Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.

Requests 2.31.0 includes a fix for CVE-2023-32681: Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use 'rebuild_proxies' to reattach the 'Proxy-Authorization' header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the 'Proxy-Authorization' header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information.

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.

Requests 2.31.0 includes a fix for CVE-2023-32681: Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use 'rebuild_proxies' to reattach the 'Proxy-Authorization' header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the 'Proxy-Authorization' header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information.

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Cryptography version 42.0.5 introduces a limit on the number of name constraint checks during X.509 path validation to prevent denial of service attacks.
https://github.com/pyca/cryptography/commit/4be53bf20cc90cbac01f5f94c5d1aecc5289ba1f

Cryptography 41.0.6 includes a fix for CVE-2023-49083: NULL-dereference when loading PKCS7 certificates.
https://github.com/advisories/GHSA-jfhm-5ghh-2f97

The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.

Cryptography 41.0.0 updates its dependency 'OpenSSL' to v3.1.1 to include a security fix.
https://github.com/pyca/cryptography/commit/8708245ccdeaff21d65eea68a4f8d2a7c5949a22

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 39.0.1 includes a fix for CVE-2022-3996, a DoS vulnerability affecting openssl.
https://github.com/pyca/cryptography/issues/7940

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.4 updates Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3, that includes a security fix.
https://github.com/pyca/cryptography/commit/fc11bce6930e591ce26a2317b31b9ce2b3e25512

Cryptography 39.0.1 includes a fix for CVE-2023-23931: In affected versions 'Cipher.update_into' would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as 'bytes') to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This issue has been present since 'update_into' was originally introduced in cryptography 1.8.
https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. See CVE-2023-50782.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.3 updates its bundled OpenSSL version to include a fix for a Denial of Service vulnerability.
https://github.com/pyca/cryptography/commit/b22271cf3c3dd8dc8978f8f4b00b5c7060b6538d
https://www.openssl.org/news/secadv/20230731.txt

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.3 updates its bundled OpenSSL version to include a fix for a Denial of Service vulnerability.
https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
https://www.openssl.org/news/secadv/20230719.txt

Cryptography 41.0.3  updates its bundled OpenSSL version to include a fix for CVE-2023-2975: AES-SIV implementation ignores empty associated data entries.
https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
https://www.openssl.org/news/secadv/20230714.txt

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography starting from version 42.0.0 updates its CI configurations to use newer versions of BoringSSL or OpenSSL as a countermeasure to CVE-2023-5678. This vulnerability, affecting the package, could cause Denial of Service through specific DH key generation and verification functions when given overly long parameters.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.5 updates Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4, that includes a security fix.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example user-supplied input files). This vulnerability only affects PyArrow, not other Apache Arrow implementations or bindings. It is recommended that users of PyArrow upgrade to 14.0.1. Similarly, it is recommended that downstream libraries upgrade their dependency requirements to PyArrow 14.0.1 or later. PyPI packages are already available, and we hope that conda-forge packages will be available soon. If it is not possible to upgrade, we provide a separate package `pyarrow-hotfix` that disables the vulnerability on older PyArrow versions. See https://pypi.org/project/pyarrow-hotfix/ for instructions.

Requests 2.31.0 includes a fix for CVE-2023-32681: Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use 'rebuild_proxies' to reattach the 'Proxy-Authorization' header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the 'Proxy-Authorization' header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information.

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Cryptography version 42.0.5 introduces a limit on the number of name constraint checks during X.509 path validation to prevent denial of service attacks.
https://github.com/pyca/cryptography/commit/4be53bf20cc90cbac01f5f94c5d1aecc5289ba1f

Cryptography 41.0.6 includes a fix for CVE-2023-49083: NULL-dereference when loading PKCS7 certificates.
https://github.com/advisories/GHSA-jfhm-5ghh-2f97

The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.

