CWE-754
Allowed-with-ReviewImproper Check for Unusual or Exceptional Conditions
Abstraction: Class · Status: Incomplete
The product does not check or incorrectly checks for unusual or exceptional conditions that are not expected to occur frequently during day to day operation of the product.
907 vulnerabilities reference this CWE, most recent first.
GHSA-6FGQ-MQXJ-XC3R
Vulnerability from github – Published: 2024-10-08 21:31 – Updated: 2024-10-08 21:31Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.
{
"affected": [],
"aliases": [
"CVE-2024-27457"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-10-08T19:15:13Z",
"severity": "LOW"
},
"details": "Improper check for unusual or exceptional conditions in Intel(R) TDX Module firmware before version 1.5.06 may allow a privileged user to potentially enable information disclosure via local access.",
"id": "GHSA-6fgq-mqxj-xc3r",
"modified": "2024-10-08T21:31:09Z",
"published": "2024-10-08T21:31:09Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27457"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01099.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
GHSA-6FJ5-M822-RQX8
Vulnerability from github – Published: 2024-01-31 23:16 – Updated: 2024-06-10 18:39Impact
Pulling an intentionally malformed Docker image manifest crashes the dockerd daemon.
Patches
Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.
Credits
Maintainers would like to thank Josh Larsen, Ian Coldwater, Duffie Cooley, Rory McCune for working on the vulnerability and Brad Geesaman for responsibly disclosing it to security@docker.com.
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/moby/moby"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "19.3.15"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "Go",
"name": "github.com/moby/moby"
},
"ranges": [
{
"events": [
{
"introduced": "20.10.0-beta1"
},
{
"fixed": "20.10.3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-21285"
],
"database_specific": {
"cwe_ids": [
"CWE-400",
"CWE-754"
],
"github_reviewed": true,
"github_reviewed_at": "2024-01-31T23:16:46Z",
"nvd_published_at": "2021-02-02T18:15:00Z",
"severity": "MODERATE"
},
"details": "### Impact\n\nPulling an intentionally malformed Docker image manifest crashes the `dockerd` daemon.\n\n### Patches\n\nVersions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.\n\n### Credits\n\nMaintainers would like to thank Josh Larsen, Ian Coldwater, Duffie Cooley, Rory McCune for working on the vulnerability and Brad Geesaman for responsibly disclosing it to security@docker.com.",
"id": "GHSA-6fj5-m822-rqx8",
"modified": "2024-06-10T18:39:20Z",
"published": "2024-01-31T23:16:46Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/moby/moby/security/advisories/GHSA-6fj5-m822-rqx8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21285"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/commit/8d3179546e79065adefa67cc697c09d0ab137d30"
},
{
"type": "WEB",
"url": "https://docs.docker.com/engine/release-notes/#20103"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/releases/tag/v19.03.15"
},
{
"type": "WEB",
"url": "https://github.com/moby/moby/releases/tag/v20.10.3"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/202107-23"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210226-0005"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2021/dsa-4865"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
],
"summary": "moby docker daemon crash during image pull of malicious image"
}
GHSA-6G85-3HM8-83F9
Vulnerability from github – Published: 2021-05-21 14:23 – Updated: 2024-11-19 19:33Impact
An attacker can trigger a denial of service via a CHECK-fail in tf.raw_ops.QuantizeAndDequantizeV4Grad:
import tensorflow as tf
gradient_tensor = tf.constant([0.0], shape=[1])
input_tensor = tf.constant([0.0], shape=[1])
input_min = tf.constant([[0.0]], shape=[1, 1])
input_max = tf.constant([[0.0]], shape=[1, 1])
tf.raw_ops.QuantizeAndDequantizeV4Grad(
gradients=gradient_tensor, input=input_tensor,
input_min=input_min, input_max=input_max, axis=0)
This is because the implementation does not validate the rank of the input_* tensors. In turn, this results in the tensors being passes as they are to QuantizeAndDequantizePerChannelGradientImpl:
template <typename Device, typename T>
struct QuantizeAndDequantizePerChannelGradientImpl {
static void Compute(const Device& d,
typename TTypes<T, 3>::ConstTensor gradient,
typename TTypes<T, 3>::ConstTensor input,
const Tensor* input_min_tensor,
const Tensor* input_max_tensor,
typename TTypes<T, 3>::Tensor input_backprop,
typename TTypes<T>::Flat input_min_backprop,
typename TTypes<T>::Flat input_max_backprop) {
...
auto input_min = input_min_tensor->vec<T>();
auto input_max = input_max_tensor->vec<T>();
...
