Google Git
Sign in
fuchsia / third_party / github.com / tensorflow / tensorflow / 8868823c20727507c161b18299731b7790a1b3ca / . / tensorflow / security
tree: 9f1c97aff20c6aac560b6e3a9de1903abceea9f6 [path history] [tgz]
  1. advisory/
  2. fuzzing/
  3. README.md
tensorflow/security/README.md

TensorFlow Security Advisories

C++ fuzzing: Fuzzing Status

Python fuzzing: Fuzzing Status

We regularly publish security advisories about using TensorFlow.

Note: In conjunction with these security advisories, we strongly encourage TensorFlow users to read and understand TensorFlow's security model as outlined in SECURITY.md.

Advisory NumberTypeVersions affectedReported byAdditional Information
TFSA-2023-020OOB Read in GRUBlockCellGrad<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-019FPE in AvgPoolGrad with XLA<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-018OOB read in DynamicStitch<= 2.12.0Google OSS VRP
TFSA-2023-017NPE in QuantizedMatMulWithBiasAndDequantize<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-016Seg fault in tf.raw_ops.Print<= 2.12.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2023-015Segmentation fault in tfg-translate<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-014Integer overflow in EditDistance<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-013FPE in TensorListSplit with XLA<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-012NPE in TensorArrayConcatV2<= 2.12.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2023-011FPE in TensorListSplit with XLA<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-010Heap-buffer-overflow in AvgPoolGrad<= 2.12.0evn@google.com
TFSA-2023-009NPE in RandomShuffle with XLA enable<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-008FPE in AudioSpectrogram<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-007Segfault in Bincount with XLA<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-006NPE in SparseSparseMaximum<= 2.12.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2023-005Null dereference on ParallelConcat with XLA<= 2.12.0r3pwnx of 360 AIVul Team
TFSA-2023-004Segfault when opening multiframe gif<= 2.12.0Andrei
TFSA-2023-003Double free in Fractional(Max/Avg)Pool<= 2.12.0https://github.com/dmc1778 of nimashiri2012@gmail.com
TFSA-2023-002A heap out-of-buffer read vulnerability in the QuantizeAndDequantize operation<= 2.12.0
TFSA-2023-001FPE in TFLite in conv kernel<= 2.12.0Wang Xuan of Qihoo 360 AIVul Team
TFSA-2022-170CHECK fail in TensorListScatter and TensorListScatterV2 in eager mode<= 2.11.0Pattarakrit Rattankul
TFSA-2022-169CHECK failure in SobolSample via missing validation<= 2.11.0(multiple authors)
TFSA-2022-168Heap overflow in QuantizeAndDequantizeV2<= 2.11.0Reported via OSS VRP
TFSA-2022-167OOB write in grappler<= 2.11.0(discovered internally)
TFSA-2022-166Invalid char to bool conversion when printing a tensor<= 2.11.0(discovered internally)
TFSA-2022-165FractionalMaxPool and FractionalAvgPool heap out-of-buffer<= 2.11.0Reported via OSS VRP
TFSA-2022-164CHECK_EQ fail via input in SparseMatrixNNZ<= 2.11.0Kang Hong Jin
TFSA-2022-163Segfault in CompositeTensorVariantToComponents<= 2.11.0pattarakritr@smu.edu.sg
TFSA-2022-162CHECK fail via inputs in PyFunc<= 2.11.0pattarakritr@smu.edu.sg
TFSA-2022-161CHECK fail via inputs in SdcaOptimizer<= 2.11.0Zizhuang Deng of IIE, UCAS
TFSA-2022-160CHECK fail via inputs in SparseFillEmptyRowsGrad<= 2.11.0Jiawei Liu, PhD student at University of Illinois, Urbana-Champaign
TFSA-2022-159FractionalMaxPoolGrad Heap OOB<= 2.11.0Yu Tian from Qihoo 360 AIVul Team
TFSA-2022-158tf.raw_ops.Mfcc crashes<= 2.11.0Yu Tian from Qihoo 360 AIVul Team
TFSA-2022-157MirrorPadGrad heap oob<= 2.11.0Yu Tian from Qihoo 360 AIVul Team
TFSA-2022-156Buffer overflow in CONV_3D_TRANSPOSE on TFLite<= 2.11.0Thibaut Goetghebuer-Planchon, Arm Ltd.
