[Git][security-tracker-team/security-tracker][master] more tensorflow updates
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Sep 2 14:09:39 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
75e45cb1 by Moritz Muehlenhoff at 2025-09-02T15:09:19+02:00
more tensorflow updates
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -281789,7 +281789,7 @@ CVE-2022-35981 (TensorFlow is an open source platform for machine learning. `Fra
CVE-2022-35980 (OpenSearch Security is a plugin for OpenSearch that offers encryption, ...)
NOT-FOR-US: OpenSearch Security plugin for OpenSearch
CVE-2022-35979 (TensorFlow is an open source platform for machine learning. If `Quanti ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35978 (Minetest is a free open-source voxel game engine with easy modding and ...)
- minetest 5.5.0+dfsg+~1.9.0mt4+dfsg-2 (bug #1017548)
[bullseye] - minetest <no-dsa> (Minor issue)
@@ -281806,37 +281806,37 @@ CVE-2022-35976 (The GitOps Tools Extension for VSCode relies on kubeconfigs in o
CVE-2022-35975 (The GitOps Tools Extension for VSCode can make it easier to manage Flu ...)
NOT-FOR-US: GitOps Tools Extension for VSCode
CVE-2022-35974 (TensorFlow is an open source platform for machine learning. If `Quanti ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35973 (TensorFlow is an open source platform for machine learning. If `Quanti ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35972 (TensorFlow is an open source platform for machine learning. If `Quanti ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35971 (TensorFlow is an open source platform for machine learning. If `FakeQu ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35970 (TensorFlow is an open source platform for machine learning. If `Quanti ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35969 (TensorFlow is an open source platform for machine learning. The implem ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35968 (TensorFlow is an open source platform for machine learning. The implem ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35967 (TensorFlow is an open source platform for machine learning. If `Quanti ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35966 (TensorFlow is an open source platform for machine learning. If `Quanti ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35965 (TensorFlow is an open source platform for machine learning. If `LowerB ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35964 (TensorFlow is an open source platform for machine learning. The implem ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35963 (TensorFlow is an open source platform for machine learning. The implem ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35962 (Zulip is an open source team chat and Zulip Mobile is an app for iOS a ...)
- zulip-server <itp> (bug #800052)
CVE-2022-35961 (OpenZeppelin Contracts is a library for secure smart contract developm ...)
NOT-FOR-US: OpenZeppelin
CVE-2022-35960 (TensorFlow is an open source platform for machine learning. In `core/k ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35959 (TensorFlow is an open source platform for machine learning. The implem ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35958
REJECTED
CVE-2022-35957 (Grafana is an open-source platform for monitoring and observability. V ...)
@@ -281850,7 +281850,7 @@ CVE-2022-35954 (The GitHub Actions ToolKit provides a set of packages to make cr
CVE-2022-35953 (BookWyrm is a social network for tracking your reading, talking about ...)
NOT-FOR-US: BookWyrm
CVE-2022-35952 (TensorFlow is an open source platform for machine learning. The `Unbat ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35951 (Redis is an in-memory database that persists on disk. Versions 7.0.0 a ...)
- redis 5:7.0.5-1 (bug #1020512)
[bullseye] - redis <not-affected> (Vulnerable code not present)
@@ -281882,21 +281882,21 @@ CVE-2022-35943 (Shield is an authentication and authorization framework for Code
CVE-2022-35942 (Improper input validation on the `contains` LoopBack filter may allow ...)
NOT-FOR-US: PostgreSQL connector for LoopBack
CVE-2022-35941 (TensorFlow is an open source platform for machine learning. The `AvgPo ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35940 (TensorFlow is an open source platform for machine learning. The `Ragge ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35939 (TensorFlow is an open source platform for machine learning. The `Scatt ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35938 (TensorFlow is an open source platform for machine learning. The `Gathe ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35937 (TensorFlow is an open source platform for machine learning. The `Gathe ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35936 (Ethermint is an Ethereum library. In Ethermint running versions before ...)
NOT-FOR-US: Ethermint
CVE-2022-35935 (TensorFlow is an open source platform for machine learning. The implem ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35934 (TensorFlow is an open source platform for machine learning. The implem ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-35933 (This package is a PrestaShop module that allows users to post reviews ...)
NOT-FOR-US: PrestaShop
CVE-2022-35932 (Nextcloud Talk is a video and audio conferencing app for Nextcloud. Pr ...)
@@ -301232,7 +301232,7 @@ CVE-2022-29217 (PyJWT is a Python implementation of RFC 7519. PyJWT supports mul
NOTE: https://github.com/jpadilla/pyjwt/commit/9c528670c455b8d948aff95ed50e22940d1ad3fc (2.4.0)
NOTE: https://github.com/jpadilla/pyjwt/releases/tag/2.4.0
CVE-2022-29216 (TensorFlow is an open source platform for machine learning. Prior to v ...)
- - tensorflow <itp> (bug #804612)
+ - tensorflow <not-affected> (Fixed before initial upload to the archive)
CVE-2022-29215 (RegionProtect is a plugin that allows users to manage certain events i ...)
NOT-FOR-US: PocketMine plugin
CVE-2022-29214 (NextAuth.js (next-auth) is am open source authentication solution for ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75e45cb13c57520fe210353c88770cc38abc278a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75e45cb13c57520fe210353c88770cc38abc278a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250902/1e5340ce/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list