Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP3 package tensorflow2, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (63)
CVE-2021-37678 — CVSS 9.3 (critical): TensorFlow is an end-to-end open source platform for machine learning. In affected versions TensorFlow and Keras can be tricked to perform…
CVE-2021-37639 — CVSS 8.4 (high): TensorFlow is an end-to-end open source platform for machine learning. When restoring tensors via raw APIs, if the tensor name is not…
CVE-2021-37676 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via…
CVE-2021-37650 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.ExperimentalD…
CVE-2021-37663 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in…
CVE-2021-37665 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL…
CVE-2021-37648 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the code for `tf.raw_ops.SaveV2` does not…
CVE-2021-37666 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via…
CVE-2021-37688 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would…
CVE-2021-37671 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via…
CVE-2021-37652 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.BoostedTreesC…
CVE-2021-37681 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of SVDF in TFLite is…
CVE-2021-37667 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via…
CVE-2021-37689 — CVSS 7.8 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would…
CVE-2021-37643 — CVSS 7.7 (high): TensorFlow is an end-to-end open source platform for machine learning. If a user does not provide a valid padding value to…
CVE-2021-37637 — CVSS 7.7 (high): TensorFlow is an end-to-end open source platform for machine learning. It is possible to trigger a null pointer dereference in TensorFlow…
CVE-2021-37638 — CVSS 7.7 (high): TensorFlow is an end-to-end open source platform for machine learning. Sending invalid argument for `row_partition_types` of…
CVE-2021-37649 — CVSS 7.7 (high): TensorFlow is an end-to-end open source platform for machine learning. The code for `tf.raw_ops.UncompressElement` can be made to trigger a…
CVE-2021-37647 — CVSS 7.7 (high): TensorFlow is an end-to-end open source platform for machine learning. When a user does not supply arguments that determine a valid sparse…
CVE-2021-37654 — CVSS 7.3 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a…
CVE-2021-37641 — CVSS 7.3 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions if the arguments to `tf.raw_ops.RaggedGather`…
CVE-2021-37659 — CVSS 7.3 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via…
CVE-2021-37635 — CVSS 7.3 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of sparse reduction…
CVE-2021-37664 — CVSS 7.3 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of…
CVE-2021-37655 — CVSS 7.3 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read from outside of…
CVE-2021-37662 — CVSS 7.1 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can generate undefined behavior via…
CVE-2021-37679 — CVSS 7.1 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions it is possible to nest a `tf.map_fn` within…
CVE-2021-37651 — CVSS 7.1 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.FractionalAvg…
CVE-2021-37656 — CVSS 7.1 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via…
CVE-2021-37657 — CVSS 7.1 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via…
CVE-2021-37658 — CVSS 7.1 (high): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause undefined behavior via…
CVE-2021-37690 — CVSS 6.6 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions when running shape functions, some functions…
CVE-2021-37692 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions under certain conditions, Go code can trigger a…
CVE-2021-37636 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.SparseDenseCwi…
CVE-2021-37640 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.SparseReshape`…
CVE-2021-37642 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.ResourceScatte…
CVE-2021-37644 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions providing a negative element to `num_elements`…
CVE-2021-37645 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.QuantizeAndDeq…
CVE-2021-37646 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.raw_ops.StringNGrams`…
CVE-2021-37653 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash via a floating…
CVE-2021-37660 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a floating point…
CVE-2021-37661 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause a denial of service in…
CVE-2021-37668 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial of service in…
CVE-2021-37669 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial of service in…
CVE-2021-37670 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of…
CVE-2021-37672 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can read from outside of bounds of…
CVE-2021-37673 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via…
CVE-2021-37674 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a denial of service via…
CVE-2021-37675 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions most implementations of convolution operators…
CVE-2021-37677 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the shape inference code for…
CVE-2021-37680 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of fully connected layers in…
CVE-2021-37683 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of division in TFLite is…
CVE-2021-37684 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementations of pooling in TFLite are…
CVE-2021-37685 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's [`expand_dims.cc`](https://github.com/t…
CVE-2021-37686 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions the strided slice implementation in TFLite has…
CVE-2021-37687 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions TFLite's [`GatherNd` implementation](https://git…
CVE-2021-37691 — CVSS 5.5 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would…
CVE-2020-26271 — CVSS 4.4 (medium): In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building…
CVE-2021-37682 — CVSS 4.4 (medium): TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that use quantization can…
CVE-2020-26266 — CVSS 4.4 (medium): In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is…
CVE-2020-26270 — CVSS 4.4 (medium): In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK…
CVE-2020-26268 — CVSS 4.4 (medium): In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file…
CVE-2020-26267 — CVSS 4.4 (medium): In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The…