TFSA-2022-155CHECK_EQ fail in tf.raw_ops.TensorListResize<= 2.11.0Pattarakrit Rattankul
TFSA-2022-154Segfault in tf.raw_ops.TensorListConcat<= 2.11.0Tong Liu, ShanghaiTech University
TFSA-2022-153CHECK fail in BCast overflow<= 2.11.0Pattarakrit Rattankul
TFSA-2022-152Segfault via invalid attributes in pywrap_tfe_src.cc<= 2.11.0Pattarakrit Rattankul
TFSA-2022-151FPE in tf.image.generate_bounding_box_proposals<= 2.11.0Pattarakrit Rattankul
TFSA-2022-150Overflow in tf.keras.losses.poisson>= 2.9.0, <= 2.11.0Pattarakrit Rattankul
TFSA-2022-149Overflow in ResizeNearestNeighborGrad<= 2.11.0Neophytos Christou from the Secure Systems Lab (SSL) at Brown University
TFSA-2022-148Overflow in ImageProjectiveTransformV2<= 2.11.0Neophytos Christou from the Secure Systems Lab (SSL) at Brown University
TFSA-2022-147Overflow in FusedResizeAndPadConv2D<= 2.11.0Neophytos Christou from the Secure Systems Lab (SSL) at Brown University
TFSA-2022-146Seg fault in ndarray_tensor_bridge due to zero and large input<= 2.11.0Pattarakrit Rattanukul
TFSA-2022-145OOB seg fault in DynamicStitch due to missing validation<= 2.11.0Zizhuang Deng of IIE, UCAS
TFSA-2022-144ThreadUnsafeUnigramCandidateSampler Heap OOB<= 2.11.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-143OOB read in Gather_nd op in TF Lite Micro<= 2.10.0Hui Peng from Baidu Security
TFSA-2022-142CHECK-fail in tensorflow::full_type::SubstituteFromAttrs<= 2.10.0(discovered internally)
TFSA-2022-141Integer overflow in math ops<= 2.10.0(discovered internally)
TFSA-2022-140Null-dereference in mlir::tfg::TFOp::nameAttr<= 2.10.0(discovered internally)
TFSA-2022-139Null-dereference in mlir::tfg::GraphDefImporter::ConvertNodeDef<= 2.10.0(discovered internally)
TFSA-2022-138Assertion fail on MLIR empty edge names<= 2.10.0(discovered internally)
TFSA-2022-137Null dereference on MLIR on empty function attributes<= 2.10.0(discovered internally)
TFSA-2022-136CHECK fail in Eig<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-135CHECK fail in DrawBoundingBoxes<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-134CHECK fail in Unbatch<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-133CHECK fail in RandomPoissonV2<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-132CHECK fail in tf.random.gamma<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-131CHECK fail in FakeQuantWithMinMaxVarsGradient<= 2.10.0(multiple authors)
TFSA-2022-130CHECK fail in FakeQuantWithMinMaxVarsPerChannelGradient<= 2.10.0(multiple authors)
TFSA-2022-129CHECK fail in TensorListScatter and TensorListScatterV2<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-128CHECK fail in TensorListFromTensor<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-127CHECK fail in SetSize<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-126CHECK fail in CollectiveGather<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-125CHECK fail in AudioSummaryV2<= 2.10.0刘力源, Information System & Security and Countermeasures Experiments Center, Beijing Institute of Technology
TFSA-2022-124Floating point exception in Conv2D<= 2.10.0Jingyi Shi
TFSA-2022-123CHECK fail in tf.sparse.cross<= 2.10.0Kang Hong Jin
TFSA-2022-122CHECK fail in EmptyTensorList<= 2.10.0Kang Hong Jin
TFSA-2022-121CHECK fail in Conv2DBackpropInput<= 2.10.0Jingyi Shi
TFSA-2022-120CHECK fail in MaxPool<= 2.10.0Jingyi Shi
TFSA-2022-119CHECK fail in tf.linalg.matrix_rank<= 2.10.0Kang Hong Jin
TFSA-2022-118CHECK fail in DenseBincount<= 2.10.0Di Jin, Secure Systems Labs, Brown University
TFSA-2022-117Segfault in RaggedBincount<= 2.10.0Di Jin, Secure Systems Labs, Brown University
TFSA-2022-116CHECK fail in LRNGrad<= 2.10.0Di Jin, Secure Systems Labs, Brown University
TFSA-2022-115CHECK fail in ParameterizedTruncatedNormal<= 2.10.0Di Jin, Secure Systems Labs, Brown University
TFSA-2022-114CHECK fail in Save and SaveSlices<= 2.10.0Di Jin, Secure Systems Labs, Brown University
TFSA-2022-113Segfault in SparseBincount<= 2.10.0Di Jin, Secure Systems Labs, Brown University
TFSA-2022-112CHECK fail in QuantizeAndDequantizeV3<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-111CHECK fail in RaggedTensorToVariant<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-110CHECK fail in FractionalMaxPoolGrad<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-109Segfault in QuantizedRelu and QuantizedRelu6<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-108Segfault in QuantizeDownAndShrinkRange<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-107Segfault in QuantizedMatMul<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-106CHECK fail in FakeQuantWithMinMaxVarsPerChannel<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-105Segfault in QuantizedBiasAdd<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-104Segfault in Requantize<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-103CHECK fail in FakeQuantWithMinMaxVars<= 2.10.0(multiple authors)
TFSA-2022-102Segfault in QuantizedInstanceNorm<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-101CHECK fail in Conv2DBackpropInput<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-100CHECK fail in AvgPoolGrad<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-099Segfault in QuantizedAdd<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-098Segfault in QuantizedAvgPool<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-097Segfault in LowerBound and UpperBound<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-096Segfault in BlockLSTMGradV2<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-095CHECK failures in FractionalAvgPoolGrad<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-094CHECK failures in AvgPool3DGrad<= 2.10.0Neophytos Christou, Secure Systems Labs, Brown University
