Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Abort caused by allocating a vector that is too large in Tensorflow
Vulnerability Description
Tensorflow is an Open Source Machine Learning Framework. During shape inference, TensorFlow can allocate a large vector based on a value from a tensor controlled by the user. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
未加控制的资源消耗(资源穷尽)
Vulnerability Title
Google TensorFlow 资源管理错误漏洞
Vulnerability Description
Google TensorFlow是美国谷歌(Google)公司的一套用于机器学习的端到端开源平台。 Tensorflow 存在资源管理错误漏洞,修复将包含在TensorFlow 2.8.0中。我们也会在TensorFlow 2.7.1、TensorFlow 2.6.3和TensorFlow 2.5.3上选择这个提交,因为这些也会受到影响,并且仍然在支持范围内。
CVSS Information
N/A
Vulnerability Type
N/A