", - "cve": "CVE-2024-32648", - "id": "pyup.io-70711", - "more_info_path": "/vulnerabilities/CVE-2024-32648/70711", - "specs": [ - "<0.3.0" - ], - "v": "<0.3.0" - }, { "advisory": "Vyper version 0.3.0 includes a fix for CVE-2021-41122: In affected versions, external functions don't properly validate the bounds of decimal arguments. That can lead to logic errors.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-c7pr-343r-5c46\r\nhttps://github.com/vyperlang/vyper/pull/2447", "cve": "CVE-2021-41122", @@ -194625,14 +195149,14 @@ "v": "<0.3.0" }, { - "advisory": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `sqrt` builtin can result in double eval vulnerability when the argument has side-effects. It can be seen that the `build_IR` function of the `sqrt` builtin doesn't cache the argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions are available. See CVE-2024-32649.", - "cve": "CVE-2024-32649", - "id": "pyup.io-70712", - "more_info_path": "/vulnerabilities/CVE-2024-32649/70712", + "advisory": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Prior to version 0.3.0, default functions don't respect nonreentrancy keys and the lock isn't emitted. No vulnerable production contracts were found. Additionally, using a lock on a `default` function is a very sparsely used pattern. As such, the impact is low. Version 0.3.0 contains a patch for the issue. See CVE-2024-32648.", + "cve": "CVE-2024-32648", + "id": "pyup.io-70711", + "more_info_path": "/vulnerabilities/CVE-2024-32648/70711", "specs": [ - "<0.3.10" + "<0.3.0" ], - "v": "<0.3.10" + "v": "<0.3.0" }, { "advisory": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when `raw_log` builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in production. The `build_IR` function of the `RawLog` class fails to properly unwrap the variables provided as topics. Consequently, incorrect values are logged as topics. As of time of publication, no fixed version is available. See CVE-2024-32645.", @@ -194654,6 +195178,16 @@ ], "v": "<0.3.10" }, + { + "advisory": "Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `sqrt` builtin can result in double eval vulnerability when the argument has side-effects. It can be seen that the `build_IR` function of the `sqrt` builtin doesn't cache the argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions are available. See CVE-2024-32649.", + "cve": "CVE-2024-32649", + "id": "pyup.io-70712", + "more_info_path": "/vulnerabilities/CVE-2024-32649/70712", + "specs": [ + "<0.3.10" + ], + "v": "<0.3.10" + }, { "advisory": "Vyper 0.3.10 includes a fix for CVE-2023-41052: In affected versions the order of evaluation of the arguments of the builtin functions 'uint256_addmod', 'uint256_mulmod', 'ecadd' and 'ecmul' does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side effects that other arguments depend on. A patch is currently being developed on pull request #3583. When using builtins from the list above, users should make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq", "cve": "CVE-2023-41052", @@ -194674,6 +195208,16 @@ ], "v": "<0.3.10" }, + { + "advisory": "Vyper 0.3.2 includes a fix for CVE-2022-24787: In version 0.3.1 and prior, bytestrings can have dirty bytes in them, resulting in the word-for-word comparisons giving incorrect results. Even without dirty nonzero bytes, two bytestrings can compare to equal if one ends with \"\\x00\" because there is no comparison of the length. \r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-7vrm-3jc8-5wwm", + "cve": "CVE-2022-24787", + "id": "pyup.io-47973", + "more_info_path": "/vulnerabilities/CVE-2022-24787/47973", + "specs": [ + "<0.3.2" + ], + "v": "<0.3.2" + }, { "advisory": "Vyper 0.3.2 includes a fix for CVE-2022-24788: Versions of Vyper prior to 0.3.2 suffer from a potential buffer overrun. Importing a function from a JSON interface which returns 'bytes' generates bytecode which does not clamp bytes length, potentially resulting in a buffer overrun.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-4mrx-6fxm-8jpg", "cve": "CVE-2022-24788", @@ -194694,16 +195238,6 @@ ], "v": "<0.3.2" }, - { - "advisory": "Vyper 0.3.2 includes a fix for CVE-2022-24787: In version 0.3.1 and prior, bytestrings can have dirty bytes in them, resulting in the word-for-word comparisons giving incorrect results. Even without dirty nonzero bytes, two bytestrings can compare to equal if one ends with \"\\x00\" because there is no comparison of the length. \r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-7vrm-3jc8-5wwm", - "cve": "CVE-2022-24787", - "id": "pyup.io-47973", - "more_info_path": "/vulnerabilities/CVE-2022-24787/47973", - "specs": [ - "<0.3.2" - ], - "v": "<0.3.2" - }, { "advisory": "Vyper 0.3.4 includes a fix for CVE-2022-29255: In versions prior to 0.3.4 when a calling an external contract with no return value, the contract address (including side effects) could be evaluated twice. This may result in incorrect outcomes for contracts.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-4v9q-cgpw-cf38", "cve": "CVE-2022-29255", @@ -194724,6 +195258,16 @@ ], "v": "<0.3.8" }, + { + "advisory": "Vyper 0.3.8 includes a fix for CVE-2023-32675: In contracts with more than one regular nonpayable function, it is possible to send funds to the default function, even if the default function is marked 'nonpayable'. This applies to contracts compiled with vyper versions prior to 0.3.8. This issue was fixed by the removal of the global 'calldatasize' check in commit '02339dfda'. Users unable to upgrade should avoid use of nonpayable default functions.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-vxmm-cwh2-q762", + "cve": "CVE-2023-32675", + "id": "pyup.io-58743", + "more_info_path": "/vulnerabilities/CVE-2023-32675/58743", + "specs": [ + "<0.3.8" + ], + "v": "<0.3.8" + }, { "advisory": "Vyper 0.3.8 includes a fix for CVE-2023-30837: The storage allocator does not guard against allocation overflows in versions prior to 0.3.8. An attacker can overwrite the owner variable.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-mgv8-gggw-mrg6", "cve": "CVE-2023-30837", @@ -194744,16 +195288,6 @@ ], "v": "<0.3.8" }, - { - "advisory": "Vyper 0.3.8 includes a fix for CVE-2023-32675: In contracts with more than one regular nonpayable function, it is possible to send funds to the default function, even if the default function is marked 'nonpayable'. This applies to contracts compiled with vyper versions prior to 0.3.8. This issue was fixed by the removal of the global 'calldatasize' check in commit '02339dfda'. Users unable to upgrade should avoid use of nonpayable default functions.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-vxmm-cwh2-q762", - "cve": "CVE-2023-32675", - "id": "pyup.io-58743", - "more_info_path": "/vulnerabilities/CVE-2023-32675/58743", - "specs": [ - "<0.3.8" - ], - "v": "<0.3.8" - }, { "advisory": "Vyper 0.3.8 includes a fix for CVE-2023-32059: Prior to version 0.3.8, internal calls with default arguments are compiled incorrectly. Depending on the number of arguments provided in the call, the defaults are added not right-to-left, but left-to-right. If the types are incompatible, typechecking is bypassed. The ability to pass kwargs to internal functions is an undocumented feature that is not well known about.