Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect…
[com.thoughtworks.xstream:xstream] Denial of Service due to parser crash
Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a d…
[com.fasterxml.woodstox:woodstox-core] Denial of Service due to parser crash
Those using FasterXML/woodstox to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may …
[com.fasterxml.woodstox:woodstox-core] Denial of Service due to parser crash
Those using FasterXML/woodstox to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may …
[com.fasterxml.woodstox:woodstox-core] Denial of Service via stack overflow
Those using FasterXML/woodstox to serialise XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect ma…
[com.fasterxml.woodstox:woodstox-core] Denial of Service via stack overflow
Those using FasterXML/woodstox to serialise XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack overflow. This effect ma…
[tensorflow-cpu] TensorFlow vulnerable to `CHECK` fail in `Save` and `SaveSlices`
Impact
If Save or SaveSlices is run over tensors of an unsupported dtype, it results in a CHECK fail that can be used to trigger a denial of service attack.
import tensorflow as tf
filename = tf.constant(“”)
tensor_names = tf.constant(“”)
# Save
data =…
[tensorflow] TensorFlow vulnerable to `CHECK` fail in `ParameterizedTruncatedNormal`
Impact
ParameterizedTruncatedNormal assumes shape is of type int32. A valid shape of type int64 results in a mismatched type CHECK fail that can be used to trigger a denial of service attack.
import tensorflow as tf
seed = 1618
seed2 = 0
shape = tf.ran…
[tensorflow-cpu] TensorFlow vulnerable to null-dereference in `mlir::tfg::GraphDefImporter::ConvertNodeDef`
Impact
When mlir::tfg::GraphDefImporter::ConvertNodeDef tries to convert NodeDefs without an op name, it crashes.
Status GraphDefImporter::ConvertNodeDef(OpBuilder &builder, ConversionState &s,
const Node…
[tensorflow] TensorFlow vulnerable to null dereference on MLIR on empty function attributes
Impact
When mlir::tfg::ConvertGenericFunctionToFunctionDef is given empty function attributes, it gives a null dereference.
// Import the function attributes with a `tf.` prefix to match the current
// infrastructure expectations.
for (const auto& …