}
However, the vec<T> method, requires the rank to 1 and triggers a CHECK failure otherwise.
Patches
We have patched the issue in GitHub commit 20431e9044cf2ad3c0323c34888b192f3289af6b.
The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 as this is the only other affected version.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-29544"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-18T21:50:36Z",
"nvd_published_at": "2021-05-14T20:15:00Z",
"severity": "LOW"
},
"details": "### Impact\nAn attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.QuantizeAndDequantizeV4Grad`:\n\n```python\nimport tensorflow as tf\n\ngradient_tensor = tf.constant([0.0], shape=[1])\ninput_tensor = tf.constant([0.0], shape=[1])\ninput_min = tf.constant([[0.0]], shape=[1, 1])\ninput_max = tf.constant([[0.0]], shape=[1, 1])\n\ntf.raw_ops.QuantizeAndDequantizeV4Grad(\n gradients=gradient_tensor, input=input_tensor,\n input_min=input_min, input_max=input_max, axis=0)\n``` \n \nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163) does not validate the rank of the `input_*` tensors. In turn, this results in the tensors being passes as they are to [`QuantizeAndDequantizePerChannelGradientImpl`](https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306):\n\n```cc \ntemplate \u003ctypename Device, typename T\u003e\nstruct QuantizeAndDequantizePerChannelGradientImpl {\n static void Compute(const Device\u0026 d,\n typename TTypes\u003cT, 3\u003e::ConstTensor gradient,\n typename TTypes\u003cT, 3\u003e::ConstTensor input,\n const Tensor* input_min_tensor,\n const Tensor* input_max_tensor,\n typename TTypes\u003cT, 3\u003e::Tensor input_backprop,\n typename TTypes\u003cT\u003e::Flat input_min_backprop,\n typename TTypes\u003cT\u003e::Flat input_max_backprop) {\n ...\n auto input_min = input_min_tensor-\u003evec\u003cT\u003e();\n auto input_max = input_max_tensor-\u003evec\u003cT\u003e();\n ...\n}\n```\n\nHowever, the `vec\u003cT\u003e` method, requires the rank to 1 and triggers a `CHECK` failure otherwise.\n\n### Patches\nWe have patched the issue in GitHub commit [20431e9044cf2ad3c0323c34888b192f3289af6b](https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2 as this is the only other affected version.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.",
"id": "GHSA-6g85-3hm8-83f9",
"modified": "2024-11-19T19:33:14Z",
"published": "2021-05-21T14:23:22Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29544"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-472.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-670.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-181.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.cc#L162-L163"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/blob/95078c145b5a7a43ee046144005f733092756ab5/tensorflow/core/kernels/quantize_and_dequantize_op.h#L295-L306"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "CHECK-fail in `QuantizeAndDequantizeV4Grad`"
}
GHSA-6HMC-RVH2-WXQ3
Vulnerability from github – Published: 2026-03-24 15:30 – Updated: 2026-03-25 21:30Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9.
{
"affected": [],
"aliases": [
"CVE-2026-4709"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-03-24T13:16:06Z",
"severity": "HIGH"
},
"details": "Incorrect boundary conditions in the Audio/Video: GMP component. This vulnerability affects Firefox \u003c 149, Firefox ESR \u003c 115.34, and Firefox ESR \u003c 140.9.",
"id": "GHSA-6hmc-rvh2-wxq3",
"modified": "2026-03-25T21:30:27Z",
"published": "2026-03-24T15:30:28Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4709"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016329"
},
{
"type": "WEB",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=2016342"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-20"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-21"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-23"
},
{
"type": "WEB",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6J9C-GRC6-5M6G
Vulnerability from github – Published: 2021-05-21 14:22 – Updated: 2024-10-30 23:22Impact
An attacker can trigger a denial of service via a CHECK-fail in tf.raw_ops.SparseConcat:
import tensorflow as tf
import numpy as np
indices_1 = tf.constant([[514, 514], [514, 514]], dtype=tf.int64)
indices_2 = tf.constant([[514, 530], [599, 877]], dtype=tf.int64)
indices = [indices_1, indices_2]
values_1 = tf.zeros([0], dtype=tf.int64)
values_2 = tf.zeros([0], dtype=tf.int64)
values = [values_1, values_2]
shape_1 = tf.constant([442, 514, 514, 515, 606, 347, 943, 61, 2], dtype=tf.int64)
shape_2 = tf.zeros([9], dtype=tf.int64)
shapes = [shape_1, shape_2]
tf.raw_ops.SparseConcat(indices=indices, values=values, shapes=shapes, concat_dim=2)
This is because the implementation takes the values specified in shapes[0] as dimensions for the output shape:
TensorShape input_shape(shapes[0].vec<int64>());
The TensorShape constructor uses a CHECK operation which triggers when InitDims returns a non-OK status.