Cryptography 41.0.0 updates its dependency 'OpenSSL' to v3.1.1 to include a security fix.
https://github.com/pyca/cryptography/commit/8708245ccdeaff21d65eea68a4f8d2a7c5949a22

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 39.0.1 includes a fix for CVE-2022-3996, a DoS vulnerability affecting openssl.
https://github.com/pyca/cryptography/issues/7940

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.4 updates Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3, that includes a security fix.
https://github.com/pyca/cryptography/commit/fc11bce6930e591ce26a2317b31b9ce2b3e25512

Cryptography 39.0.1 includes a fix for CVE-2023-23931: In affected versions 'Cipher.update_into' would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as 'bytes') to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This issue has been present since 'update_into' was originally introduced in cryptography 1.8.
https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. See CVE-2023-50782.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.3 updates its bundled OpenSSL version to include a fix for a Denial of Service vulnerability.
https://github.com/pyca/cryptography/commit/b22271cf3c3dd8dc8978f8f4b00b5c7060b6538d
https://www.openssl.org/news/secadv/20230731.txt

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.3 updates its bundled OpenSSL version to include a fix for a Denial of Service vulnerability.
https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
https://www.openssl.org/news/secadv/20230719.txt

Cryptography 41.0.3  updates its bundled OpenSSL version to include a fix for CVE-2023-2975: AES-SIV implementation ignores empty associated data entries.
https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
https://www.openssl.org/news/secadv/20230714.txt

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography starting from version 42.0.0 updates its CI configurations to use newer versions of BoringSSL or OpenSSL as a countermeasure to CVE-2023-5678. This vulnerability, affecting the package, could cause Denial of Service through specific DH key generation and verification functions when given overly long parameters.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.5 updates Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4, that includes a security fix.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example user-supplied input files). This vulnerability only affects PyArrow, not other Apache Arrow implementations or bindings. It is recommended that users of PyArrow upgrade to 14.0.1. Similarly, it is recommended that downstream libraries upgrade their dependency requirements to PyArrow 14.0.1 or later. PyPI packages are already available, and we hope that conda-forge packages will be available soon. If it is not possible to upgrade, we provide a separate package `pyarrow-hotfix` that disables the vulnerability on older PyArrow versions. See https://pypi.org/project/pyarrow-hotfix/ for instructions.

Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example user-supplied input files). This vulnerability only affects PyArrow, not other Apache Arrow implementations or bindings. It is recommended that users of PyArrow upgrade to 14.0.1. Similarly, it is recommended that downstream libraries upgrade their dependency requirements to PyArrow 14.0.1 or later. PyPI packages are already available, and we hope that conda-forge packages will be available soon. If it is not possible to upgrade, we provide a separate package `pyarrow-hotfix` that disables the vulnerability on older PyArrow versions. See https://pypi.org/project/pyarrow-hotfix/ for instructions.

Requests 2.31.0 includes a fix for CVE-2023-32681: Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use 'rebuild_proxies' to reattach the 'Proxy-Authorization' header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the 'Proxy-Authorization' header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information.

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Cryptography version 42.0.5 introduces a limit on the number of name constraint checks during X.509 path validation to prevent denial of service attacks.
https://github.com/pyca/cryptography/commit/4be53bf20cc90cbac01f5f94c5d1aecc5289ba1f

Cryptography 41.0.6 includes a fix for CVE-2023-49083: NULL-dereference when loading PKCS7 certificates.
https://github.com/advisories/GHSA-jfhm-5ghh-2f97

The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.

Cryptography 41.0.0 updates its dependency 'OpenSSL' to v3.1.1 to include a security fix.
https://github.com/pyca/cryptography/commit/8708245ccdeaff21d65eea68a4f8d2a7c5949a22

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 39.0.1 includes a fix for CVE-2022-3996, a DoS vulnerability affecting openssl.
https://github.com/pyca/cryptography/issues/7940

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.4 updates Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3, that includes a security fix.
https://github.com/pyca/cryptography/commit/fc11bce6930e591ce26a2317b31b9ce2b3e25512

