CVE-2022-35939 – TensorFlow is an open source platform for machine learning. The `ScatterNd` function takes …

16 September 2022

Vuln ID: CVE-2022-35939

Published: 2022-09-16 20:15:10Z

Description: TensorFlow is an open source platform for machine learning. The `ScatterNd` function takes an input argument that determines the indices of of the output tensor. An input index greater than the output tensor or less than zero will either write content at the wrong index or trigger a crash. We have patched the issue in GitHub commit b4d4b4cb019bd7240a52daa4ba61e3cc814f0384. The fix will be included in TensorFlow 2.10.0. We will also cherrypick this commit on TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2, as these are also affected and still in supported range. There are no known workarounds for this issue.

Source: NVD.NIST.GOV

Date:

16 September 2022

Categorie(s):

NVD

Tag(s):

NVD

OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds26 April 2024
Threat Modeling and Understanding Inherent Threats – Adam Shostack – ESW #35926 April 2024
Check Point delivers strong quarterly revenue growth but stock drops26 April 2024
Rubrik IPO signals potential cybersecurity-led tech market revival25 April 2024
Foreign states targeting sensitive research at UK universities, MI5 warns25 April 2024