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-ph9x-4vc9-m39g", "cve": "CVE-2023-32059", @@ -194765,67 +195299,7 @@ "v": "<0.3.8" }, { - "advisory": "In vyper affected versions, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice() function uses a non-literal argument for the start or length variable, this creates the ability for an attacker to overflow the bounds check. This issue can be used to do OOB access to storage, memory or calldata addresses. It can also be used to corrupt the length slot of the respective array.", - "cve": "CVE-2024-24561", - "id": "pyup.io-71682", - "more_info_path": "/vulnerabilities/CVE-2024-24561/71682", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, the `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. The buffer overflow can result in the change of semantics of the contract. The overflow is length-dependent and thus it might go unnoticed during contract testing. However, certainly not all usages of concat will result in overwritten valid data as we require it to be in an internal function and close to the return statement where other memory allocations don't occur.", - "cve": "CVE-2024-22419", - "id": "pyup.io-71700", - "more_info_path": "/vulnerabilities/CVE-2024-22419/71700", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, when looping over a `range` of the form `range(start, start + N)`, if `start` is negative, the execution will always revert. This issue is caused by an incorrect assertion inserted by the code generation of the range `stmt.parse_For_range()`. The issue arises when `start` is signed, instead of using `sle`, `le` is used and `start` is interpreted as an unsigned integer for the comparison. If it is a negative number, its 255th bit is set to `1` and is hence interpreted as a very large unsigned integer making the assertion always fail. Any contract having a `range(start, start + N)` where `start` is a signed integer with the possibility for `start` to be negative is affected. If a call goes through the loop while supplying a negative `start` the execution will revert.", - "cve": "CVE-2024-32481", - "id": "pyup.io-71703", - "more_info_path": "/vulnerabilities/CVE-2024-32481/71703", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, incorrect values can be logged when `raw_log` builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in production. The `build_IR` function of the `RawLog` class fails to properly unwrap the variables provided as topics. Consequently, incorrect values are logged as topics.", - "cve": "CVE-2024-32645", - "id": "pyup.io-71704", - "more_info_path": "/vulnerabilities/CVE-2024-32645/71704", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, using the `slice` builtin can result in a double eval vulnerability when the buffer argument is either `msg.data`, `self.code` or `
.code` and either the `start` or `length` arguments have side-effects. It can be easily triggered only with the versions `<0.3.4` as `0.3.4` introduced the unique symbol fence. No vulnerable production contracts were found. Additionally, double evaluation of side effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions are available.", - "cve": "CVE-2024-32646", - "id": "pyup.io-71705", - "more_info_path": "/vulnerabilities/CVE-2024-32646/71705", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, using the `sqrt` builtin can result in double eval vulnerability when the argument has side-effects. It can be seen that the `build_IR` function of the `sqrt` builtin doesn't cache the argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions are available.", - "cve": "CVE-2024-32649", - "id": "pyup.io-71706", - "more_info_path": "/vulnerabilities/CVE-2024-32649/71706", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, when using the built-in `extract32(b, start)`, if the `start` index provided has for side effect to update `b`, the byte array to extract `32` bytes from, it could be that some dirty memory is read and returned by `extract32`.", + "advisory": "In affected versions of Vyper, when using the built-in `extract32(b, start)`, if the `start` index provided has for side effect to update `b`, the byte array to extract `32` bytes from, it could be that some dirty memory is read and returned by `extract32`.", "cve": "CVE-2024-24564", "id": "pyup.io-71710", "more_info_path": "/vulnerabilities/CVE-2024-24564/71710", @@ -194835,60 +195309,10 @@ "v": "<0.4.0" }, { - "advisory": "In vyper affected versions, when calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 (overlapping with the input buffer). When checking RETURNDATASIZE for dynamic types, the size is compared only to the minimum allowed size for that type, and not to the returned value's length. As a result, malformed return data can cause the contract to mistake data from the input buffer for returndata. When the called contract returns invalid ABIv2 encoded data, the calling contract can read different invalid data (from the dirty buffer) than the called contract returned.", - "cve": "CVE-2024-24560", - "id": "pyup.io-71712", - "more_info_path": "/vulnerabilities/CVE-2024-24560/71712", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In affected versions, Vyper compiler allows passing a value in builtin raw_call even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics of the respective opcodes, and vyper will silently ignore the value= argument. If the semantics of the EVM are unknown to the developer, he could suspect that by specifying the `value` kwarg, exactly the given amount will be sent along to the target.", - "cve": "CVE-2024-24567", - "id": "pyup.io-71701", - "more_info_path": "/vulnerabilities/CVE-2024-24567/71701", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In affected versions of Vyper, arrays can be indexed by signed integers even though they are defined for unsigned integers only, without the typechecker throwing an error. This allows signed integers to be used as array indexes, leading to potential vulnerabilities, including unpredictable behavior, accessing inaccessible elements, and denial of service (DoS). The issue arises because the 2's complement representation allows negative values to pass bounds checking as very large numbers. If a contract uses assertions like `assert index < x`, negative indexes can bypass this invariant, accessing elements that should be inaccessible. Additionally, if the index is state-dependent, manipulating the state to force a negative index could cause the array access to revert, potentially leading to a DoS attack. Although these scenarios are highly unlikely, the most common outcome is a revert during bounds check.", - "cve": "CVE-2024-24563", - "id": "pyup.io-71702", - "more_info_path": "/vulnerabilities/CVE-2024-24563/71702", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, using the `create_from_blueprint` builtin can result in a double eval vulnerability when `raw_args=True` and the `args` argument has side-effects. It can be seen that the `_build_create_IR` function of the `create_from_blueprint` builtin doesn't cache the mentioned `args` argument to the stack. As such, it can be evaluated multiple times (instead of retrieving the value from the stack). No vulnerable production contracts were found. Additionally, double evaluation of side-effects should be easily