TFSA-2022-093Segfault TFLite converter on per-channel quantized transposed convolutions<= 2.10.0(Reported on GitHub)issue
TFSA-2022-092CHECK failures in UnbatchGradOp<= 2.10.0(multiple authors)
TFSA-2022-091CHECK failure in AvgPoolOp<= 2.10.0Jingyi Shi
TFSA-2022-090Int overflow in RaggedRangeOp<= 2.10.0Jingyi Shi
TFSA-2022-089OOB write in Scatter_nd op in TF Lite<= 2.10.0Hui Peng from Baidu Security
TFSA-2022-088CHECK failure in TensorListReserve via missing validation<= 2.10.0Kang Hong Jin from Singapore Management University
TFSA-2022-087OOB read in Gather_nd op in TF Lite<= 2.10.0Hui Peng from Baidu Security
TFSA-2022-086CHECK failure in SobolSample via missing validation<= 2.10.0(multiple authors)
TFSA-2022-085CHECK failure in tf.reshape via overflows<= 2.10.0Kang Hong Jin from Singapore Management University
TFSA-2022-084Heap buffer overflow due to incorrect hash function== 2.8.0(discovered internally)
TFSA-2022-083Type confusion leading to CHECK-failure based denial of service< 2.9.0(Reported on GitHub)issue
TFSA-2022-082Incomplete validation in signal ops leads to crashes< 2.9.0(Reported on GitHub)issue
TFSA-2022-081Core dump when loading TFLite models with quantization< 2.9.0(Reported on GitHub)issue
TFSA-2022-080Segfault if tf.histogram_fixed_width is called with NaN values< 2.9.0(Reported on GitHub)issue
TFSA-2022-079Denial of service in tf.ragged.constant due to lack of validation< 2.9.0(Reported on GitHub)issue
TFSA-2022-078Missing validation causes denial of service via Conv3DBackpropFilterV2< 2.9.0(Reported on GitHub)issue
TFSA-2022-077Segfault and OOB write due to incomplete validation in EditDistance< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-076Integer overflow in SpaceToBatchND< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-075Missing validation results in undefined behavior in QuantizedConv2D< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-074Missing validation results in undefined behavior in SparseTensorDenseAdd< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-073Segfault due to missing support for quantized types< 2.9.0Hong Jin, Singapore Management University
TFSA-2022-072Undefined behavior when users supply invalid resource handles< 2.9.0Hong Jin, Singapore Management University
TFSA-2022-071CHECK failure in depthwise ops via overflows< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-070Missing validation causes denial of service via Conv3DBackpropFilterV2< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-069Missing validation causes denial of service via LSTMBlockCell< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-068Missing validation causes denial of service via SparseTensorToCSRSparseMatrix< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-067Missing validation causes denial of service via LoadAndRemapMatrix< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-066Missing validation causes denial of service via UnsortedSegmentJoin< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-065Missing validation causes denial of service via StagePeek< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-064Missing validation causes denial of service via GetSessionTensor< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-063Missing validation causes denial of service via DeleteSessionTensor< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-062Missing validation crashes QuantizeAndDequantizeV4Grad< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University
TFSA-2022-061Missing validation causes TensorSummaryV2 to crash< 2.9.0Neophytos Christou, Secure Systems Lab, Brown University and Hong Jin, Singapore Management University
TFSA-2022-060Code injection in saved_model_cli< 2.9.0Andey Robins, Cybersecurity Education and Research Lab, University of Wyoming
TFSA-2022-059Null pointer dereference in BuildXlaCompilationCache (XLA)< 2.8.0(discovered internally)
TFSA-2022-058Segfault in simplifyBroadcast (MLIR)== 2.8.0(discovered internally)
TFSA-2022-057Multiple crashes, heap OOB accesses in TFG dialect (MLIR)>= 2.7.0, < 2.8.0(discovered internally)
TFSA-2022-056Crash due to erroneous StatusOr>= 2.7.0, < 2.8.0(discovered internally)
TFSA-2022-055Heap OOB access in RunForwardTypeInference== 2.8.0(discovered internally)
TFSA-2022-054Stack overflow due to self-recursive function in GraphDef< 2.8.0(discovered internally)
TFSA-2022-053CHECK failure in constant folding< 2.8.0(discovered internally)
TFSA-2022-052Null pointer dereference in Grappler's IsConstant< 2.8.0(discovered internally)
TFSA-2022-051Integer overflow in Grappler cost estimation of crop and resize operation< 2.8.0(discovered internally)
TFSA-2022-050CHECK-fails due to attempting to build a reference tensor< 2.8.0(discovered internally)
TFSA-2022-049Multiple CHECK-fails in function.cc< 2.8.0(discovered internally)
TFSA-2022-048Memory leak in decoding PNG images< 2.8.0(discovered internally)
TFSA-2022-047Use after free in DecodePng kernel< 2.8.0(discovered internally)
TFSA-2022-046CHECK-failures in binary ops due to type confusion< 2.8.0(discovered internally)
TFSA-2022-045CHECK-failures in TensorByteSize< 2.8.0(discovered internally)
TFSA-2022-044CHECK-failures during Grappler's SafeToRemoveIdentity< 2.8.0(discovered internally)
TFSA-2022-043CHECK-failures during Grappler's IsSimplifiableReshape< 2.8.0(discovered internally)
TFSA-2022-042Abort caused by allocating a vector that is too large< 2.8.0(discovered internally)
TFSA-2022-041Memory leak when a graph node is invalid< 2.8.0(discovered internally)
TFSA-2022-040Null dereference in GetInitOp< 2.8.0(discovered internally)
