aisecwatch.com
DashboardVulnerabilitiesNewsResearchArchiveStatsDatasetFor devs
Subscribe
aisecwatch.com

Real-time AI security monitoring. Tracking AI-related vulnerabilities, safety and security incidents, privacy risks, research developments, and policy changes.

Navigation

VulnerabilitiesNewsResearchDigest ArchiveNewsletter ArchiveSubscribeData SourcesStatisticsDatasetAPIIntegrationsWidgetRSS Feed

Maintained by

Truong (Jack) Luu

Information Systems Researcher

AI & LLM Vulnerabilities

Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.

to
Export CSV
2175 items

CVE-2021-29518: TensorFlow is an end-to-end open source platform for machine learning. In eager mode (default in TF 2.0 and later), sess

lowvulnerability
security
May 14, 2021
CVE-2021-29518

TensorFlow has a vulnerability where eager mode (the default execution style in TensorFlow 2.0+) allows users to call raw operations that shouldn't work, causing a null pointer dereference (an error where the program tries to use an empty memory reference). The problem occurs because the code doesn't check whether the session state pointer is valid before using it, leading to undefined behavior (unpredictable outcomes).

Fix: The fix will be included in TensorFlow 2.5.0. TensorFlow 2.4.2, 2.3.3, 2.2.3, and 2.1.4 will also receive this fix through a cherrypick (backporting the security patch to older supported versions).

NVD/CVE Database

CVE-2021-29517: TensorFlow is an end-to-end open source platform for machine learning. A malicious user could trigger a division by 0 in

lowvulnerability
security
May 14, 2021
CVE-2021-29517

A vulnerability in TensorFlow (an open source platform for machine learning) allows a malicious user to crash the program by providing specially crafted input to the Conv3D function (a tool for processing 3D image data). The vulnerability occurs because the code performs a division or modulo operation (mathematical operations that can fail) based on user-provided data, and if certain values are zero, the program crashes.

CVE-2021-29516: TensorFlow is an end-to-end open source platform for machine learning. Calling `tf.raw_ops.RaggedTensorToVariant` with a

lowvulnerability
security
May 14, 2021
CVE-2021-29516

TensorFlow, a machine learning platform, has a vulnerability in the `RaggedTensorToVariant` function where passing invalid ragged tensors (data structures for irregular-shaped arrays) causes a null pointer dereference (accessing memory that hasn't been set, crashing the program). The function doesn't check whether the ragged tensor is empty before trying to use it.

CVE-2021-29515: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `MatrixDiag*` operations(ht

lowvulnerability
security
May 14, 2021
CVE-2021-29515

TensorFlow (an open-source machine learning platform) has a vulnerability in its `MatrixDiag*` operations (functions that create diagonal matrices from tensor data) because the code doesn't check whether the input tensors are empty, which could cause the program to crash or behave unexpectedly. This bug affects multiple versions of TensorFlow.

CVE-2021-29514: TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does

lowvulnerability
security
May 14, 2021
CVE-2021-29514

TensorFlow has a vulnerability in its RaggedBincount operation where invalid input arguments can cause a heap buffer overflow (a crash or memory corruption from accessing memory outside allocated bounds). An attacker can craft malicious input to make the code read or write to memory it shouldn't access, potentially compromising the system running the code.

CVE-2021-29513: TensorFlow is an end-to-end open source platform for machine learning. Calling TF operations with tensors of non-numeric

lowvulnerability
security
May 14, 2021
CVE-2021-29513

TensorFlow, a machine learning platform, has a vulnerability where operations that expect numeric tensors (data types representing numbers) crash when given non-numeric tensors instead, due to a type confusion bug (mixing up data types) in the conversion from Python code to C++ code. The developers have fixed this issue and will release it in multiple versions.

CVE-2021-29554: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a F

lowvulnerability
security
May 14, 2021
CVE-2021-29554

TensorFlow, a machine learning platform, has a vulnerability where an attacker can cause a denial of service (making a service unavailable) through a FPE (floating-point exception, a math error when dividing by zero) in a specific operation. The bug exists because the code divides by a value computed from user input without first checking if that value is zero.