discoverable in client tests. As such, the impact is low. As of time of publication, no fixed versions exist.", - "cve": "CVE-2024-32647", - "id": "pyup.io-71708", - "more_info_path": "/vulnerabilities/CVE-2024-32647/71708", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, there is an error in the stack management when compiling the `IR` for `sha3_64`. Concretely, the `height` variable is miscalculated. The vulnerability can't be triggered without writing the `IR` by hand (that is, it cannot be triggered from regular vyper code). `sha3_64` is used for retrieval in mappings. No flow that would cache the `key` was found so the issue shouldn't be possible to trigger when compiling the compiler-generated `IR`. This issue isn't triggered during normal compilation of vyper code so the impact is low. At the time of publication there is no patch available.", - "cve": "CVE-2024-24559", - "id": "pyup.io-71709", - "more_info_path": "/vulnerabilities/CVE-2024-24559/71709", - "specs": [ - "<0.4.0" - ], - "v": "<0.4.0" - }, - { - "advisory": "In vyper affected versions, if an excessively large value is specified as the starting index for an array in `_abi_decode`, it can cause the read position to overflow. This results in the decoding of values outside the intended array bounds, potentially leading to exploitations in contracts that use arrays within `_abi_decode`.", - "cve": "CVE-2024-26149", - "id": "pyup.io-71711", - "more_info_path": "/vulnerabilities/CVE-2024-26149/71711", + "advisory": "In affected versions of Vyper, the `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. The buffer overflow can result in the change of semantics of the contract. The overflow is length-dependent and thus it might go unnoticed during contract testing. However, certainly not all usages of concat will result in overwritten valid data as we require it to be in an internal function and close to the return statement where other memory allocations don't occur.", + "cve": "CVE-2024-22419", + "id": "pyup.io-71700", + "more_info_path": "/vulnerabilities/CVE-2024-22419/71700", "specs": [ "<0.4.0" ], @@ -194914,16 +195338,6 @@ ], "v": "<=0.1.0b16" }, - { - "advisory": "Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an `int` as an index for an array. The typechecker allows the usage of signed integers to be used as indexes to arrays. The vulnerability is present in different forms in all versions, including `0.3.10`. For ints, the 2's complement representation is used. Because the array was declared very large, the bounds checking will pass Negative values will simply be represented as very large numbers. As of time of publication, a fixed version does not exist.\r\nThere are three potential vulnerability classes: unpredictable behavior, accessing inaccessible elements and denial of service. Class 1: If it is possible to index an array with a negative integer without reverting, this is most likely not anticipated by the developer and such accesses can cause unpredictable behavior for the contract. Class 2: If a contract has an invariant in the form `assert index < x`, the developer will suppose that no elements on indexes `y | y >= x` are accessible. However, by using negative indexes, this can be bypassed. Class 3: If the index is dependent on the state of the contract, this poses a risk of denial of service. If the state of the contract can be manipulated in such way that the index will be forced to be negative, the array access can always revert (because most likely the array won't be declared extremely large). However, all these the scenarios are highly unlikely. Most likely behavior is a revert on the bounds check.", - "cve": "CVE-2024-24563", - "id": "pyup.io-66722", - "more_info_path": "/vulnerabilities/CVE-2024-24563/66722", - "specs": [ - "<=0.3.10" - ], - "v": "<=0.3.10" - }, { "advisory": "Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. When calls to external contracts are made, we write the input buffer starting at byte 28, and allocate the return buffer to start at byte 0 (overlapping with the input buffer). When checking RETURNDATASIZE for dynamic types, the size is compared only to the minimum allowed size for that type, and not to the returned value's length. As a result, malformed return data can cause the contract to mistake data from the input buffer for returndata. When the called contract returns invalid ABIv2 encoded data, the calling contract can read different invalid data (from the dirty buffer) than the called contract returned. See CVE-2024-24560.", "cve": "CVE-2024-24560", @@ -194934,16 +195348,6 @@ ], "v": "<=0.3.10" }, - { - "advisory": "Vyper, in versions <=0.3.10, has a memory buffer overflow issue. The concat function could overwrite valid data due to incorrect adherence to the copy_bytes function's API in builds >=0.3.2. This overflow, dependent on the length, could alter contract semantics, potentially unnoticed during testing. Not all concat uses were affected, as it required specific conditions like being in an internal function near a return statement without other memory allocations. Though no vulnerable contracts in production were found, the issue is fixed in commit 55e18f6d1.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-2q8v-3gqq-4f8p", - "cve": "CVE-2024-22419", - "id": "pyup.io-64458", - "more_info_path": "/vulnerabilities/CVE-2024-22419/64458", - "specs": [ - "<=0.3.10" - ], - "v": "<=0.3.10" - }, { "advisory": "Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. In versions 0.3.10 and earlier, the bounds check for slices does not account for the ability for start + length to overflow when the values aren't literals. If a slice() function uses a non-literal argument for the start or length variable, this creates the ability for an attacker to overflow the bounds check. This issue can be used to do OOB access to storage, memory or calldata addresses. It can also be used to corrupt the length slot of the respective array. See CVE-2024-24561.", "cve": "CVE-2024-24561", @@ -194955,10 +195359,10 @@ "v": "<=0.3.10" }, { - "advisory": "Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. When using the built-in `extract32(b, start)`, if the `start` index provided has for side effect to update `b`, the byte array to extract `32` bytes from, it could be that some dirty memory is read and returned by `extract32`. This vulnerability affects 0.3.10 and earlier versions. See CVE-2024-24564.", - "cve": "CVE-2024-24564", - "id": "pyup.io-65695", - "more_info_path": "/vulnerabilities/CVE-2024-24564/65695", + "advisory": "Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. Arrays can be keyed by a signed integer, while they are defined for unsigned integers only. The typechecker doesn't throw when spotting the usage of an `int` as an index for an array. The typechecker allows the usage of signed integers to be used as indexes to arrays. The vulnerability is present in different forms in all versions, including `0.3.10`. For ints, the 2's complement representation is used. Because the array was declared very large, the bounds checking will pass Negative values will simply be represented as very large numbers. As of time of publication, a fixed version does not exist.