TFSA-2022-039Integer overflow in OpLevelCostEstimator::CalculateOutputSize< 2.8.0(discovered internally)
TFSA-2022-038Integer overflow in OpLevelCostEstimator::CalculateTensorSize< 2.8.0(discovered internally)
TFSA-2022-037Unitialized variable access in AssignOp< 2.8.0(discovered internally)
TFSA-2022-036Heap OOB read/write in SpecializeType>= 2.6.0, < 2.8.0(discovered internally)
TFSA-2022-035Crash when type cannot be specialized>= 2.6.0, < 2.8.0(discovered internally)
TFSA-2022-034Null-dereference when specializing tensor type>= 2.6.0, < 2.8.0(discovered internally)
TFSA-2022-033CHECK-fail when decoding invalid tensors from proto< 2.8.0(discovered internally)
TFSA-2022-032Heap OOB write in Grappler< 2.8.0(discovered internally)
TFSA-2022-031CHECK-fail with repeated AttrDef< 2.8.0(discovered internally)
TFSA-2022-030CHECK-fail when decoding resource handles from proto< 2.8.0(discovered internally)
TFSA-2022-029Missing validation causes tf.sparse.split to crash when axis is a tuple< 2.8.0(Reported on GitHub)issue
TFSA-2022-028Integer overflow in Range resulting in undefined behavior and OOM< 2.8.0(Reported on GitHub)issue
TFSA-2022-027Insecure temporary file< 2.8.0Srikanth Prathi on huntr.dev, internal variant analysis for more fixes
TFSA-2022-026Read and Write outside of bounds in TFLite< 2.8.0Wang Xuan of Qihoo 360 AIVul Team
TFSA-2022-025Dangerous OOB write in TFLite< 2.8.0Wang Xuan of Qihoo 360 AIVul Team
TFSA-2022-024Integer overflow in TFLite< 2.8.0Wang Xuan of Qihoo 360 AIVul Team
TFSA-2022-023Integer overflow in TFLite array creation< 2.8.0Wang Xuan of Qihoo 360 AIVul Team
TFSA-2022-022FPE in depthwise convolutions in TFLite< 2.8.0Wang Xuan of Qihoo 360 AIVul Team
TFSA-2022-021FPE in BiasAndClamp in TFLite< 2.8.0Wang Xuan of Qihoo 360 AIVul Team
TFSA-2022-020Heap overflow in SparseCountSparseOutput< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-019Integer overflow leading to crash in SparseCountSparseOutput< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-018Reference binding to null pointer in QuantizedMaxPool< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-017Assertion failure based denial of service via faulty bin count operations< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-016Undefined behavior in SparseTensorSliceDataset< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-015CHECK-fails when building invalid/overflowing tensor shapes< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-014Division by zero in FractionalMaxPool< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-013CHECK-failures in MapStage< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-012Integer overflows in AddManySparseToTensorsMap< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-011Integer overflows in most sparse component-wise ops< 2.8.0Faysal Hossain Shezan from University of Virginia
TFSA-2022-010More incomplete validation in boosted trees code< 2.8.0Yu Tian of Qihoo 360 AIVul Team, Faysal Hossain Shezan from University of Virginia
TFSA-2022-009OOM due to integer overflow in StringNGrams< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-008OOM in ThreadPoolHandle< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-007Type confusion in shape inference for ConcatV2< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-006Overflow and divide by zero in UnravelIndex< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-005Heap OOB access in FractionalAvgPoolGrad< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-004Integer overflow in shape inference for Dequantize< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-003Heap OOB access in Dequantize< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-002Heap OOB read in shape inference for ReverseSequence< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2022-001Floating point division by 0 when executing convolution operators< 2.8.0Yu Tian of Qihoo 360 AIVul Team
TFSA-2021-200Crash in tf.math.segment_* operations< 2.7.0(Reported on GitHub)issue
TFSA-2021-199Crash in max_pool3d when size argument is 0 or negative< 2.7.0(Reported on GitHub)issue
TFSA-2021-198Crashes due to overflow and CHECK-fail in ops with large tensor shapes< 2.7.0(Reported on GitHub)issue, issue, issue
TFSA-2021-197Incomplete validation in tf.summary.create_file_writer< 2.7.0(Reported on GitHub)issue
TFSA-2021-196Overflow/crash in tf.tile when tiling tensor is large< 2.7.0(Reported on GitHub)issue
TFSA-2021-195Overflow/crash in tf.image.resize when size is large< 2.7.0(Reported on GitHub)issue
TFSA-2021-194Overflow/crash in tf.range< 2.7.0(Reported on GitHub)issue, issue, issue
TFSA-2021-193Missing validation during checkpoint loading< 2.7.0(discovered internally)
TFSA-2021-192Uninitialized access in EinsumHelper::ParseEquation< 2.7.0(discovered internally)
TFSA-2021-191Segfault while copying constant resource tensor< 2.7.0(discovered internally)
TFSA-2021-190Incomplete validation of shapes in multiple TF ops< 2.7.0(discovered internally)
TFSA-2021-189Incomplete validation in boosted trees code< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-188Heap OOB read in tf.raw_ops.SparseCountSparseOutput< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-187FPE in convolutions with zero size filters< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-186FPE in ParallelConcat< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-185Heap OOB read in all tf.raw_ops.QuantizeAndDequantizeV* ops< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-184Heap OOB in shape inference for QuantizeV2>= 2.6.0, < 2.7.0Aivul Team from Qihoo 360
