Security vulnerabilities, privacy incidents, safety concerns, and policy updates affecting LLMs and AI agents.
TensorFlow (an open-source machine learning platform) has a bug in the `Conv2DBackpropInput` function where it crashes if the `input_sizes` parameter is not 4-dimensional, allowing attackers to cause a denial of service (making the system unavailable). The issue has been fixed and will be released in upcoming versions.
Fix: The fix is included in TensorFlow 2.10.0. For users on older versions, the patch will be available in TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. Update to one of these versions or later.
NVD/CVE DatabaseTensorFlow, an open source machine learning platform, has a bug in the `AvgPoolGrad` function where it doesn't properly check the input parameter `orig_input_shape`. This incomplete validation causes a CHECK failure (a crash that stops the program), which attackers can exploit to perform a denial of service attack (making the system unavailable to legitimate users).
TensorFlow, an open source machine learning platform, has a vulnerability in its `QuantizedAdd` function (a tool for adding quantized numbers, which are rounded values used to save memory). If this function receives certain tensor inputs of nonzero rank (multi-dimensional arrays), it crashes the program, which can be exploited to cause a denial of service attack (making the system unavailable to legitimate users).
A bug in TensorFlow (an open source platform for machine learning) called `QuantizedAvgPool` can crash when given certain types of inputs, allowing attackers to launch a denial of service attack (making a system unavailable). The issue has been fixed and will be released in upcoming versions of the software.
TensorFlow (an open source platform for machine learning) has a bug where the `LowerBound` or `UpperBound` functions crash if given an empty input list, causing a nullptr dereference (trying to access memory that doesn't exist). This crash can be exploited to launch a denial of service attack (making the system unavailable to legitimate users).
TensorFlow (an open source platform for machine learning) has a bug in the `BlockLSTMGradV2` function that doesn't properly check its inputs, allowing attackers to crash the system with a denial of service attack (causing the program to stop working). The vulnerability affects multiple versions of TensorFlow.
A bug in TensorFlow (an open source machine learning platform) within a function called `FractionalAvgPoolGrad` doesn't properly check its input data, causing an overflow (when a number becomes too large for the program to handle) that crashes the program and can be exploited to launch a denial of service attack (making a service unavailable to users).
TensorFlow (an open source machine learning platform) has a bug in its TensorListReserve function where it assumes `num_elements` is a tensor with only one value, but crashes if given multiple values. This causes the function to fail when users try to use `tf.raw_ops.TensorListReserve` with improperly sized input.
TensorFlow (an open source machine learning platform) has a bug in `AvgPool3DGradOp` (a function that calculates gradients for 3D average pooling operations) where it doesn't properly check the `orig_input_shape` input value. This causes an overflow (when a number gets too large for its container) that crashes the system with a CHECK failure, allowing attackers to perform a denial of service attack (making the system unavailable).
TensorFlow, a machine learning platform, has a vulnerability in the `UnbatchGradOp` function (a component that processes gradient calculations) where it doesn't properly validate its inputs. If given a non-scalar `id` (a single value instead of what's expected) or an incorrectly sized `batch_index` (a list of indices), the function crashes the program. There are no known workarounds for this issue.
TensorFlow's `AvgPoolOp` function has a bug where it doesn't check if the `ksize` argument (a parameter that controls pooling window size) is positive, allowing negative values to crash the program. The issue has been patched and will be included in upcoming TensorFlow releases.
TensorFlow's `RaggedRangOp` function has a bug where passing a very large float value to the `limits` argument causes it to overflow when converted to an `int64` (a 64-bit integer type), crashing the entire program with an abort signal. This vulnerability affects multiple versions of TensorFlow and has no known workaround.
TensorFlow's `ScatterNd` function (a tool that places values into specific positions of an output array) has a bug where invalid input indices can write data to the wrong location or crash the program. The vulnerability affects multiple versions of TensorFlow.
A bug in TensorFlow (an open source platform for machine learning) exists in the `GatherNd` function, which retrieves values from arrays using index arrays. When input sizes are greater than or equal to output sizes, the function tries to read memory outside its allowed bounds (out-of-bounds memory read), causing errors or system crashes. The vulnerability affects multiple recent versions of TensorFlow.
TensorFlow's `GatherNd` function (a tool that retrieves values from arrays based on index locations) has a vulnerability where it can read memory it shouldn't access if certain input sizes are too large. This happens because the function doesn't properly check if inputs exceed the expected output sizes, potentially exposing sensitive data or crashing the system.
TensorFlow (an open source platform for machine learning) has a bug in SobolSampleOp that crashes the program when it receives unexpected input types, because the code assumes certain inputs will be scalars (single values rather than arrays). This denial of service vulnerability has been fixed and will be released in upcoming versions.