Cryptography 39.0.1 includes a fix for CVE-2023-23931: In affected versions 'Cipher.update_into' would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as 'bytes') to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This issue has been present since 'update_into' was originally introduced in cryptography 1.8.
https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. See CVE-2023-50782.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.3 updates its bundled OpenSSL version to include a fix for a Denial of Service vulnerability.
https://github.com/pyca/cryptography/commit/b22271cf3c3dd8dc8978f8f4b00b5c7060b6538d
https://www.openssl.org/news/secadv/20230731.txt

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.3 updates its bundled OpenSSL version to include a fix for a Denial of Service vulnerability.
https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
https://www.openssl.org/news/secadv/20230719.txt

Cryptography 41.0.3  updates its bundled OpenSSL version to include a fix for CVE-2023-2975: AES-SIV implementation ignores empty associated data entries.
https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
https://www.openssl.org/news/secadv/20230714.txt

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography starting from version 42.0.0 updates its CI configurations to use newer versions of BoringSSL or OpenSSL as a countermeasure to CVE-2023-5678. This vulnerability, affecting the package, could cause Denial of Service through specific DH key generation and verification functions when given overly long parameters.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.5 updates Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4, that includes a security fix.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Flask 2.2.5 and 2.3.2 include a fix for CVE-2023-30861: When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches 'Set-Cookie' headers, it may send one client's 'session' cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met:
1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.
2. The application sets 'session.permanent = True'
3. The application does not access or modify the session at any point during a request.
4. 'SESSION_REFRESH_EACH_REQUEST' enabled (the default).
5. The application does not set a 'Cache-Control' header to indicate that a page is private or should not be cached.
This happens because vulnerable versions of Flask only set the 'Vary: Cookie' header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified.
https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example user-supplied input files). This vulnerability only affects PyArrow, not other Apache Arrow implementations or bindings. It is recommended that users of PyArrow upgrade to 14.0.1. Similarly, it is recommended that downstream libraries upgrade their dependency requirements to PyArrow 14.0.1 or later. PyPI packages are already available, and we hope that conda-forge packages will be available soon. If it is not possible to upgrade, we provide a separate package `pyarrow-hotfix` that disables the vulnerability on older PyArrow versions. See https://pypi.org/project/pyarrow-hotfix/ for instructions.

Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.

Deserialization of untrusted data in IPC and Parquet readers in PyArrow versions 0.14.0 to 14.0.0 allows arbitrary code execution. An application is vulnerable if it reads Arrow IPC, Feather or Parquet data from untrusted sources (for example user-supplied input files). This vulnerability only affects PyArrow, not other Apache Arrow implementations or bindings. It is recommended that users of PyArrow upgrade to 14.0.1. Similarly, it is recommended that downstream libraries upgrade their dependency requirements to PyArrow 14.0.1 or later. PyPI packages are already available, and we hope that conda-forge packages will be available soon. If it is not possible to upgrade, we provide a separate package `pyarrow-hotfix` that disables the vulnerability on older PyArrow versions. See https://pypi.org/project/pyarrow-hotfix/ for instructions.

Requests 2.31.0 includes a fix for CVE-2023-32681: Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use 'rebuild_proxies' to reattach the 'Proxy-Authorization' header to requests. For HTTP connections sent through the tunnel, the proxy will identify the header in the request itself and remove it prior to forwarding to the destination server. However when sent over HTTPS, the 'Proxy-Authorization' header must be sent in the CONNECT request as the proxy has no visibility into the tunneled request. This results in Requests forwarding proxy credentials to the destination server unintentionally, allowing a malicious actor to potentially exfiltrate sensitive information.

Impact: A recurring instance of CVE-2022-35935 has been observed and addressed. In this case, `SobolSample` is prone to denial of service due to assumed scalar inputs. You can replicate this using the following code in Python:

```python 
import tensorflow as tf 
tf.raw_ops.SobolSample(dim=tf.constant([1,0]), num_results=tf.constant([1]), skip=tf.constant([1])) 
```

Patches: Corrective measures have been taken and the issue has been patched via GitHub commits c65c67f88ad770662e8f191269a907bf2b94b1bf and 02400ea266bd811fc016a848445de1bbff3a23a0. These fixes will be integrated in the forthcoming TensorFlow 2.11 release and will also be added to TensorFlow 2.10.1, 2.9.3, and 2.8.4 as they fall within the supported range. Furthermore, the initial commit will be incorporated into TensorFlow 2.7.4.