\r\nThere are three potential vulnerability classes: unpredictable behavior, accessing inaccessible elements and denial of service. Class 1: If it is possible to index an array with a negative integer without reverting, this is most likely not anticipated by the developer and such accesses can cause unpredictable behavior for the contract. Class 2: If a contract has an invariant in the form `assert index < x`, the developer will suppose that no elements on indexes `y | y >= x` are accessible. However, by using negative indexes, this can be bypassed. Class 3: If the index is dependent on the state of the contract, this poses a risk of denial of service. If the state of the contract can be manipulated in such way that the index will be forced to be negative, the array access can always revert (because most likely the array won't be declared extremely large). However, all these the scenarios are highly unlikely. Most likely behavior is a revert on the bounds check.", + "cve": "CVE-2024-24563", + "id": "pyup.io-66722", + "more_info_path": "/vulnerabilities/CVE-2024-24563/66722", "specs": [ "<=0.3.10" ], @@ -195025,20 +195429,20 @@ "v": "<=0.3.8" }, { - "advisory": "Vyper is affected by CVE-2023-40015: For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. 'unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or (deprecated), bitwise_and (deprecated), bitwise_xor (deprecated), raw_call, <, >, <=, >=, ==, !=, in, not in (when lhs and rhs are enums)'. This behavior becomes a problem when the evaluation of one of the arguments produces side effects that other arguments depend on. The following expressions can produce side-effect: state modifying external call , state modifying internal call, 'raw_call', 'pop()' when used on a Dynamic Array stored in the storage, 'create_minimal_proxy_to', 'create_copy_of', 'create_from_blueprint'. This issue has not yet been patched. Users are advised to make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-g2xh-c426-v8mf", - "cve": "CVE-2023-40015", - "id": "pyup.io-60965", - "more_info_path": "/vulnerabilities/CVE-2023-40015/60965", + "advisory": "Vyper 0.3.10 includes a fix for a vulnerability. Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means that if the compiler has been convinced to write to the 0 memory location with specially crafted data, just before the ecrecover, a signature check might pass on an invalid signature.\r\nhttps://github.com/vyperlang/vyper/commit/019a37ab98ff53f04fecfadf602b6cd5ac748f7f\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-f5x6-7qgp-jhf3", + "cve": "CVE-2023-37902", + "id": "pyup.io-59955", + "more_info_path": "/vulnerabilities/CVE-2023-37902/59955", "specs": [ "<=0.3.9" ], "v": "<=0.3.9" }, { - "advisory": "Vyper 0.3.10 includes a fix for a vulnerability. Prior to version 0.3.10, the ecrecover precompile does not fill the output buffer if the signature does not verify. However, the ecrecover builtin will still return whatever is at memory location 0. This means that if the compiler has been convinced to write to the 0 memory location with specially crafted data, just before the ecrecover, a signature check might pass on an invalid signature.\r\nhttps://github.com/vyperlang/vyper/commit/019a37ab98ff53f04fecfadf602b6cd5ac748f7f\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-f5x6-7qgp-jhf3", - "cve": "CVE-2023-37902", - "id": "pyup.io-59955", - "more_info_path": "/vulnerabilities/CVE-2023-37902/59955", + "advisory": "Vyper is affected by CVE-2023-40015: For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. 'unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or (deprecated), bitwise_and (deprecated), bitwise_xor (deprecated), raw_call, <, >, <=, >=, ==, !=, in, not in (when lhs and rhs are enums)'. This behavior becomes a problem when the evaluation of one of the arguments produces side effects that other arguments depend on. The following expressions can produce side-effect: state modifying external call , state modifying internal call, 'raw_call', 'pop()' when used on a Dynamic Array stored in the storage, 'create_minimal_proxy_to', 'create_copy_of', 'create_from_blueprint'. This issue has not yet been patched. Users are advised to make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.\r\nhttps://github.com/vyperlang/vyper/security/advisories/GHSA-g2xh-c426-v8mf", + "cve": "CVE-2023-40015", + "id": "pyup.io-60965", + "more_info_path": "/vulnerabilities/CVE-2023-40015/60965", "specs": [ "<=0.3.9" ], @@ -195345,16 +195749,6 @@ } ], "wagtail-autocomplete": [ - { - "advisory": "Wagtail-autocomplete 0.7 updates its NPM dependency 'elliptic' to v6.5.4 to include security fixes.", - "cve": "CVE-2020-13822", - "id": "pyup.io-53800", - "more_info_path": "/vulnerabilities/CVE-2020-13822/53800", - "specs": [ - "<0.7" - ], - "v": "<0.7" - }, { "advisory": "Wagtail-autocomplete 0.7 updates its NPM dependency 'mixin-deep' to v1.3.2 to include a security fix.", "cve": "CVE-2019-10746", @@ -195415,16 +195809,6 @@ ], "v": "<0.7" }, - { - "advisory": "Wagtail-autocomplete 0.7 updates its NPM dependency 'elliptic' to v6.5.4 to include security fixes.", - "cve": "CVE-2020-28498", - "id": "pyup.io-53799", - "more_info_path": "/vulnerabilities/CVE-2020-28498/53799", - "specs": [ - "<0.7" - ], - "v": "<0.7" - }, { "advisory": "Wagtail-autocomplete 0.7 updates its NPM dependency 'lodash.merge' to v4.6.2 to include security fixes.", "cve": "CVE-2018-3721", @@ -195525,6 +195909,16 @@ ], "v": "<0.7" }, + { + "advisory": "Wagtail-autocomplete 0.7 updates its NPM dependency 'elliptic' to v6.5.4 to include security fixes.", + "cve": "CVE-2020-28498", + "id": "pyup.io-53799", + "more_info_path": "/vulnerabilities/CVE-2020-28498/53799", + "specs": [ + "<0.7" + ], + "v": "<0.7" + }, { "advisory": "Wagtail-autocomplete 0.7 updates its NPM dependency 'path-parse' to v1.0.7 to include a security fix.", "cve": "CVE-2021-23343", @@ -195535,6 +195929,16 @@ ], "v": "<0.7" }, + { + "advisory": "Wagtail-autocomplete 0.7 updates its NPM dependency 'elliptic' to v6.5.4 to include security fixes.", + "cve": "CVE-2020-13822", + "id": "pyup.io-53800", + "more_info_path": "/vulnerabilities/CVE-2020-13822/53800", + "specs": [ + "<0.7" + ], + "v": "<0.7" + }, { "advisory": "Wagtail-autocomplete 0.8.1 updates its NPM dependency 'async' to v2.6.4 to include a security fix.", "cve": "CVE-2021-43138", @@ -195649,6 +196053,36 @@ ], "v": "<2.1.1" }, + { + "advisory": "Affected versions of Waitress are vulnerable to a Race Condition leading to Denial of Service (CWE-362). The unconditional connection closure on socket errors could lead to premature termination of valid connections during high-load scenarios. The vulnerability exists in the wasyncore.dispatcher.send() method, where any disconnection error triggers immediate connection closure. This could be exploited by attackers to force connection terminations during partial sends, potentially leading to denial of service. The attacker could time requests to coincide with partial buffer flushes. Fixed by making connection closure conditional and allowing the application layer to control closure behavior.", + "cve": "PVE-2024-73921", + "id": "pyup.io-73921", + "more_info_path": "/vulnerabilities/PVE-2024-73921/73921", + "specs": [ + "<2.1.2" + ], + "v": "<2.1.2" + }, + { + "advisory": "Affected versions of Waitress are vulnerable to a Race Condition (CWE-362). The