TFSA-2021-183Heap OOB read in tf.ragged.cross< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-182Reference binding to nullptr in tf.ragged.cross< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-181Null pointer exception in DeserializeSparse< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-180Deadlock in mutually recursive tf.function objects< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-179Heap buffer overflow in Transpose< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-178Undefined behavior via nullptr reference binding in sparse matrix multiplication< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-177Use after free / memory leak in CollectiveReduceV2>= 2.6.0, < 2.7.0Aivul Team from Qihoo 360
TFSA-2021-176Integer division by 0 in tf.raw_ops.AllToAll< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-175Null pointer exception when Exit node is not preceded by Enter op< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-174Access to invalid memory during shape inference in Cudnn* ops< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-173Segfault due to negative splits in SplitV< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-172SparseFillEmptyRows heap OOB< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-171Heap OOB in SparseBinCount< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-170Arbitrary memory read in ImmutableConst< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-169Heap OOB in FusedBatchNorm kernels< 2.7.0Aivul Team from Qihoo 360
TFSA-2021-168A use of uninitialized value vulnerability in Tensorflow< 2.7.0Qian Feng from Baidu Security Team
TFSA-2021-167Code injection in saved_model_cli< 2.7.0Omer Kaspi from Vdoo
TFSA-2021-166Use after free and segfault in shape inference functions< 2.6.0(discovered internally)
TFSA-2021-165Segfault on strings tensors with mismatched dimensions, due to Go code>=2.5.0, < 2.6.0(Reported on GitHub)PR
TFSA-2021-164FPE in LSH in TFLite< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-163Null pointer dereference in TFLite MLIR optimizations< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-162Null pointer dereference in TFLite< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-161Heap OOB in TFLite's Gather* implementations< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-160Heap OOB in TFLite< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-159Infinite loop in TFLite== 2.6.0Aivul Team from Qihoo 360
TFSA-2021-158FPE in TFLite pooling operations< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-157FPE in TFLite division operations< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-156Use of unitialized value in TFLite< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-155NPE in TFLite< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-154Division by zero in TFLite< 2.6.0Aivul Team from Qihoo 360, Yakun Zhang of Baidu Security
TFSA-2021-153Heap OOB in nested tf.map_fn with RaggedTensors< 2.6.0Haris Sahovic
TFSA-2021-152Arbitrary code execution due to YAML deserialization< 2.6.0Arjun Shibu
TFSA-2021-151Missing validation in shape inference for Dequantize< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-150Division by 0 in most convolution operators< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-149Reference binding to nullptr in shape inference< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-148Incomplete validation in MaxPoolGrad< 2.6.0Yakun Zhang of Baidu Security
TFSA-2021-147CHECK-fail in MapStage< 2.6.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-146Heap OOB in SdcaOptimizerV2< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-145Reference binding to nullptr in map operations< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-144Heap OOB in UpperBound and LowerBound< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-143Crash in NMS ops caused by integer conversion to unsigned< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-142FPE in tf.raw_ops.UnravelIndex< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-141Reference binding to nullptr in unicode encoding< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-140Reference binding to nullptr in RaggedTensorToVariant< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-139Incomplete validation in MKL requantization< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-138Incomplete validation in QuantizeV2< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-137Heap OOB in boosted trees< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-136Reference binding to nullptr in boosted trees< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-135Crash caused by integer conversion to unsigned< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-134Division by 0 in inplace operations< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-133Reference binding to nullptr and heap OOB in binary cwise ops< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-132Reference binding to nullptr in MatrixSetDiagV* ops< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-131Reference binding to nullptr in MatrixDiagV* ops< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-130Reference binding to nullptr in RaggedTensorToSparse< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-129Heap OOB in ResourceScatterUpdate< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-128Heap OOB and CHECK fail in ResourceGather< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-127Division by 0 in ResourceGather< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-126Use after free in boosted trees creation< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-125Heap buffer overflow in FractionalAvgPoolGrad< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-124Segfault and heap buffer overflow in {Experimental,}DatasetToTFRecord< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-123Null pointer dereference in UncompressElement< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-122Incorrect validation of SaveV2 inputs< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-121Null pointer dereference in SparseTensorSliceDataset< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-120Bad alloc in StringNGrams caused by integer conversion< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-119Integer overflow due to conversion to unsigned>=2.4.0, < 2.6.0Aivul Team from Qihoo 360