For more information: You can refer to the TensorFlow's security guide for comprehensive insights into the security model and for details on how to contact them for queries or issues.

Attribution: This vulnerability was reported by Kang Hong Jin from Singapore Management University, Neophytos Christou from Secure Systems Labs at Brown University, Liu Liyuan from the Information System & Security and Countermeasures Experiments Center at Beijing Institute of Technology, and Pattarakrit Rattankul.

TensorFlow is an open source platform for machine learning. An input 'sparse_matrix' that is not a matrix with a shape with rank 0 will trigger a 'CHECK' fail in 'tf.raw_ops.SparseMatrixNNZ'. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41880: When the 'BaseCandidateSamplerOp' function receives a value in 'true_classes' larger than 'range_max', a heap oob read occurs.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8w5g-3wcv-9g2j

Affected versions of TensorFlow are susceptible to a Denial of Service (DoS) attack caused by an issue similar to CVE-2022-35991, occurring in TensorListScatter and TensorListScatterV2 when non-scalar inputs are used.

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41886: When 'tf.raw_ops.ImageProjectiveTransformV2' is given a large output shape, it overflows.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-54pp-c6pp-7fpx

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35960: 'CHECK' failure in 'TensorListReserve' via missing validation.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v5xg-3q2c-c2r4

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25676: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.ParallelConcat' segfaults with a nullptr dereference when given a parameter 'shape' with rank that is not greater than zero.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6wfh-89q8-44jq

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36002: 'CHECK' fail in 'Unbatch'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mh3m-62v7-68xg

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41910: The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-frqp-wp83-qggv

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35973: Segfault in 'QuantizedMatMul'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-689c-r7h2-fv9v

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25663: Prior to versions 2.12.0 and 2.11.1, when 'ctx->step_containter()' is a null ptr, the Lookup function will be executed with a null pointer.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-64jg-wjww-7c5w

TensorFlow 2.8.4, 2.9.3, 2.10.1 and 2.11.0 include a fix for CVE-2022-35991: 'CHECK' fail in 'TensorListScatter' and 'TensorListScatterV2'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vm7x-4qhj-rrcq
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xf83-q765-xm6m

Various versions of tensorflow are susceptible to a Denial of Service (DoS) attack stemming from a vulnerability similar to CVE-2022-35935, which occurs in SobolSample due to the handling of scalar inputs.

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35959: 'CHECK' failures in 'AvgPool3DGrad'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wxjj-cgcx-r3vq

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25801: Prior to versions 2.12.0 and 2.11.1, 'nn_ops.fractional_avg_pool_v2' and 'nn_ops.fractional_max_pool_v2' require the first and fourth elements of their parameter 'pooling_ratio' to be equal to 1.0, as pooling on batch and channel dimensions is not supported.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f49c-87jh-g47q

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25659: Prior to versions 2.12.0 and 2.11.1, if the parameter 'indices' for 'DynamicStitch' does not match the shape of the parameter 'data', it can trigger an stack OOB read.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-93vr-9q9m-pj8p

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25661: In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the 'Convolution3DTranspose' function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a 'Convolution3DTranspose' call.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxgc-95xx-grvq

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35972: Segfault in 'QuantizedBiasAdd'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4pc4-m9mj-v2r9

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35994: 'CHECK' fail in 'CollectiveGather'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fhfc-2q7x-929f

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41900: The security vulnerability results in FractionalMax(AVG)Pool with illegal pooling_ratio. Attackers using Tensorflow can exploit the vulnerability. They can access heap memory which is not in the control of user, leading to a crash or remote code execution.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvwp-h6jv-7472

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25664: Prior to versions 2.12.0 and 2.11.1, there is a heap buffer overflow in TAvgPoolGrad.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hg6-5c2q-7rcr