template <class Shape>
TensorShapeBase<Shape>::TensorShapeBase(gtl::ArraySlice<int64> dim_sizes) {
set_tag(REP16);
set_data_type(DT_INVALID);
TF_CHECK_OK(InitDims(dim_sizes));
}
In our scenario, this occurs when adding a dimension from the argument results in overflow:
template <class Shape>
Status TensorShapeBase<Shape>::InitDims(gtl::ArraySlice<int64> dim_sizes) {
...
Status status = Status::OK();
for (int64 s : dim_sizes) {
status.Update(AddDimWithStatus(internal::SubtleMustCopy(s)));
if (!status.ok()) {
return status;
}
}
}
template <class Shape>
Status TensorShapeBase<Shape>::AddDimWithStatus(int64 size) {
...
int64 new_num_elements;
if (kIsPartial && (num_elements() < 0 || size < 0)) {
new_num_elements = -1;
} else {
new_num_elements = MultiplyWithoutOverflow(num_elements(), size);
if (TF_PREDICT_FALSE(new_num_elements < 0)) {
return errors::Internal("Encountered overflow when multiplying ",
num_elements(), " with ", size,
", result: ", new_num_elements);
}
}
...
}
This is a legacy implementation of the constructor and operations should use BuildTensorShapeBase or AddDimWithStatus to prevent CHECK-failures in the presence of overflows.
Patches
We have patched the issue in GitHub commit 69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c.
The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.
For more information
Please consult our security guide for more information regarding the security model and how to contact us with issues and questions.
Attribution
This vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.
{
"affected": [
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.2.0"
},
{
"fixed": "2.2.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.3.0"
},
{
"fixed": "2.3.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.2.0"
},
{
"fixed": "2.2.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.3.0"
},
{
"fixed": "2.3.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-cpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.2"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.1.4"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.2.0"
},
{
"fixed": "2.2.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.3.0"
},
{
"fixed": "2.3.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "PyPI",
"name": "tensorflow-gpu"
},
"ranges": [
{
"events": [
{
"introduced": "2.4.0"
},
{
"fixed": "2.4.2"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2021-29534"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": true,
"github_reviewed_at": "2021-05-18T22:44:01Z",
"nvd_published_at": "2021-05-14T20:15:00Z",
"severity": "LOW"
},
"details": "### Impact\nAn attacker can trigger a denial of service via a `CHECK`-fail in `tf.raw_ops.SparseConcat`: \n\n```python\nimport tensorflow as tf\nimport numpy as np\n\nindices_1 = tf.constant([[514, 514], [514, 514]], dtype=tf.int64)\nindices_2 = tf.constant([[514, 530], [599, 877]], dtype=tf.int64)\nindices = [indices_1, indices_2]\n\nvalues_1 = tf.zeros([0], dtype=tf.int64)\nvalues_2 = tf.zeros([0], dtype=tf.int64)\nvalues = [values_1, values_2]\n\nshape_1 = tf.constant([442, 514, 514, 515, 606, 347, 943, 61, 2], dtype=tf.int64)\nshape_2 = tf.zeros([9], dtype=tf.int64)\nshapes = [shape_1, shape_2]\n\ntf.raw_ops.SparseConcat(indices=indices, values=values, shapes=shapes, concat_dim=2)\n```\n\nThis is because the [implementation](https://github.com/tensorflow/tensorflow/blob/b432a38fe0e1b4b904a6c222cbce794c39703e87/tensorflow/core/kernels/sparse_concat_op.cc#L76) takes the values specified in `shapes[0]` as dimensions for the output shape:\n\n```cc\nTensorShape input_shape(shapes[0].vec\u003cint64\u003e());\n```\n\nThe [`TensorShape` constructor](https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L183-L188) uses a `CHECK` operation which triggers when [`InitDims`](https://github.com/tensorflow/tensorflow/blob/6f9896890c4c703ae0a0845394086e2e1e523299/tensorflow/core/framework/tensor_shape.cc#L212-L296) returns a non-OK status.