CVE-2021-29512: TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does

lowvulnerability
security
May 14, 2021
CVE-2021-29512

TensorFlow, an open-source machine learning platform, has a vulnerability in its `RaggedBincount` operation where improper validation of the `splits` argument can allow an attacker to trigger a heap buffer overflow (reading memory outside the intended bounds). An attacker could craft malicious input that causes the code to read from invalid memory locations, potentially leading to crashes or information disclosure.

CVE-2021-20289: A flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final. The endpoint class and method names are retu

mediumvulnerability
security
Mar 26, 2021
CVE-2021-20289

CVE-2021-20289 is a flaw in RESTEasy (a framework for building web services) versions up to 4.6.0.Final where error messages expose sensitive information about the internal code. When RESTEasy cannot process certain parts of a request, it returns the class and method names of the endpoint in its error response, which could leak details about how the application is structured (CWE-209, generation of error messages containing sensitive information).

CVE-2021-28796: Increments Qiita::Markdown before 0.33.0 allows XSS in transformers.

mediumvulnerability
security
Mar 18, 2021
CVE-2021-28796

Increments Qiita::Markdown before version 0.33.0 contains an XSS vulnerability (cross-site scripting, where attackers can inject malicious code into web pages) in its transformers component. The vulnerability is classified as CWE-79 (improper neutralization of input during web page generation).

CVE-2020-26270: In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26270

CVE-2020-26270 is a vulnerability in TensorFlow where LSTM/GRU models (types of neural network layers used for processing sequences) crash when they receive input with zero length on NVIDIA GPU systems, causing a denial of service (making the system unavailable). This happens because the system fails input validation (checking whether data is acceptable before processing it).

CVE-2020-26269: In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing

highvulnerability
security
Dec 10, 2020
CVE-2020-26269

TensorFlow's release candidate versions 2.4.0rc* contain a vulnerability in the code that matches filesystem paths to globbing patterns (a method of searching for files using wildcards), which can cause the program to read memory outside the bounds of an array holding directory information. The vulnerability stems from missing checks on assumptions made by the parallel implementation, but this issue only affects the development version and release candidates, not the final release.

CVE-2020-26268: In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memo

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26268

A bug in TensorFlow's tf.raw_ops.ImmutableConst operation (a function that creates fixed tensors from memory-mapped files) causes the Python interpreter to crash when the tensor type is not an integer type, because the code tries to write to memory that should be read-only. This crash happens when the file is large enough to contain the tensor data, resulting in a segmentation fault (a critical memory access error).

CVE-2020-26267: In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_form

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26267

CVE-2020-26267 is a vulnerability in TensorFlow where the tf.raw_ops.DataFormatVecPermute API (a function for converting data format layout) fails to check the src_format and dst_format inputs, leading to uninitialized memory accesses (using memory that hasn't been set to a known value), out-of-bounds reads (accessing data outside intended boundaries), and potential crashes. The vulnerability was patched across multiple TensorFlow versions.

CVE-2020-26266: In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26266

CVE-2020-26266 is a vulnerability in TensorFlow where saved models can accidentally use uninitialized values (memory locations that haven't been set to a starting value) during execution because certain floating point data types weren't properly initialized in the Eigen library (a math processing component). This is a use of uninitialized resource (CWE-908) type bug that could lead to unpredictable behavior when running affected models.

CVE-2020-26271: In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memo

mediumvulnerability
security
Dec 10, 2020
CVE-2020-26271

TensorFlow has a vulnerability where loading a saved model can access uninitialized memory (data that hasn't been set to a known value) when building a computation graph. The bug occurs in the MakeEdge function, which connects parts of a neural network together, because it doesn't verify that array indices are valid before accessing them, potentially allowing attackers to leak memory addresses from the library.

CVE-2020-29374: An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (

lowvulnerability
security
Nov 28, 2020
CVE-2020-29374

A bug was found in the Linux kernel before version 5.7.3 in the get_user_pages function (a mechanism that allows programs to access memory pages), where it incorrectly grants write access when it should only allow read access for copy-on-write pages (memory regions shared between processes that are copied when modified). This happens because the function doesn't properly respect read-only restrictions, creating a security vulnerability.

