AI Sec Watch

CVE-2018-10055 is a vulnerability in TensorFlow (a machine learning framework) versions before 1.7.1 where the XLA compiler (a tool that optimizes machine learning code) has a memory access bug that could crash the program or allow reading data from other parts of the computer's memory when processing a specially crafted configuration file.

Google TensorFlow version 1.7 and below contains a buffer overflow (a bug where a program writes data beyond the memory space it's supposed to use), which allows an attacker to execute arbitrary code locally on the affected system. This vulnerability is tracked as CVE-2018-8825 and was identified as a weakness in how the software restricts operations within memory boundaries.

Google TensorFlow version 1.6.x and earlier contains a null pointer dereference vulnerability (a type of bug where software tries to access memory that doesn't exist, causing it to crash or behave unexpectedly). The vulnerability's impact depends on the specific context in which TensorFlow is being used.

CVE-2019-10844 is a vulnerability in Sony Neural Network Libraries (nnabla) through version v1.0.14 where the logger component relies on the HOME environment variable (a system setting that tells programs where a user's personal files are stored), which may be untrusted and could potentially be exploited. The vulnerability affects the libnnabla.a library file used in the software.

Elasticsearch Security versions 6.5.0 and 6.5.1 have an XXE flaw (XML external entity injection, where an attacker exploits how the software processes XML data) in the Machine Learning find_file_structure API. If Elasticsearch's Java Security Manager allows external network access, an attacker could send a crafted request to leak local files from the server, potentially exposing sensitive information.

Square's Retrofit library (a tool for making web requests in Java) contained an XXE vulnerability (XML External Entity attack, where an attacker tricks the system into reading files by embedding malicious instructions in XML data) in its JAXB component. An attacker could exploit this to read files from the system or perform SSRF (server-side request forgery, where an attacker makes the server send requests to unintended targets).

CVE-2018-20301 is a mass assignment vulnerability (a flaw where an attacker can modify data fields they shouldn't be able to change) in Steve Pallen Coherence before version 0.5.2. The vulnerability allows users registering for accounts to update any field in the system, including automatically confirming their own accounts by adding a confirmed_at parameter to their registration request.

X-Pack Machine Learning (a tool for automated data analysis in Elasticsearch) versions before 6.2.4 and 5.6.9 contained a cross-site scripting vulnerability (XSS, a flaw where attackers inject malicious code into web pages). An attacker could inject harmful data into a database index being analyzed by the machine learning tool, and when another user views the results, the attacker could steal sensitive information or perform actions as that user.

X-Pack Machine Learning (a tool for building predictive models in Elastic) versions before 6.2.4 and 5.6.9 contained a cross-site scripting vulnerability (XSS, where attackers inject malicious code that runs in users' browsers). Users with manage_ml permissions could hide malicious data in job configurations that would execute when other users viewed the results, allowing attackers to steal sensitive information or perform harmful actions on behalf of those users.