asynchronous dispatcher implementation could lead to an exploitable race condition during socket connection state management. An attacker could potentially exploit the time window between connection checks and actual operations to cause denial of service or potentially execute unauthorized operations. The vulnerability exists in the dispatcher.connect() and connection state verification methods. The race condition is exploitable when multiple threads interact with the same socket connection. The issue is fixed by simplifying the connection state management and moving the connection handling directly into HTTPChannel class, removing the race condition window.", + "cve": "CVE-2024-49769", + "id": "pyup.io-73920", + "more_info_path": "/vulnerabilities/CVE-2024-49769/73920", + "specs": [ + "<3.0.1" + ], + "v": "<3.0.1" + }, + { + "advisory": "Affected versions of Waitress are vulnerable to a Race Condition (CWE-362). A race condition between thread handlers could allow processing of data on connections that are marked for closure, potentially leading to denial of service or memory exhaustion. The vulnerability exists in the HTTPChannel.received() method, where data processing could continue even after the connection was marked for closure. The race condition occurs between the main thread's readable() check and the service thread's connection closure handling. This is fixed by adding proper synchronization checks within the requests_lock context. The fix ensures connection state is verified while holding the lock, preventing the race condition.", + "cve": "CVE-2024-49768", + "id": "pyup.io-73954", + "more_info_path": "/vulnerabilities/CVE-2024-49768/73954", + "specs": [ + "<3.0.1" + ], + "v": "<3.0.1" + }, { "advisory": "Waitress through version 1.3.1 allows request smuggling by sending the Content-Length header twice. Waitress would fold a double Content-Length header and due to being unable to cast the now comma separated value to an integer would set the Content-Length to 0 internally. If two Content-Length headers are sent in a single request, Waitress would treat the request as having no body, thereby treating the body of the request as a new request in HTTP pipelining. This issue is fixed in Waitress 1.4.0.", "cve": "CVE-2019-16792", @@ -195724,10 +196158,10 @@ "v": "<0.12.18" }, { - "advisory": "Wandb 0.12.18 updates its dependency 'urllib3' to v1.26.5 to include security fixes.", - "cve": "CVE-2020-26137", - "id": "pyup.io-49368", - "more_info_path": "/vulnerabilities/CVE-2020-26137/49368", + "advisory": "Wandb 0.12.18 updates its dependency 'rsa' to v4.7 to include security fixes.", + "cve": "CVE-2020-25658", + "id": "pyup.io-49366", + "more_info_path": "/vulnerabilities/CVE-2020-25658/49366", "specs": [ "<0.12.18" ], @@ -195735,9 +196169,9 @@ }, { "advisory": "Wandb 0.12.18 updates its dependency 'httplib2' to v0.19.0 to include security fixes.", - "cve": "CVE-2020-11078", - "id": "pyup.io-49365", - "more_info_path": "/vulnerabilities/CVE-2020-11078/49365", + "cve": "CVE-2021-21240", + "id": "pyup.io-49358", + "more_info_path": "/vulnerabilities/CVE-2021-21240/49358", "specs": [ "<0.12.18" ], @@ -195745,19 +196179,19 @@ }, { "advisory": "Wandb 0.12.18 updates its dependency 'rsa' to v4.7 to include security fixes.", - "cve": "CVE-2020-25658", - "id": "pyup.io-49366", - "more_info_path": "/vulnerabilities/CVE-2020-25658/49366", + "cve": "CVE-2020-13757", + "id": "pyup.io-49367", + "more_info_path": "/vulnerabilities/CVE-2020-13757/49367", "specs": [ "<0.12.18" ], "v": "<0.12.18" }, { - "advisory": "Wandb 0.12.18 updates its dependency 'rsa' to v4.7 to include security fixes.", - "cve": "CVE-2020-13757", - "id": "pyup.io-49367", - "more_info_path": "/vulnerabilities/CVE-2020-13757/49367", + "advisory": "Wandb 0.12.18 updates its dependency 'urllib3' to v1.26.5 to include security fixes.", + "cve": "CVE-2020-26137", + "id": "pyup.io-49368", + "more_info_path": "/vulnerabilities/CVE-2020-26137/49368", "specs": [ "<0.12.18" ], @@ -195765,9 +196199,9 @@ }, { "advisory": "Wandb 0.12.18 updates its dependency 'httplib2' to v0.19.0 to include security fixes.", - "cve": "CVE-2021-21240", - "id": "pyup.io-49358", - "more_info_path": "/vulnerabilities/CVE-2021-21240/49358", + "cve": "CVE-2020-11078", + "id": "pyup.io-49365", + "more_info_path": "/vulnerabilities/CVE-2020-11078/49365", "specs": [ "<0.12.18" ], @@ -196046,9 +196480,9 @@ }, { "advisory": "Watchui 2.0.1 updates its dependency 'pillow' to v9.0.0 to include security fixes.", - "cve": "CVE-2022-22817", - "id": "pyup.io-46491", - "more_info_path": "/vulnerabilities/CVE-2022-22817/46491", + "cve": "PVE-2021-44525", + "id": "pyup.io-46493", + "more_info_path": "/vulnerabilities/PVE-2021-44525/46493", "specs": [ "<2.0.1" ], @@ -196056,9 +196490,9 @@ }, { "advisory": "Watchui 2.0.1 updates its dependency 'pillow' to v9.0.0 to include security fixes.", - "cve": "PVE-2021-44525", - "id": "pyup.io-46493", - "more_info_path": "/vulnerabilities/PVE-2021-44525/46493", + "cve": "CVE-2022-22816", + "id": "pyup.io-46432", + "more_info_path": "/vulnerabilities/CVE-2022-22816/46432", "specs": [ "<2.0.1" ], @@ -196066,9 +196500,9 @@ }, { "advisory": "Watchui 2.0.1 updates its dependency 'pillow' to v9.0.0 to include security fixes.", - "cve": "CVE-2022-22816", - "id": "pyup.io-46432", - "more_info_path": "/vulnerabilities/CVE-2022-22816/46432", + "cve": "CVE-2022-22817", + "id": "pyup.io-46491", + "more_info_path": "/vulnerabilities/CVE-2022-22817/46491", "specs": [ "<2.0.1" ], @@ -196865,20 +197299,20 @@ "v": "<0.8.3" }, { - "advisory": "Werkzeug 2.2.3 includes a fix for CVE-2023-25577: Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses 'request.data', 'request.form', 'request.files', or 'request.get_data(parse_form_data=False)', it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers.\r\nhttps://github.com/pallets/werkzeug/security/advisories/GHSA-xg9f-g7g7-2323", - "cve": "CVE-2023-25577", - "id": "pyup.io-53325", - "more_info_path": "/vulnerabilities/CVE-2023-25577/53325", + "advisory": "Werkzeug 2.2.3 includes a fix for CVE-2023-23934: Browsers may allow \"nameless\" cookies that look like '=value' instead of 'key=value'. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like '=__Host-test=bad' for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie '=__Host-test=bad' as __Host-test=bad'. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key.\r\nhttps://github.com/pallets/werkzeug/security/advisories/GHSA-px8h-6qxv-m22q", + "cve": "CVE-2023-23934", + "id": "pyup.io-53326", + "more_info_path": "/vulnerabilities/CVE-2023-23934/53326", "specs": [ "<2.2.3" ], "v": "<2.2.3" }, { - "advisory": "Werkzeug 2.2.3 includes a fix for CVE-2023-23934: Browsers may allow \"nameless\" cookies that look like '=value' instead of 'key=value'. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like '=__Host-test=bad' for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie '=__Host-test=bad' as __Host-test=bad'. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key.\r\nhttps://github.com/pallets/werkzeug/security/advisories/GHSA-px8h-6qxv-m22q", - "cve": "CVE-2023-23934", - "id": "pyup.io-53326", - "more_info_path": "/vulnerabilities/CVE-2023-23934/53326", + "advisory": "Werkzeug 2.2.3 includes a fix for CVE-2023-25577: Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If a request can be made to an endpoint that accesses 'request.data', 'request.form', 'request.files', or 'request.get_data(parse_form_data=False)', it can cause unexpectedly high resource usage. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. The amount of RAM required can trigger an out of memory kill of the process. Unlimited file parts can use up memory and file handles. If many concurrent requests are sent continuously, this can exhaust or kill all available workers.\r\nhttps://github.com/pallets/werkzeug/security/advisories/GHSA-xg9f-g7g7-2323", + "cve": "CVE-2023-25577", + "id": "pyup.io-53325", + "more_info_path": "/vulnerabilities/CVE-2023-25577/53325", "specs": [ "<2.2.3" ], @@ -196894,6 +197328,26 @@ ], "v": "<3.0.3" }, + { + "advisory": "Affected versions of Werkzeug are vulnerable to Path Traversal (CWE-22) on Windows systems running Python versions below 3.11. The safe_join() function failed to properly detect certain absolute paths on Windows, allowing attackers to potentially access files outside the intended directory. An attacker could craft special paths starting with \"/\" that bypass the directory restrictions on Windows systems. The vulnerability exists in the safe_join() function which relied solely on os.path.isabs() for path validation. This is exploitable on Windows systems by passing paths starting with \"/\" to safe_join(). To remediate, upgrade to the latest version which includes additional path validation checks. \r\nNOTE: This vulnerability specifically affects Windows systems running Python versions below 3.11 where ntpath.isabs() behavior differs.", + "cve": "CVE-2024-49766", + "id": "pyup.io-73969", + "more_info_path": "/vulnerabilities/CVE-2024-49766/73969", + "specs": [ + "<3.0.6" + ], + "v": "<3.0.6" + }, + { + "advisory": "Affected versions of Werkzeug are vulnerable to possible resource exhaustion when parsing file data in forms.", + "cve": "CVE-2024-49767", + "id": "pyup.io-73889", + "more_info_path": "/vulnerabilities/CVE-2024-49767/73889", + "specs": [ + "<3.0.6" + ], + "v": "<3.0.6" + }, { "advisory": "Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests.", "cve": "CVE-2023-46136", @@ -197123,20 +197577,20 @@ "v": "<0.7.2" }, { - "advisory": "Whoogle-search 0.7.2 includes a fix for CVE-2022-25303: Cross-site Scripting (XSS) via the query string parameter q. error_message() is rendered using the | safe filter, meaning the user input is not escaped.", - "cve": "CVE-2022-25303", - "id": "pyup.io-50116", - "more_info_path": "/vulnerabilities/CVE-2022-25303/50116", + "advisory": "Whoogle-search 0.7.2 updates its Python image to python:3.11.0a5-alpine to include a security fix.", + "cve": "CVE-2022-23990", + "id": "pyup.io-48299", + "more_info_path": "/vulnerabilities/CVE-2022-23990/48299", "specs": [ "<0.7.2" ], "v": "<0.7.2" }, { - "advisory": "Whoogle-search 0.7.2 updates its Python image to python:3.11.0a5-alpine to include a security fix.", - "cve": "CVE-2022-23990", - "id": "pyup.io-48299", - "more_info_path": "/vulnerabilities/CVE-2022-23990/48299", + "advisory": "Whoogle-search 0.7.2 includes a fix for CVE-2022-25303: Cross-site Scripting (XSS) via the query string parameter q. error_message() is rendered using the | safe filter, meaning the user input is not escaped.", + "cve": "CVE-2022-25303", + "id": "pyup.io-50116", + "more_info_path": "/vulnerabilities/CVE-2022-25303/50116", "specs": [ "<0.7.2" ], @@ -197153,10 +197607,10 @@ "v": "<0.8.4" }, { - "advisory": "Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the configuration options in Whoogle are enabled. The `config` function in `app/routes.py` does not validate the user-controlled `name` variable on line 447 and `config_data` variable on line 437. The `name` variable is insecurely concatenated in `os.path.join`, leading to path manipulation. The POST data from the `config_data` variable is saved with `pickle.dump` which leads to a limited file write. However, the data that is saved is earlier transformed into a dictionary and the `url` key value pair is added before the file is saved on the system. All in all, the issue allows us to save and overwrite files on the system that the application has permissions to, with a dictionary containing arbitrary data and the `url` key value, which is a limited file write. Version 0.8.4 contains a patch for this issue.", - "cve": "CVE-2024-22204", - "id": "pyup.io-66721", - "more_info_path": "/vulnerabilities/CVE-2024-22204/66721", + "advisory": "Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `element` method in `app/routes.py` does not validate the user-controlled `src_type` and `element_url` variables and passes them to the `send` method which sends a `GET` request on lines 339-343 in `requests.py`. The returned contents of the URL are then passed to and reflected back to the user in the `send_file` function on line 484, together with the user-controlled `src_type`, which allows the attacker to control the HTTP response content type leading to a cross-site scripting vulnerability. An attacker could craft a special URL to point to a malicious website and send the link to a victim. The fact that the link would contain a trusted domain (e.g. from one of public Whoogle instances) could be used to trick the user into clicking the link. The malicious website could, for example, be a copy of a real website, meant to steal a person\u2019s credentials to the website, or trick that person in another way. Version 0.8.4 contains a patch for this issue.", + "cve": "CVE-2024-22417", + "id": "pyup.io-66719", + "more_info_path": "/vulnerabilities/CVE-2024-22417/66719", "specs": [ "<0.8.4" ], @@ -197183,10 +197637,10 @@ "v": "<0.8.4" }, { - "advisory": "Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `element` method in `app/routes.py` does not validate the user-controlled `src_type` and `element_url` variables and passes them to the `send` method which sends a `GET` request on lines 339-343 in `requests.py`. The returned contents of the URL are then passed to and reflected back to the user in the `send_file` function on line 484, together with the user-controlled `src_type`, which allows the attacker to control the HTTP response content type leading to a cross-site scripting vulnerability. An attacker could craft a special URL to point to a malicious website and send the link to a victim. The fact that the link would contain a trusted domain (e.g. from one of public Whoogle instances) could be used to trick the user into clicking the link. The malicious website could, for example, be a copy of a real website, meant to steal a person\u2019s credentials to the website, or trick that person in another way. Version 0.8.4 contains a patch for this issue.", - "cve": "CVE-2024-22417", - "id": "pyup.io-66719", - "more_info_path": "/vulnerabilities/CVE-2024-22417/66719", + "advisory": "Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the configuration options in Whoogle are enabled. The `config` function in `app/routes.py` does not validate the user-controlled `name` variable on line 447 and `config_data` variable on line 437. The `name` variable is insecurely concatenated in `os.path.join`, leading to path manipulation. The POST data from the `config_data` variable is saved with `pickle.dump` which leads to a limited file write. However, the data that is saved is earlier transformed into a dictionary and the `url` key value pair is added before the file is saved on the system. All in all, the issue allows us to save and overwrite files on the system that the application has permissions to, with a dictionary containing arbitrary data and the `url` key value, which is a limited file write. Version 0.8.4 contains a patch for this issue.", + "cve": "CVE-2024-22204", + "id": "pyup.io-66721", + "more_info_path": "/vulnerabilities/CVE-2024-22204/66721", "specs": [ "<0.8.4" ], @@ -198058,19 +198512,19 @@ "xtgeo": [ { "advisory": "Xtgeo 2.17.1 drops dependency on 'pillow' to avoid security issues with versions <=8.4.