CVE-2020-28975: svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cau

highvulnerability
security
Nov 21, 2020
CVE-2020-28975

A vulnerability in Libsvm v324 (a machine learning library used by scikit-learn 0.23.2) allows attackers to crash a program by sending a specially crafted machine learning model with an extremely large value in the _n_support array, causing a segmentation fault (a type of crash where the program tries to access memory it shouldn't). The scikit-learn developers noted this only happens if an application violates the library's API by modifying private attributes.

CVE-2020-15266: In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the

lowvulnerability
security
Oct 21, 2020
CVE-2020-15266

TensorFlow versions before 2.4.0 have a bug in the `tf.image.crop_and_resize` function where very large values in the `boxes` argument are converted to NaN (a special floating point value meaning "not a number"), causing undefined behavior and a segmentation fault (a crash from illegal memory access). This vulnerability affects the CPU implementation of the function.

CVE-2020-15265: In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequan

mediumvulnerability
security
Oct 21, 2020
CVE-2020-15265

In TensorFlow before version 2.4.0, an attacker can provide an invalid `axis` parameter (a setting that specifies which dimension of data to work with) to a quantization function, causing the program to access memory outside the bounds of an array, which crashes the system. The vulnerability exists because the code only uses DCHECK (a debug-only validation that is disabled in normal builds) rather than proper runtime validation.

Previous106 / 109Next

Fix: The fix will be included in TensorFlow 2.5.0. Additionally, the fix will be backported (applied to older versions still being supported) to TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3, and TensorFlow 2.1.4.

NVD/CVE Database

Fix: The fix will be included in TensorFlow 2.5.0. It will also be backported to TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3, and TensorFlow 2.1.4.

NVD/CVE Database

Fix: The fix will be included in TensorFlow 2.5.0. It will also be backported (added to earlier versions still being supported) in TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3, and TensorFlow 2.1.4.

NVD/CVE Database

Fix: The fix will be included in TensorFlow 2.5.0. The vulnerability will also be patched in TensorFlow 2.4.2 and TensorFlow 2.3.3.

NVD/CVE Database

Fix: The fix will be included in TensorFlow 2.5.0. The fix will also be backported (applied to older versions still being supported) to TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3, and TensorFlow 2.1.4.

NVD/CVE Database

Fix: The fix will be included in TensorFlow 2.5.0. A cherrypick (a targeted code fix applied to older versions) will also be included in TensorFlow 2.4.2 and TensorFlow 2.3.3.

NVD/CVE Database

Fix: The fix will be included in TensorFlow 2.5.0. The vulnerability will also be patched in TensorFlow 2.4.2 and TensorFlow 2.3.3.

NVD/CVE Database
NVD/CVE Database

Fix: Update to Qiita::Markdown version 0.33.0 or later. Details of the fix are available in the patch release notes at https://github.com/increments/qiita-markdown/compare/v0.32.0...v0.33.0.

NVD/CVE Database

Fix: This is fixed in TensorFlow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0. Users should update to one of these patched versions.

NVD/CVE Database

Fix: This is patched in version 2.4.0. The implementation was completely rewritten to fully specify and validate the preconditions.

NVD/CVE Database

Fix: This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

NVD/CVE Database

Fix: This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

NVD/CVE Database

Fix: This vulnerability is fixed in TensorFlow versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0. Users should update to one of these patched versions.

NVD/CVE Database

Fix: This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0. Users should update to one of these patched versions.

NVD/CVE Database

Fix: Update the Linux kernel to version 5.7.3 or later. A patch is available at https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=17839856fd588f4ab6b789f482ed3ffd7c403e1f. Debian users should refer to security updates referenced in the Debian mailing list announcements and DSA-5096.

NVD/CVE Database

Fix: A patch is available in scikit-learn at commit 1bf13d567d3cd74854aa8343fd25b61dd768bb85 on GitHub, as referenced in the source material.

NVD/CVE Database

Fix: Upgrade to TensorFlow version 2.4.0 or later, which contains the patch. TensorFlow nightly packages (development builds) after commit eccb7ec454e6617738554a255d77f08e60ee0808 also have the issue resolved.

NVD/CVE Database

Fix: The issue is patched in commit eccb7ec454e6617738554a255d77f08e60ee0808. Upgrade to TensorFlow 2.4.0 or later, or use TensorFlow nightly packages released after this commit.

NVD/CVE Database