\n\n```cc\ntemplate \u003cclass Shape\u003e\nTensorShapeBase\u003cShape\u003e::TensorShapeBase(gtl::ArraySlice\u003cint64\u003e dim_sizes) {\n set_tag(REP16);\n set_data_type(DT_INVALID);\n TF_CHECK_OK(InitDims(dim_sizes));\n}\n```\n\nIn our scenario, this occurs when adding a dimension from the argument results in overflow:\n\n```cc\ntemplate \u003cclass Shape\u003e\nStatus TensorShapeBase\u003cShape\u003e::InitDims(gtl::ArraySlice\u003cint64\u003e dim_sizes) {\n ...\n Status status = Status::OK();\n for (int64 s : dim_sizes) {\n status.Update(AddDimWithStatus(internal::SubtleMustCopy(s)));\n if (!status.ok()) {\n return status;\n }\n }\n}\n\ntemplate \u003cclass Shape\u003e\nStatus TensorShapeBase\u003cShape\u003e::AddDimWithStatus(int64 size) {\n ...\n int64 new_num_elements;\n if (kIsPartial \u0026\u0026 (num_elements() \u003c 0 || size \u003c 0)) {\n new_num_elements = -1;\n } else {\n new_num_elements = MultiplyWithoutOverflow(num_elements(), size);\n if (TF_PREDICT_FALSE(new_num_elements \u003c 0)) {\n return errors::Internal(\"Encountered overflow when multiplying \",\n num_elements(), \" with \", size,\n \", result: \", new_num_elements);\n }\n }\n ...\n}\n```\n\nThis is a legacy implementation of the constructor and operations should use `BuildTensorShapeBase` or `AddDimWithStatus` to prevent `CHECK`-failures in the presence of overflows.\n\n### Patches\nWe have patched the issue in GitHub commit [69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c](https://github.com/tensorflow/tensorflow/commit/69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c).\n\nThe fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.\n\n### For more information\nPlease consult [our security guide](https://github.com/tensorflow/tensorflow/blob/master/SECURITY.md) for more information regarding the security model and how to contact us with issues and questions.\n\n### Attribution\nThis vulnerability has been reported by Yakun Zhang and Ying Wang of Baidu X-Team.",
"id": "GHSA-6j9c-grc6-5m6g",
"modified": "2024-10-30T23:22:57Z",
"published": "2021-05-21T14:22:24Z",
"references": [
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6j9c-grc6-5m6g"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-29534"
},
{
"type": "WEB",
"url": "https://github.com/tensorflow/tensorflow/commit/69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-462.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-660.yaml"
},
{
"type": "WEB",
"url": "https://github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-171.yaml"
},
{
"type": "PACKAGE",
"url": "https://github.com/tensorflow/tensorflow"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"type": "CVSS_V4"
}
],
"summary": "CHECK-fail in SparseConcat"
}
GHSA-6P7R-3F3W-FJ8C
Vulnerability from github – Published: 2023-04-18 00:32 – Updated: 2024-04-04 03:31An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check. In a 6PE scenario and if an additional integrity check is configured, it will fail to drop specific malformed IPv6 packets, and then these packets will be forwarded to other connected networks. This issue affects Juniper Networks Junos OS: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R2-S1, 21.4R3; 22.1 versions prior to 22.1R2; 22.2 versions prior to 22.2R2.