TFSA-2021-118Null pointer dereference in MatrixDiagPartOp< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-117std::abort raised from TensorListReserve< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-116Heap OOB in RaggedGather< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-115Division by 0 in ResourceScatterDiv< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-114Integer division by 0 in sparse reshaping>=2.5.0, < 2.6.0Aivul Team from Qihoo 360
TFSA-2021-113Null pointer dereference and heap OOB read in operations restoring tensors< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-112Null pointer dereference in RaggedTensorToTensor< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-111Null pointer dereference in CompressElement< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-110Floating point exception in SparseDenseCwiseDiv< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-109Heap out of bounds access in sparse reduction operations< 2.6.0Aivul Team from Qihoo 360
TFSA-2021-108Segfault in tf.raw_ops.ImmutableConst< 2.5.0(discovered internally)
TFSA-2021-107Segfault in tf.raw_ops.SparseCountSparseOutput< 2.5.0(discovered internally)
TFSA-2021-106Crash in tf.strings.substr due to CHECK-fail< 2.5.0(Reported on GitHub)issue report
TFSA-2021-105Crash in tf.transpose with complex inputs< 2.5.0(Reported on GitHub)issue report
TFSA-2021-104Null dereference in Grappler's TrySimplify< 2.5.0(discovered internally)
TFSA-2021-103Stack overflow in ParseAttrValue with nested tensors< 2.5.0(discovered internally)
TFSA-2021-102Interpreter crash from tf.io.decode_raw< 2.5.0(discovered internally)
TFSA-2021-101Incomplete validation in tf.raw_ops.CTCLoss< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-100Heap buffer overflow in BandedTriangularSolve< 2.5.0Ye Zhang and Yakun Zhang of Baidu X-Team
TFSA-2021-099Invalid validation in QuantizeAndDequantizeV2< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-098Incomplete validation in SparseReshape>=2.3.0, < 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-097Incomplete validation in SparseSparseMinimum< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-096Incomplete validation in SparseAdd< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-095Heap OOB and null pointer dereference in RaggedTensorToTensor< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-094Heap OOB read in TFLite< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-093Heap OOB write in TFLite< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-092Integer overflow in TFLite memory allocation< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-091Integer overflow in TFLite concatenation< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-090Division by zero in TFLite's implementation of hashtable lookup< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-089Division by zero in TFLite's implementation of DepthwiseConv< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-088Division by zero in TFLite's implementation of OneHot< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-087Division by zero in TFLite's implementation of Split< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-086Division by zero in TFLite's implementation of SVDF< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-085Division by zero in TFLite's implementation of SpaceToBatchNd< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-084Division by zero in TFLite's implementation of BatchToSpaceNd< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-083Division by zero in TFLite's implementation of EmbeddingLookup< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-082Division by zero in TFLite's convolution code< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-081Division by zero in TFLite's implementation of DepthToSpace< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-080Stack overflow due to looping TFLite subgraph< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-079Null pointer dereference in TFLite's Reshape operator< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-078Heap OOB read in TFLite's implementation of Minimum or Maximum< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-077Division by zero in TFLite's implementation of TransposeConv< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-076Division by zero in TFLite's implementation of GatherNd< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-075Division by zero in TFLite's implementation of SpaceToDepth< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-074Division by zero in optimized pooling implementations in TFLite< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-073Division by zero in padding computation in TFLite< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-072Heap buffer overflow and undefined behavior in FusedBatchNorm< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-071CHECK-fail due to integer overflow< 2.5.0University of Virginia and University of California, Santa Barbara