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41895: If 'MirrorPadGrad' is given outsize input 'paddings', TensorFlow will give a heap OOB error.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gq2j-cr96-gvqx

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25665: Prior to versions 2.12.0 and 2.11.1, when 'SparseSparseMaximum' is given invalid sparse tensors as inputs, it can give a null pointer error.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-558h-mq8x-7q9g

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35981: 'CHECK' fail in 'FractionalMaxPoolGrad'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vxv8-r8q2-63xw

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35969: 'CHECK' fail in 'Conv2DBackpropInput'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q2c3-jpmc-gfjx

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41902: The function MakeGrapplerFunctionItem takes arguments that determine the sizes of inputs and outputs. If the inputs given are greater than or equal to the sizes of the outputs, an out-of-bounds memory read or a crash is triggered.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cg88-rpvp-cjv5

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25668: Attackers using Tensorflow prior to 2.12.0 or 2.11.1 can access heap memory which is not in the control of user, leading to a crash or remote code execution.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gw97-ff7c-9v96

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36012: Assertion fail on MLIR empty edge names.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jvhc-5hhr-w3v5

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35968: 'CHECK' fail in 'AvgPoolGrad'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2475-53vw-vp25

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36011: Null dereference on MLIR on empty function attributes.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fv43-93gv-vm8f

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36019: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannel'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9j4v-pp28-mxv7

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36000: 'CHECK' fail in 'Eig'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqxc-pvf8-2w9v

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-27579: Constructing a tflite model with a paramater 'filter_input_channel' of less than 1 gives a FPE.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5w96-866f-6rm8

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41889: If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a 'nullptr', which is not caught. An example can be seen in 'tf.compat.v1.extract_volume_patches' by passing in quantized tensors as input 'ksizes'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xxcj-rhqg-m46g

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25672: The function 'tf.raw_ops.LookupTableImportV2' cannot handle scalars in the 'values' parameter and gives an NPE. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41899: TensorFlow is an open source platform for machine learning. Inputs 'dense_features' or 'example_state_data' not of rank 2 will trigger a 'CHECK' fail in 'SdcaOptimizer'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27rc-728f-x5w2

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41890: If 'BCast::ToShape' is given input larger than an 'int32', it will crash, despite being supposed to handle up to an 'int64'. An example can be seen in 'tf.experimental.numpy.outer' by passing in large input to the input 'b'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h246-cgh4-7475

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35990: 'CHECK' fail in 'FakeQuantWithMinMaxVarsPerChannelGradient'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h7ff-cfc9-wmmh

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35983: 'CHECK' fail in 'Save' and 'SaveSlices'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6vp-8q9j-whx4

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35992: 'CHECK' fail in 'TensorListFromTensor'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9v8w-xmr4-wgxp

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25674: Versions prior to 2.12.0 and 2.11.1 have a null pointer error in RandomShuffle with XLA enabled.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf97-q72m-7579

Improper buffer restrictions in Intel(R) Optimization for TensorFlow before version 2.13.0 may allow an authenticated user to potentially enable escalation of privilege via local access. See CVE-2023-30767.

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36015: Integer overflow in math ops. 
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rh87-q4vg-m45j

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36004: 'CHECK' fail in 'tf.random.gamma'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv8m-8x97-937q

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35963: 'CHECK' failures in 'FractionalAvgPoolGrad'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-84jm-4cf3-9jfm

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36003: 'CHECK' fail in 'RandomPoissonV2'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cv2p-32v3-vhwq

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41897: If 'FractionMaxPoolGrad' is given outsize inputs 'row_pooling_sequence' and 'col_pooling_sequence', TensorFlow will crash.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f2w8-jw48-fr7j

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35966: Segfault in 'QuantizedAvgPool'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4w68-4x85-mjj9

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41911: When printing a tensor, we get it's data as a 'const char*' array (since that's the underlying storage) and then we typecast it to the element type. However, conversions from 'char' to 'bool' are undefined if the 'char' is not '0' or '1', so sanitizers/fuzzers will crash.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pf36-r9c6-h97j