{
"affected": [],
"aliases": [
"CVE-2023-28979"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-04-17T22:15:09Z",
"severity": "MODERATE"
},
"details": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the kernel of Juniper Networks Junos OS allows an adjacent unauthenticated attacker to bypass an integrity check. In a 6PE scenario and if an additional integrity check is configured, it will fail to drop specific malformed IPv6 packets, and then these packets will be forwarded to other connected networks. This issue affects Juniper Networks Junos OS: All versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.2 versions prior to 20.2R3-S7; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S3; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R2-S1, 21.4R3; 22.1 versions prior to 22.1R2; 22.2 versions prior to 22.2R2.",
"id": "GHSA-6p7r-3f3w-fj8c",
"modified": "2024-04-04T03:31:41Z",
"published": "2023-04-18T00:32:01Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28979"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA70604"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
"type": "CVSS_V3"
}
]
}
GHSA-6P97-XH7R-7CMV
Vulnerability from github – Published: 2022-05-24 17:33 – Updated: 2022-05-24 17:33A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.17; PAN-OS 9.0 versions earlier than 9.0.11; PAN-OS 9.1 versions earlier than 9.1.5; All versions of PAN-OS 7.1 and PAN-OS 8.0.
{
"affected": [],
"aliases": [
"CVE-2020-1999"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2020-11-12T00:15:00Z",
"severity": "MODERATE"
},
"details": "A vulnerability exists in the Palo Alto Network PAN-OS signature-based threat detection engine that allows an attacker to communicate with devices in the network in a way that is not analyzed for threats by sending data through specifically crafted TCP packets. This technique evades signature-based threat detection. This issue impacts: PAN-OS 8.1 versions earlier than 8.1.17; PAN-OS 9.0 versions earlier than 9.0.11; PAN-OS 9.1 versions earlier than 9.1.5; All versions of PAN-OS 7.1 and PAN-OS 8.0.",
"id": "GHSA-6p97-xh7r-7cmv",
"modified": "2022-05-24T17:33:54Z",
"published": "2022-05-24T17:33:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-1999"
},
{
"type": "WEB",
"url": "https://security.paloaltonetworks.com/CVE-2020-1999"
}
],
"schema_version": "1.4.0",
"severity": []
}
GHSA-6Q3R-569C-CRM7
Vulnerability from github – Published: 2024-12-04 18:32 – Updated: 2024-12-04 18:32While parsing certain malformed PLY files, PCL version 1.14.1 crashes due to an uncaught std::out_of_range exception in PCLPointCloud2::at. This issue could potentially be exploited to cause a denial-of-service (DoS) attack when processing untrusted PLY files.
{
"affected": [],
"aliases": [
"CVE-2024-53432"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-11-21T18:15:14Z",
"severity": "HIGH"
},
"details": "While parsing certain malformed PLY files, PCL version 1.14.1 crashes due to an uncaught std::out_of_range exception in PCLPointCloud2::at. This issue could potentially be exploited to cause a denial-of-service (DoS) attack when processing untrusted PLY files.",
"id": "GHSA-6q3r-569c-crm7",
"modified": "2024-12-04T18:32:34Z",
"published": "2024-12-04T18:32:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-53432"
},
{
"type": "WEB",
"url": "https://github.com/PointCloudLibrary/pcl/issues/6162"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6R2M-F9J9-H374
Vulnerability from github – Published: 2022-05-24 16:51 – Updated: 2022-06-14 00:00An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerability.
{
"affected": [],
"aliases": [
"CVE-2019-5020"
],
"database_specific": {
"cwe_ids": [
"CWE-20",
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2019-07-31T17:15:00Z",
"severity": "MODERATE"
},
"details": "An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerability.",
"id": "GHSA-6r2m-f9j9-h374",
"modified": "2022-06-14T00:00:28Z",
"published": "2022-05-24T16:51:54Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5020"
},
{
"type": "WEB",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2019-0781"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
GHSA-6R98-J483-GRPM
Vulnerability from github – Published: 2025-04-09 21:31 – Updated: 2025-04-09 21:31An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).
When a specific "show bgp neighbor" CLI command is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.