TFSA-2021-070Heap OOB read in tf.raw_ops.Dequantize< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-069Segfault in CTCBeamSearchDecoder< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-068Heap buffer overflow in MaxPoolGrad< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-067Heap buffer overflow in FractionalAvgPoolGrad< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-066Undefined behavior and CHECK-fail in FractionalMaxPoolGrad< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-065Heap buffer overflow in AvgPool3DGrad< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-064Heap buffer overflow in MaxPool3DGradGrad< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-063Undefined behavior in MaxPool3DGradGrad< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-062Division by 0 in MaxPoolGradWithArgmax< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-061Overflow/denial of service in tf.raw_ops.ReverseSequence< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-060Reference binding to nullptr in SdcaOptimizer< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-059Memory corruption in DrawBoundingBoxesV2< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-058Heap out of bounds read in RequantizationRange< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-057Heap out of bounds read in MaxPoolGradWithArgmax< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-056Lack of validation in SparseDenseCwiseMul< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-055Reference binding to null in ParameterizedTruncatedNormal< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-054Heap OOB access in Dilation2DBackpropInput< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-053Null pointer dereference in SparseFillEmptyRows< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-052Null pointer dereference in EditDistance< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-051CHECK-fail in tf.raw_ops.RFFT< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-050CHECK-fail in tf.raw_ops.IRFFT< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-049CHECK-fail in LoadAndRemapMatrix< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-048Heap buffer overflow in RaggedTensorToTensor< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-047Heap OOB access in unicode ops< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-046Heap buffer overflow in SparseSplit< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-045Division by 0 in Reverse< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-044Division by 0 in SparseMatMul< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-043Division by 0 in FusedBatchNorm< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-042Division by 0 in DenseCountSparseOutput< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-041CHECK-failure in UnsortedSegmentJoin< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-040Heap OOB in QuantizeAndDequantizeV3< 2.5.0Aivul Team from Qihoo 360
TFSA-2021-039OOB read in MatrixTriangularSolve< 2.5.0Ye Zhang and Yakun Zhang of Baidu X-Team
TFSA-2021-038Division by 0 in FractionalAvgPool< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-037Division by 0 in QuantizedAdd< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-036Division by 0 in QuantizedBatchNormWithGlobalNormalization< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-035Heap out of bounds in QuantizedBatchNormWithGlobalNormalization< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-034Division by 0 in QuantizedBiasAdd< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-033Heap buffer overflow in SparseTensorToCSRSparseMatrix< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-032CHECK-fail in CTCGreedyDecoder< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-031CHECK-fail in QuantizeAndDequantizeV4Grad>= 2.4.0, < 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-030Null pointer dereference in StringNGrams< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-029Heap buffer overflow StringNGrams< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-028Heap buffer overflow Conv2DBackpropFilter< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-027Division by zero in Conv2DBackpropFilter< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-026Heap buffer overflow in QuantizedReshape< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-025Heap buffer overflow in QuantizedResizeBilinear< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-024CHECK-fail in SparseConcat< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-023Heap buffer overflow in QuantizedMul< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-022CHECK-fail in DrawBoundingBoxes< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-021Heap out of bounds read in RaggedCross< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-020CHECK-fail in tf.raw_ops.EncodePng< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-019Heap buffer overflow caused by rounding< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-018Invalid validation in SparseMatrixSparseCholesky< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-017Division by 0 in QuantizedMul< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-016Division by 0 in QuantizedConv2D< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-015Division by 0 in Conv2D< 2.5.0Ying Wang and Yakun Zhang of Baidu X-Team