\r\nhttps://github.com/equinor/xtgeo/pull/748", - "cve": "CVE-2022-22817", - "id": "pyup.io-48284", - "more_info_path": "/vulnerabilities/CVE-2022-22817/48284", + "cve": "PVE-2021-44525", + "id": "pyup.io-48285", + "more_info_path": "/vulnerabilities/PVE-2021-44525/48285", "specs": [ "<2.17.1" ], "v": "<2.17.1" }, { - "advisory": "Xtgeo 2.17.1 drops dependency on 'pillow' to avoid security issues with versions <=8.4.\r\nhttps://github.com/equinor/xtgeo/pull/748", - "cve": "PVE-2022-44524", - "id": "pyup.io-48286", - "more_info_path": "/vulnerabilities/PVE-2022-44524/48286", + "advisory": "Xtgeo 2.17.1 drops dependency on 'pillow' to avoid security issues affecting versions <=8.4.\r\nhttps://github.com/equinor/xtgeo/pull/748", + "cve": "CVE-2022-24303", + "id": "pyup.io-48264", + "more_info_path": "/vulnerabilities/CVE-2022-24303/48264", "specs": [ "<2.17.1" ], @@ -198078,19 +198532,19 @@ }, { "advisory": "Xtgeo 2.17.1 drops dependency on 'pillow' to avoid security issues with versions <=8.4.\r\nhttps://github.com/equinor/xtgeo/pull/748", - "cve": "CVE-2022-22816", - "id": "pyup.io-48287", - "more_info_path": "/vulnerabilities/CVE-2022-22816/48287", + "cve": "CVE-2022-22817", + "id": "pyup.io-48284", + "more_info_path": "/vulnerabilities/CVE-2022-22817/48284", "specs": [ "<2.17.1" ], "v": "<2.17.1" }, { - "advisory": "Xtgeo 2.17.1 drops dependency on 'pillow' to avoid security issues affecting versions <=8.4.\r\nhttps://github.com/equinor/xtgeo/pull/748", - "cve": "CVE-2022-24303", - "id": "pyup.io-48264", - "more_info_path": "/vulnerabilities/CVE-2022-24303/48264", + "advisory": "Xtgeo 2.17.1 drops dependency on 'pillow' to avoid security issues with versions <=8.4.\r\nhttps://github.com/equinor/xtgeo/pull/748", + "cve": "PVE-2022-44524", + "id": "pyup.io-48286", + "more_info_path": "/vulnerabilities/PVE-2022-44524/48286", "specs": [ "<2.17.1" ], @@ -198098,9 +198552,9 @@ }, { "advisory": "Xtgeo 2.17.1 drops dependency on 'pillow' to avoid security issues with versions <=8.4.\r\nhttps://github.com/equinor/xtgeo/pull/748", - "cve": "CVE-2022-22815", - "id": "pyup.io-48288", - "more_info_path": "/vulnerabilities/CVE-2022-22815/48288", + "cve": "CVE-2022-22816", + "id": "pyup.io-48287", + "more_info_path": "/vulnerabilities/CVE-2022-22816/48287", "specs": [ "<2.17.1" ], @@ -198108,9 +198562,9 @@ }, { "advisory": "Xtgeo 2.17.1 drops dependency on 'pillow' to avoid security issues with versions <=8.4.\r\nhttps://github.com/equinor/xtgeo/pull/748", - "cve": "PVE-2021-44525", - "id": "pyup.io-48285", - "more_info_path": "/vulnerabilities/PVE-2021-44525/48285", + "cve": "CVE-2022-22815", + "id": "pyup.io-48288", + "more_info_path": "/vulnerabilities/CVE-2022-22815/48288", "specs": [ "<2.17.1" ], @@ -198346,20 +198800,20 @@ "v": "<=4.9.0" }, { - "advisory": "Untrusted data can be deserialized in affected versions of Ydata's ydata-profiling open-source library, enabling a maliciously crafted report to run arbitrary code on an end user's system when loaded.", - "cve": "CVE-2024-37062", - "id": "pyup.io-71841", - "more_info_path": "/vulnerabilities/CVE-2024-37062/71841", + "advisory": "A cross-site scripting (XSS) vulnerability in affected versions of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliciously crafted report is viewed in the browser.", + "cve": "CVE-2024-37063", + "id": "pyup.io-71842", + "more_info_path": "/vulnerabilities/CVE-2024-37063/71842", "specs": [ ">=3.7.0" ], "v": ">=3.7.0" }, { - "advisory": "A cross-site scripting (XSS) vulnerability in affected versions of Ydata's ydata-profiling open-source library allows for payloads to be run when a maliciously crafted report is viewed in the browser.", - "cve": "CVE-2024-37063", - "id": "pyup.io-71842", - "more_info_path": "/vulnerabilities/CVE-2024-37063/71842", + "advisory": "Untrusted data can be deserialized in affected versions of Ydata's ydata-profiling open-source library, enabling a maliciously crafted report to run arbitrary code on an end user's system when loaded.", + "cve": "CVE-2024-37062", + "id": "pyup.io-71841", + "more_info_path": "/vulnerabilities/CVE-2024-37062/71841", "specs": [ ">=3.7.0" ], @@ -198513,6 +198967,19 @@ "v": "<1.6.1" } ], + "youreallydontwantthispackage2131": [ + { + "advisory": "The OpenSSF Package Analysis project identified 'youreallydontwantthispackage2131' @ 1.0.1 (pypi) as malicious.", + "cve": "PVE-2024-73965", + "id": "pyup.io-73965", + "more_info_path": "/vulnerabilities/PVE-2024-73965/73965", + "specs": [ + ">=0", + "<=0" + ], + "v": ">=0,<=0" + } + ], "youtube-dl": [ { "advisory": "Youtube-dl 2021.12.17 and prior versions are vulnerable to CVE-2023-35934: It may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host.\r\nhttps://github.com/yt-dlp/yt-dlp/security/advisories/GHSA-v8mc-9377-rwjj", @@ -198854,9 +199321,9 @@ }, { "advisory": "Zenml 0.46.0 updates its dependency 'langchain' to versions \">=0.0.325\" to include security fixes.", - "cve": "CVE-2023-44467", - "id": "pyup.io-62195", - "more_info_path": "/vulnerabilities/CVE-2023-44467/62195", + "cve": "CVE-2023-36281", + "id": "pyup.io-62203", + "more_info_path": "/vulnerabilities/CVE-2023-36281/62203", "specs": [ "<0.46.0" ], @@ -198864,49 +199331,49 @@ }, { "advisory": "Zenml 0.46.0 updates its dependency 'langchain' to versions \">=0.0.325\" to include security fixes.", - "cve": "CVE-2023-36281", - "id": "pyup.io-62203", - "more_info_path": "/vulnerabilities/CVE-2023-36281/62203", + "cve": "CVE-2023-44467", + "id": "pyup.io-62195", + "more_info_path": "/vulnerabilities/CVE-2023-44467/62195", "specs": [ "<0.46.0" ], "v": "<0.46.0" }, { - "advisory": "A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory.", - "cve": "CVE-2024-2083", - "id": "pyup.io-71954", - "more_info_path": "/vulnerabilities/CVE-2024-2083/71954", + "advisory": "A race condition vulnerability exists in zenml-io/zenml affected versions, which allows for the creation of multiple users with the same username when requests are sent in parallel. The vulnerability arises due to insufficient handling of concurrent user creation requests, leading to data inconsistencies and potential authentication problems. Specifically, concurrent processes may overwrite or corrupt user data, complicating user identification and posing security risks. This issue is particularly concerning for APIs that rely on usernames as input parameters, such as PUT /api/v1/users/test_race, which could lead to further complications.", + "cve": "CVE-2024-2032", + "id": "pyup.io-71951", + "more_info_path": "/vulnerabilities/CVE-2024-2032/71951", "specs": [ "<0.55.5" ], "v": "<0.55.5" }, { - "advisory": "A race condition vulnerability exists in zenml-io/zenml affected versions, which allows for the creation of multiple users with the same username when requests are sent in parallel. The vulnerability arises due to insufficient handling of concurrent user creation requests, leading to data inconsistencies and potential authentication problems. Specifically, concurrent processes may overwrite or corrupt user data, complicating user identification and posing security risks. This issue is particularly concerning for APIs that rely on usernames as input parameters, such as PUT /api/v1/users/test_race, which could lead to further complications.", - "cve": "CVE-2024-2032", - "id": "pyup.io-71951", - "more_info_path": "/vulnerabilities/CVE-2024-2032/71951", + "advisory": "A directory traversal vulnerability exists in the zenml-io/zenml repository, specifically within the /api/v1/steps endpoint. Attackers can exploit this vulnerability by manipulating the 'logs' URI path in the request to fetch arbitrary file content, bypassing intended access restrictions. The vulnerability arises due to the lack of validation for directory traversal patterns, allowing attackers to access files outside of the restricted directory.", + "cve": "CVE-2024-2083", + "id": "pyup.io-71954", + "more_info_path": "/vulnerabilities/CVE-2024-2083/71954", "specs": [ "<0.55.5" ], "v": "<0.55.5" }, { - "advisory": "An improper authorization vulnerability exists in the zenml-io/zenml repository, specifically within the API PUT /api/v1/users/id endpoint. This vulnerability allows any authenticated user to modify the information of other users, including changing the active status of user accounts to false, effectively deactivating them. The impact of this vulnerability is significant as it allows for the deactivation of admin accounts, potentially disrupting the functionality and security of the application.", - "cve": "CVE-2024-2035", - "id": "pyup.io-71950", - "more_info_path": "/vulnerabilities/CVE-2024-2035/71950", + "advisory": "A stored Cross-Site Scripting (XSS) vulnerability was identified in the zenml-io/zenml repository, specifically within the 'logo_url' field. By injecting malicious payloads into this field, an attacker could send harmful messages to other users, potentially compromising their accounts.", + "cve": "CVE-2024-2171", + "id": "pyup.io-71953", + "more_info_path": "/vulnerabilities/CVE-2024-2171/71953", "specs": [ "<0.56.2" ], "v": "<0.56.2" }, { - "advisory": "A stored Cross-Site Scripting (XSS) vulnerability was identified in the zenml-io/zenml repository, specifically within the 'logo_url' field. By injecting malicious payloads into this field, an attacker could send harmful messages to other users, potentially compromising their accounts. The impact of exploiting this vulnerability could lead to user account compromise.", - "cve": "CVE-2024-2171", - "id": "pyup.io-71953", - "more_info_path": "/vulnerabilities/CVE-2024-2171/71953", + "advisory": "An improper authorization vulnerability exists in the zenml-io/zenml repository, specifically within the API PUT /api/v1/users/id endpoint. This vulnerability allows any authenticated user to modify the information of other users, including changing the active status of user accounts to false, effectively deactivating them. The impact of this vulnerability is significant as it allows for the deactivation of admin accounts, potentially disrupting the functionality and security of the application.", + "cve": "CVE-2024-2035", + "id": "pyup.io-71950", + "more_info_path": "/vulnerabilities/CVE-2024-2035/71950", "specs": [ "<0.56.2" ], @@ -198923,7 +199390,7 @@ "v": "<0.56.2" }, { - "advisory": "An issue was discovered in zenml-io/zenml affected versions. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized account takeover by bypassing the standard password change verification process.", + "advisory": "Affected versions of zenml-io/zenml are vulnerable to Broken Authentication. Due to improper authentication mechanisms, an attacker with access to an active user session can change the account password without needing to know the current password. This vulnerability allows for unauthorized account takeover by bypassing the standard password change verification process.", "cve": "CVE-2024-2213", "id": "pyup.io-71952", "more_info_path": "/vulnerabilities/CVE-2024-2213/71952", @@ -198933,7 +199400,7 @@ "v": "<0.56.3" }, { - "advisory": "A clickjacking vulnerability exists in zenml-io/zenml affected versions due to the application's failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. This vulnerability allows an attacker to embed the application UI within an iframe on a malicious page, potentially leading to unauthorized actions by tricking users into interacting with the interface under the attacker's control.", + "advisory": "A clickjacking vulnerability exists in zenml-io/zenml due to the application's failure to set appropriate X-Frame-Options or Content-Security-Policy HTTP headers. This vulnerability allows an attacker to embed the application UI within an iframe on a malicious page, potentially leading to unauthorized actions by tricking users into interacting with the interface under the attacker's control.", "cve": "CVE-2024-2383", "id": "pyup.io-71949", "more_info_path": "/vulnerabilities/CVE-2024-2383/71949", @@ -198942,6 +199409,16 @@ ], "v": "<0.56.3" }, + { + "advisory": "Zenml version 0.56.3 has upgraded its orjson dependency to \"~3.10.0\" from \"~3.8.3\" to mitigate the security issue identified in CVE-2024-27454.", + "cve": "CVE-2024-27454", + "id": "pyup.io-67583", + "more_info_path": "/vulnerabilities/CVE-2024-27454/67583", + "specs": [ + "<0.56.3" + ], + "v": "<0.56.3" + }, { "advisory": "Zenml version 0.56.3 updates its python-multipart dependency from \"~0.0.5\" to \"~0.0.9\" in response to GHSA-qf9m-vfgh-m389. This change addresses a vulnerability in python-multipart that impacts its use with FastAPI.", "cve": "PVE-2024-67582", @@ -198962,16 +199439,6 @@ ], "v": "<0.56.3" }, - { - "advisory": "Zenml version 0.56.3 has upgraded its orjson dependency to \"~3.10.0\" from \"~3.8.3\" to mitigate the security issue identified in CVE-2024-27454.", - "cve": "CVE-2024-27454", - "id": "pyup.io-67583", - "more_info_path": "/vulnerabilities/CVE-2024-27454/67583", - "specs": [ - "<0.56.3" - ], - "v": "<0.56.3" - }, { "advisory": "A denial of service (DoS) vulnerability exists in affected versions of zenml-io/zenml due to improper handling of line feed (`\\n`) characters in component names. When a low-privileged user adds a component through the API endpoint `api/v1/workspaces/default/components` with a name containing a `\\n` character, it leads to uncontrolled resource consumption. This vulnerability results in the inability of users to add new components in certain categories (e.g., 'Image Builder') and to register new stacks through the UI, thereby degrading the user experience and potentially rendering the ZenML Dashboard unusable. The issue does not affect component addition through the Web UI, as `\\n` characters are properly escaped in that context. The vulnerability was tested on ZenML running in Docker, and it was observed in both Firefox and Chrome browsers.", "cve": "CVE-2024-4460",