CVE-2020-15194

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-15194

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15194.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-15194

Aliases

Downstream

openSUSE-SU-2020:1766-1

openSUSE-SU-2024:12116-1

Related

Published

2020-09-25T19:15:14.683Z

Modified

2026-02-24T08:14:16.620920Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the SparseFillEmptyRowsGrad implementation has incomplete validation of the shapes of its arguments. Although reverse_index_map_t and grad_values_t are accessed in a similar pattern, only reverse_index_map_t is validated to be of proper shape. Hence, malicious users can pass a bad grad_values_t to trigger an assertion failure in vec, causing denial of service in serving installations. The issue is patched in commit 390611e0d45c5793c7066110af37c8514e6a6c54, and is released in TensorFlow versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1."

References

Affected packages

Git / github.com/mariadb-corporation/mariadb-connector-c

Affected ranges

Type: GIT
Repo: https://github.com/mariadb-corporation/mariadb-connector-c
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

11b367c484daeac45f374df781b35040244f01d4

Introduced

0050d719c7caea5e054024a3fa658ca033d5c3c0

Fixed

c531a873b1fc688e1f46535709689299ea2d2773

Affected versions

v2.*

v2.3.0

Database specific

vanir_signatures

[
    {
        "id": "CVE-2020-15194-10e546c0",
        "signature_version": "v1",
        "digest": {
            "function_hash": "332691142575505597962436646294795164702",
            "length": 8596.0
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Function",
        "target": {
            "file": "libmariadb/libmariadb.c",
            "function": "mysql_optionsv"
        }
    },
    {
        "id": "CVE-2020-15194-2e554757",
        "signature_version": "v1",
        "digest": {
            "function_hash": "212740885501229231742259311680989686870",
            "length": 11845.0
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Function",
        "target": {
            "file": "libmariadb/libmariadb.c",
            "function": "mthd_my_real_connect"
        }
    },
    {
        "id": "CVE-2020-15194-3ed9d9f2",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "211273231363826761919618481912997912999",
                "32456855776179887813363549728002466206",
                "13336989160160892145094467606948831049",
                "96293805336638600684867250568635733708"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Line",
        "target": {
            "file": "include/mysql.h"
        }
    },
    {
        "id": "CVE-2020-15194-5f4ff97f",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "85183069070107866896474035752852797912",
                "303133437982685790558400460743739235205",
                "62057464448458468672123717316113311414",
                "232485780607132625951510394828377092271",
                "244983195738579577534480265998113062130",
                "255196013624991541029500903444302980133"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Line",
        "target": {
            "file": "unittest/libmariadb/misc.c"
        }
    },
    {
        "id": "CVE-2020-15194-9c5a5440",
        "signature_version": "v1",
        "digest": {
            "function_hash": "11558561658406863945704975592232566953",
            "length": 1806.0
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Function",
        "target": {
            "file": "libmariadb/libmariadb.c",
            "function": "mysql_close_options"
        }
    },
    {
        "id": "CVE-2020-15194-b891f05a",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "295540036044909340299216074199202010332",
                "263839620306523306435967285863804624254",
                "137610094519753749025397053059811318403",
                "125374953399304959492095852903153774567"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Line",
        "target": {
            "file": "libmariadb/violite.c"
        }
    },
    {
        "id": "CVE-2020-15194-ba35b321",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "209018527176190575147841673879700472983",
                "82589837183487545694368695386413830431",
                "86123434847878339335546282152337164630",
                "9864766923900106963277999973883032918"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Line",
        "target": {
            "file": "unittest/libmariadb/connection.c"
        }
    },
    {
        "id": "CVE-2020-15194-c77bb0e3",
        "signature_version": "v1",
        "digest": {
            "function_hash": "313062732218867414130748375929229364880",
            "length": 371.0
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Function",
        "target": {
            "file": "unittest/libmariadb/misc.c",
            "function": "test_conc117"
        }
    },
    {
        "id": "CVE-2020-15194-ddcdb6c1",
        "signature_version": "v1",
        "digest": {
            "function_hash": "208146334185001555379891898428701690819",
            "length": 4695.0
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Function",
        "target": {
            "file": "libmariadb/libmariadb.c",
            "function": "mysql_read_default_options"
        }
    },
    {
        "id": "CVE-2020-15194-e8d16f8d",
        "signature_version": "v1",
        "digest": {
            "function_hash": "247326886076748174937861916441188160420",
            "length": 969.0
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Function",
        "target": {
            "file": "libmariadb/violite.c",
            "function": "vio_new"
        }
    },
    {
        "id": "CVE-2020-15194-f082226f",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "264326931400321527327837460689444042011",
                "334799284966675962832326195810759292566",
                "120872867087070533356926665289084205829",
                "294509545987151702490515786653764931001",
                "74810789639801233609721604292662193887",
                "328821811243624299249243807520988882853",
                "139481993710322483835680816721483914008",
                "277989057518840612153456092046142435483",
                "334872004571517811020962569175225349383",
                "22282913004555721950660649113130309053",
                "290572424443092832684369728471922134764",
                "308807040163910739275129735997207145675",
                "179084771751621516377790876375347669171",
                "182728954161355818630343211494770383223",
                "105046499856490451407010999912491666630",
                "50695723164471305928184926723782200482",
                "148817466265175262691418920497203097692",
                "243572853808638132233100265043538125982",
                "327200887171766959308919475507778079764",
                "52416940601744830452648194689413919438",
                "158522451068349908230294670905967022943",
                "184545455600101219162817699401904305680",
                "5246816156433701809234887132736905017",
                "58002569585476814036661499317586667789",
                "314269749104600867725278430566185116888",
                "144570346093209341991126558151629411643",
                "31390239749014884954620111242334038502",
                "17747643184738125432365463993630957987",
                "110646188429342859730665322849636986985",
                "120053070658564443178348428599422830265",
                "108778360671937507818709940245729032649",
                "65118996145351717604106493889207163011",
                "147906735878251861494645066329924464277",
                "32236866936356211112867879045653092230",
                "123168910826183338330634087793728938130",
                "103257615687536662521720988881536689580",
                "71989489020501684757795723034418521670",
                "148238203768641157250016698934013706008",
                "256025571416410592209858518299379529951",
                "319852961981850496474368932681834904532",
                "8415146735328499264133542665370045703",
                "2488746584873835011390000954337264727",
                "95757083039811581470063293388988714806",
                "269292732542120828957746848112314960824",
                "95602807291391518989662988841059020940"
            ]
        },
        "deprecated": false,
        "source": "https://github.com/mariadb-corporation/mariadb-connector-c/commit/11b367c484daeac45f374df781b35040244f01d4",
        "signature_type": "Line",
        "target": {
            "file": "libmariadb/libmariadb.c"
        }
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15194.json"