TFSA-2021-014Division by 0 in Conv2DBackpropInput< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-013Division by 0 in Conv2DBackpropFilter< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-012CHECK-fail in AddManySparseToTensorsMap< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-011Division by 0 in Conv3DBackprop*< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-010Heap buffer overflow in Conv3DBackprop*< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-009Segfault in SparseCountSparseOutput>= 2.3.0, < 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-008CHECK-fail in SparseCross due to type confusion< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-007Session operations in eager mode lead to null pointer dereferences>= 2.0.0, < 2.5.0Aivul Team from Qihoo 360
TFSA-2021-006Division by zero in Conv3D< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-005Null pointer dereference via invalid Ragged Tensors< 2.5.0Yakun Zhang and Ying Wang of Baidu X-Team
TFSA-2021-004Reference binding to null pointer in MatrixDiag* ops< 2.5.0Ye Zhang and Yakun Zhang of Baidu X-Team
TFSA-2021-003Type confusion during tensor casts lead to dereferencing null pointers< 2.5.0Aivul Team from Qihoo 360; Ye Zhang and Yakun Zhang of Baidu X-Team
TFSA-2021-002Heap out of bounds write in RaggedBinCount>= 2.3.0, < 2.5.0Aivul Team from Qihoo 360
TFSA-2021-001Heap buffer overflow in RaggedBinCount>= 2.3.0, < 2.5.0Aivul Team from Qihoo 360
TFSA-2020-034Heap out of bounds access in MakeEdge>= 1.15.0, <= 2.3.0(discovered internally)
TFSA-2020-033CHECK-fail in LSTM with zero-length input>= 1.15.0, <= 2.3.0(discovered internally)
TFSA-2020-032Heap out of bounds read in filesystem glob matching2.4.0-rc{0,1,2,3}Aivul Team from Qihoo 360
TFSA-2020-031Write to immutable memory region>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-030Lack of validation in data format attributes>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-029Uninitialized memory access in Eigen types>= 1.15.0, <= 2.3.0(discovered internally)
TFSA-2020-028Float cast overflow undefined behavior<= 2.3(Reported on GitHub)issue report
TFSA-2020-027Segfault in tf.quantization.quantize_and_dequantize<= 2.3(Reported on GitHub)issue report
TFSA-2020-026Segfault in tf.raw_ops.Switch in eager mode2.2.0, 2.3.0Aivul Team from Qihoo 360
TFSA-2020-025Undefined behavior in dlpack.to_dlpack2.2.0, 2.3.0Aivul Team from Qihoo 360
TFSA-2020-024Memory leak in dlpack.to_dlpack2.2.0, 2.3.0Aivul Team from Qihoo 360
TFSA-2020-023Memory corruption in dlpack.to_dlpack2.2.0, 2.3.0Aivul Team from Qihoo 360
TFSA-2020-022Crash due to invalid shape of grad_values in SparseFillEmptyRowsGrad>= 1.15.0, <= 2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-021Heap buffer overflow in SparseFillEmptyRowsGrad>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-020Heap buffer overflow in weighted sparse count ops2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-019Crash due to invalid splits in SparseCountSparseOutput2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-018Heap buffer overflow due to invalid indices in SparseCountSparseOutput2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-017Abort due to invalid splits in RaggedCountSparseOutput2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-016Segfault due to invalid splits in RaggedCountSparseOutput2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-015Heap buffer overflow due to invalid splits in RaggedCountSparseOutput2.3.0Aivul Team from Qihoo 360
TFSA-2020-014Integer truncation in Shard API usage>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-013Format-string vulnerability in TensorFlow's as_string>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-012Segfault by calling session-only ops in eager mode>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-011Data leak in tf.raw_ops.StringNGrams>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-010Incomplete validation in TensorFlow‘s SavedModel’s constant nodes causes segfaults>= 1.15.0, <= 2.3.0Shuaike Dong, Alipay Tian Qian Security Labissue report
TFSA-2020-009Segfault and data corruption caused by negative indexing in TFLite>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-008Data corruption due to dimension mismatch in TFLite>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-007Null pointer dereference in TFLite>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360, variant analysis
TFSA-2020-006Segmentation fault and/or data corruption due to invalid TFLite model>= 1.15.0, <= 2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-005Out of bounds access in TFLite operators>= 1.15.0, <= 2.3.0Aivul Team from Qihoo 360
TFSA-2020-004Out of bounds access in TFLite implementation of segment sum2.2.0, 2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-003Denial of service from TFLite implementation of segment sum2.2.0, 2.3.0(variant analysis, Aivul Team from Qihoo 360)
TFSA-2020-002Out of bounds write in TFLite implementation of segment sum2.2.0, 2.3.0Aivul Team from Qihoo 360
TFSA-2020-001Segmentation fault when converting a Python string to tf.float16>= 1.12.0, <= 2.1(found internally)
TFSA-2019-002Heap buffer overflow in UnsortedSegmentSum<= 1.14(found internally)
TFSA-2019-001Null Pointer Dereference Error in Decoding GIF Files<= 1.12Baidu Security Lab
TFSA-2018-006Crafted Configuration File results in Invalid Memory Access<= 1.7Blade Team of Tencent
TFSA-2018-005Old Snappy Library Usage Resulting in Memcpy Parameter Overlap<= 1.7Blade Team of Tencent
TFSA-2018-004Checkpoint Meta File Out-of-Bounds Read<= 1.7Blade Team of Tencent
TFSA-2018-003TensorFlow Lite TOCO FlatBuffer Parsing Vulnerability<= 1.7Blade Team of Tencent
TFSA-2018-002GIF File Parsing Null Pointer Dereference Error<= 1.5Blade Team of Tencent
TFSA-2018-001BMP File Parser Out-of-bounds Read<= 1.6Blade Team of Tencent
-Out Of Bounds Read<= 1.4Blade Team of Tencentissue report