TensorFlow's tf.reshape operation (a function that changes a tensor's shape without altering its data) has a vulnerability that allows attackers to crash the program by causing an integer overflow (when a number exceeds the maximum value a system can store), triggering a denial of service attack (making the service unavailable). The issue affects multiple versions of TensorFlow and has been patched.
Streamlit, a Python framework for building data applications, has a directory traversal vulnerability (a type of attack where an attacker uses specially crafted file paths to access files they shouldn't be able to reach) in versions before 1.11.1. An attacker could trick the Streamlit server into reading and returning sensitive files from the server's file system, such as logs or other confidential information.
CVE-2020-25459 is a vulnerability in WeBank FATE (Federated AI Technology Enabler, a system for training machine learning models across multiple parties) versions 0.1 through 1.4.2 that allows attackers to read sensitive information during the training process. The issue exists in a function called sync_tree in the hetero_decision_tree_guest.py file, which means attackers could access private data while the model is being trained.
TensorFlow's `saved_model_cli` tool (a utility for working with saved machine learning models) had a code injection vulnerability in versions before 2.9.0, 2.8.1, 2.7.2, and 2.6.4, which could allow an attacker to open a reverse shell (a backdoor connection giving remote control of a system). The vulnerability existed because the tool used `eval` (a function that executes text as code) on user input for compatibility with older test cases, but since the tool requires manual operation, the practical risk was limited.
Fix: The issue has been patched in GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f. The fix will be included in TensorFlow 2.10.0, and will be backported (added to older versions still being supported) in TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue is patched in GitHub commit 49b3824d83af706df0ad07e4e677d88659756d89. The fix will be included in TensorFlow 2.10.0 and will be backported (applied to older supported versions) as TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The fix is available in GitHub commit 7cdf9d4d2083b739ec81cfdace546b0c99f50622. The patch will be included in TensorFlow 2.10.0 and will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit bce3717eaef4f769019fd18e990464ca4a2efeea. The fix will be included in TensorFlow 2.10.0 and will also be back-ported (applied retroactively) to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 2a458fc4866505be27c62f81474ecb2b870498fa. The fix will be included in TensorFlow 2.10.0 and will be back-ported to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. There are no known workarounds.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 03a659d7be9a1154fdf5eeac221e5950fec07dad. The fix will be included in TensorFlow 2.10.0 and will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit b5f6fbfba76576202b72119897561e3bd4f179c7. The fix is included in TensorFlow 2.10.0, and will also be released in TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit 9178ac9d6389bdc54638ab913ea0e419234d14eb. The fix is included in TensorFlow 2.10.0 and will be backported (adapted for older versions) to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue was patched in GitHub commit 5f945fc6409a3c1e90d6970c9292f805f6e6ddf2. The fix will be included in TensorFlow 2.10.0 and will also be backported to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: Update to TensorFlow 2.10.0 or apply the patch from GitHub commit 3a6ac52664c6c095aa2b114e742b0aa17fdce78f. If you are using TensorFlow 2.9.1, 2.8.1, or 2.7.2, updates including the fix will be released for these versions as well.
NVD/CVE DatabaseFix: The issue has been patched in GitHub commit 37cefa91bee4eace55715eeef43720b958a01192. The fix will be included in TensorFlow 2.10.0, and will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
NVD/CVE DatabaseFix: The issue is patched in GitHub commit b4d4b4cb019bd7240a52daa4ba61e3cc814f0384. The fix will be included in TensorFlow 2.10.0 and will be backported (applied to older versions still being supported) to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. The source notes there are no known workarounds.
NVD/CVE DatabaseFix: The fix has been patched in GitHub commit 4142e47e9e31db481781b955ed3ff807a781b494 and will be included in TensorFlow 2.10.0. The fix will also be backported (applied to older versions still being supported) to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. Users should update to these patched versions.
NVD/CVE DatabaseFix: The fix will be included in TensorFlow 2.10.0. Patched versions will also be available in TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. The source notes there are no known workarounds for this issue.
NVD/CVE DatabaseFix: The fix is included in TensorFlow 2.10.0. The patch will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, which are still supported. Users should update to one of these patched versions. No workarounds are available until an update is applied.
NVD/CVE DatabaseFix: Update to TensorFlow 2.10.0, or apply the cherrypick to versions 2.9.1, 2.8.1, or 2.7.2 (the patched versions for users on older supported releases). The fix is included in GitHub commit 61f0f9b94df8c0411f0ad0ecc2fec2d3f3c33555. There are no known workarounds for this issue.
NVD/CVE DatabaseFix: Upgrade to Streamlit version 1.11.1 or later. The source explicitly states, 'This issue has been resolved in version 1.11.1. Users are advised to upgrade.' No workarounds are available.
NVD/CVE DatabaseFix: Update TensorFlow to version 2.9.0, 2.8.1, 2.7.2, or 2.6.4 or later. The maintainers removed the `safe=False` argument, so all parsing is now done without calling `eval`.
NVD/CVE Database