The device is only affected if BGP RIB sharding and update-threading is enabled. This issue affects Junos OS:
- All versions before 21.2R3-S9,
- from 21.4 before 21.4R3-S8,
- from 22.2 before 22.2R3-S6,
- from 22.4 before 22.4R3-S2,
- from 23.2 before 23.2R2-S3,
- from 23.4 before 23.4R2.
and Junos OS Evolved:
- All versions before 21.2R3-S9-EVO,
- from 21.4-EVO before 21.4R3-S8-EVO,
- from 22.2-EVO before 22.2R3-S6-EVO,
- from 22.4-EVO before 22.4R3-S2-EVO,
- from 23.2-EVO before 23.2R2-S3-EVO,
- from 23.4-EVO before 23.4R2-EVO.
{
"affected": [],
"aliases": [
"CVE-2025-30655"
],
"database_specific": {
"cwe_ids": [
"CWE-754"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-04-09T20:15:29Z",
"severity": "MODERATE"
},
"details": "An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to cause a Denial-of-Service (DoS).\n\nWhen a specific \"show bgp neighbor\" CLI command\u00a0is run, the rpd cpu utilization rises and eventually causes a crash and restart. Repeated use of this command will cause a sustained DoS condition.\u00a0\n\nThe device is only affected if BGP RIB sharding and update-threading is enabled.\nThis issue affects Junos OS:\u00a0\n\n\n\n * All versions before 21.2R3-S9,\u00a0\n * from 21.4 before 21.4R3-S8,\n * from 22.2 before 22.2R3-S6,\u00a0\n * from 22.4 before 22.4R3-S2,\u00a0\n * from 23.2 before 23.2R2-S3,\u00a0\n * from 23.4 before 23.4R2.\n\n\nand Junos OS Evolved:\u00a0\n\n\n\n * All versions before 21.2R3-S9-EVO,\u00a0\n * from 21.4-EVO before 21.4R3-S8-EVO,\u00a0\n * from 22.2-EVO before 22.2R3-S6-EVO,\u00a0\n * from 22.4-EVO before 22.4R3-S2-EVO,\u00a0\n * from 23.2-EVO before 23.2R2-S3-EVO,\u00a0\n * from 23.4-EVO before 23.4R2-EVO.",
"id": "GHSA-6r98-j483-grpm",
"modified": "2025-04-09T21:31:44Z",
"published": "2025-04-09T21:31:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30655"
},
{
"type": "WEB",
"url": "https://supportportal.juniper.net/JSA96465"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
Mitigation MIT-3
Strategy: Language Selection
- Use a language that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- Choose languages with features such as exception handling that force the programmer to anticipate unusual conditions that may generate exceptions. Custom exceptions may need to be developed to handle unusual business-logic conditions. Be careful not to pass sensitive exceptions back to the user (CWE-209, CWE-248).
Mitigation
Check the results of all functions that return a value and verify that the value is expected.
Mitigation
If using exception handling, catch and throw specific exceptions instead of overly-general exceptions (CWE-396, CWE-397). Catch and handle exceptions as locally as possible so that exceptions do not propagate too far up the call stack (CWE-705). Avoid unchecked or uncaught exceptions where feasible (CWE-248).
Mitigation MIT-39
- Ensure that error messages only contain minimal details that are useful to the intended audience and no one else. The messages need to strike the balance between being too cryptic (which can confuse users) or being too detailed (which may reveal more than intended). The messages should not reveal the methods that were used to determine the error. Attackers can use detailed information to refine or optimize their original attack, thereby increasing their chances of success.
- If errors must be captured in some detail, record them in log messages, but consider what could occur if the log messages can be viewed by attackers. Highly sensitive information such as passwords should never be saved to log files.
- Avoid inconsistent messaging that might accidentally tip off an attacker about internal state, such as whether a user account exists or not.
- Exposing additional information to a potential attacker in the context of an exceptional condition can help the attacker determine what attack vectors are most likely to succeed beyond DoS.
Mitigation MIT-5
Strategy: Input Validation
- Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
- When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
- Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
Mitigation MIT-38
If the program must fail, ensure that it fails gracefully (fails closed). There may be a temptation to simply let the program fail poorly in cases such as low memory conditions, but an attacker may be able to assert control before the software has fully exited. Alternately, an uncontrolled failure could cause cascading problems with other downstream components; for example, the program could send a signal to a downstream process so the process immediately knows that a problem has occurred and has a better chance of recovery.
Mitigation
Use system limits, which should help to prevent resource exhaustion. However, the product should still handle low resource conditions since they may still occur.
No CAPEC attack patterns related to this CWE.