Tensorflow Google Tensorflow Open source machine learning / AI library

Do you want an email whenever new security vulnerabilities are reported in Google Tensorflow?

@tensorflow Tweets

RT @googlecloud: To save critical animal populations, conservation organizations are using photos taken from motion-activated cameras and a…
Tue Apr 20 19:01:04 +0000 2021

�� Visual coding for machine learning is better with Node-RED! In this #MadeWithTFJS, @pvaneckw from @IBM shares h… https://t.co/VBN2eYyo8H
Tue Apr 20 16:30:11 +0000 2021

�� TensorFlow 2.5.0-rc1 has been released! Read to find out more about the major features and improvements ↓ https://t.co/HuYqRbA3Uv
Fri Apr 16 20:00:01 +0000 2021

�� Working with TensorFlow? We want to see your projects! Submit your work to the #TFCommunitySpotlight program fo… https://t.co/ZkEe1Lg0yN
Fri Apr 16 17:05:23 +0000 2021

RT @ksoonson: Here are a few highlights of what ML GDEs are doing with ML technologies including TensorFlow and Google Cloud. I am privile…
Wed Apr 14 20:01:43 +0000 2021

By the Year

In 2021 there have been 0 vulnerabilities in Google Tensorflow . Last year Tensorflow had 6 security vulnerabilities published. Right now, Tensorflow is on track to have less security vulnerabilities in 2021 than it did last year.

Year Vulnerabilities Average Score
2021 0 0.00
2020 6 5.05
2019 7 8.23
2018 0 0.00

It may take a day or so for new Tensorflow vulnerabilities to show up. Additionally vulnerabilities may be tagged under a different product or component name.

Latest Google Tensorflow Security Vulnerabilities

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution

CVE-2020-26266 5.3 - Medium - December 10, 2020

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default value of the type but forgetting to default initialize the quantized floating point types in Eigen. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Use of Uninitialized Resource

In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created

CVE-2020-26268 4.4 - Medium - December 10, 2020

In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor is not an integral type, the operation crashes the Python interpreter as it tries to write to the memory area. If the file is too small, TensorFlow properly returns an error as the memory area has fewer bytes than what is needed for the tensor it creates. However, as soon as there are enough bytes, the above snippet causes a segmentation fault. This is because the allocator used to return the buffer data is not marked as returning an opaque handle since the needed virtual method is not overridden. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend

CVE-2020-26270 3.3 - Low - December 10, 2020

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a query-of-death vulnerability, via denial of service, if users can control the input to the layer. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Improper Input Validation

In affected versions of TensorFlow under certain cases, loading a saved model

CVE-2020-26271 3.3 - Low - December 10, 2020

In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge between one output tensor of the src node (given by output_index) and the input slot of the dst node (given by input_index). This is only possible if the types of the tensors on both sides coincide, so the function begins by obtaining the corresponding DataType values and comparing these for equality. However, there is no check that the indices point to inside of the arrays they index into. Thus, this can result in accessing data out of bounds of the corresponding heap allocated arrays. In most scenarios, this can manifest as unitialized data access, but if the index points far away from the boundaries of the arrays this can be used to leak addresses from the library. This is fixed in versions 1.15.5, 2.0.4, 2.1.3, 2.2.2, 2.3.2, and 2.4.0.

Use of Uninitialized Resource

TensorFlow before 1.7.0 has an integer overflow

CVE-2018-21233 6.5 - Medium - May 04, 2020

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decode_bmp_op.cc.

Out-of-bounds Read

In TensorFlow before 1.15.2 and 2.0.1, converting a string (

CVE-2020-5215 7.5 - High - January 28, 2020

In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which contains a string instead of a tf.float16 value. Similar effects can be obtained by manipulating saved models and checkpoints whereby replacing a scalar tf.float16 value with a scalar string will trigger this issue due to automatic conversions. This can be easily reproduced by tf.constant("hello", tf.float16), if eager execution is enabled. This issue is patched in TensorFlow 1.15.1 and 2.0.1 with this vulnerability patched. TensorFlow 2.1.0 was released after we fixed the issue, thus it is not affected. Users are encouraged to switch to TensorFlow 1.15.1, 2.0.1 or 2.1.0.

Improper Input Validation

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32

CVE-2019-16778 9.8 - Critical - December 16, 2019

In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSum can be produced when the Index template argument is int32. In this case data_size and num_segments fields are truncated from int64 to int32 and can produce negative numbers, resulting in accessing out of bounds heap memory. This is unlikely to be exploitable and was detected and fixed internally in TensorFlow 1.15 and 2.0.

Memory Corruption

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability

CVE-2018-7575 9.8 - Critical - April 24, 2019

Google TensorFlow 1.7.x and earlier is affected by a Buffer Overflow vulnerability. The type of exploitation is context-dependent.

Integer Overflow or Wraparound

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read

CVE-2018-7577 8.1 - High - April 24, 2019

Memcpy parameter overlap in Google Snappy library 1.1.4, as used in Google TensorFlow before 1.7.1, could result in a crash or read from other parts of process memory.

Improper Input Validation

NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service

CVE-2019-9635 6.5 - Medium - April 24, 2019

NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file.

NULL Pointer Dereference

Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory

CVE-2018-10055 8.1 - High - April 24, 2019

Invalid memory access and/or a heap buffer overflow in the TensorFlow XLA compiler in Google TensorFlow before 1.7.1 could cause a crash or read from other parts of process memory via a crafted configuration file.

Buffer Overflow

Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference

CVE-2018-7576 6.5 - Medium - April 23, 2019

Google TensorFlow 1.6.x and earlier is affected by: Null Pointer Dereference. The type of exploitation is: context-dependent.

NULL Pointer Dereference

Google TensorFlow 1.7 and below is affected by: Buffer Overflow

CVE-2018-8825 8.8 - High - April 23, 2019

Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code (local).

Buffer Overflow

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Google Tensorflow or by Google? Click the Watch button to subscribe.

Google Tensorflow
Open source machine learning / AI library

subscribe