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41907: When 'tf.raw_ops.ResizeNearestNeighborGrad' is given a large 'size' input, it overflows.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-368v-7v32-52fx

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41898: If 'SparseFillEmptyRowsGrad' is given empty inputs, TensorFlow will crash.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hq7g-wwwp-q46h

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25660: Prior to versions 2.12.0 and 2.11.1, when the parameter 'summarize' of 'tf.raw_ops.Print' is zero, the new method 'SummarizeArray<bool>' will reference to a nullptr, leading to a seg fault.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjqc-vqcf-5qvj

The effect of CVE-2022-35991 was seen once more, where TensorListScatter and TensorListScatterV2 could potentially crash due to non scalar inputs in the element_shape parameter while in eager mode. This issue has been identified and resolved. The issue was identified when the following Python code was executed:

```python 
import tensorflow as tf 
arg_0=tf.random.uniform(shape=(2, 2, 2), dtype=tf.float16, maxval=None) 
arg_1=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) 
arg_2=tf.random.uniform(shape=(2, 2, 2), dtype=tf.int32, maxval=65536) 
arg_3='' 
tf.raw_ops.TensorListScatter(tensor=arg_0, indices=arg_1,  element_shape=arg_2, name=arg_3) 
```

A patch to resolve this issue is available in the GitHub commit bf9932fc907aff0e9e8cccf769e8b00d30fd81a1. This fix will be part of TensorFlow 2.11. Additionally, the commitment will be selected for TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these versions are also known to be affected and still under supported range.

For further details, please refer to TensorFlow's security guide. If there is any issue or question, contact us please.

The person who brought this vulnerability to our attention is Pattarakrit Rattankul.

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35997: 'CHECK' fail in 'tf.sparse.cross'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p7hr-f446-x6qf

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35999: 'CHECK' fail in 'Conv2DBackpropInput'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-37jf-mjv6-xfqw

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36027: Segfault TFLite converter on per-channel quantized transposed convolutions.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-79h2-q768-fpxr

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41894: The reference kernel of the 'CONV_3D_TRANSPOSE' TensorFlow Lite operator wrongly increments the data_ptr when adding the bias to the result. Instead of 'data_ptr += num_channels;' it should be 'data_ptr += output_num_channels;' as if the number of input channels is different than the number of output channels, the wrong result will be returned and a buffer overflow will occur if num_channels > output_num_channels. An attacker can craft a model with a specific number of input channels. It is then possible to write specific values through the bias of the layer outside the bounds of the buffer. This attack only works if the reference kernel resolver is used in the interpreter.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6q3-vv32-2cq5

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35939: OOB write in 'scatter_nd' op in TF Lite.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ffjm-4qwc-7cmf

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35996: Floating point exception in 'Conv2D'. 
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q5jv-m6qw-5g37

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35941: 'CHECK' failure in 'AvgPoolOp'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mgmh-g2v6-mqw5

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36018: 'CHECK' fail in 'RaggedTensorToVariant'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m6cv-4fmf-66xf

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35974: Segfault in 'QuantizeDownAndShrinkRange'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vgvh-2pf4-jr2x

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35970: Segfault in 'QuantizedInstanceNorm'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g35r-369w-3fqp

TensorFlow 2.8.4, 2.9.3, 2.10.1 and 2.11.0 include a fix for CVE-2022-35935: 'CHECK' failure in 'SobolSample' via missing validation.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-97p7-w86h-vcf9
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqvq-fvhr-v6hc

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35967: Segfault in 'QuantizedAdd'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6h3-348g-6h5x

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25675: When running versions prior to 2.12.0 and 2.11.1 with XLA, 'tf.raw_ops.Bincount' segfaults when given a parameter 'weights' that is neither the same shape as parameter 'arr' nor a length-0 tensor.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7x4v-9gxg-9hwj

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36017: Segfault in 'Requantize'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wqmc-pm8c-2jhc

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25671: There is out-of-bounds access due to mismatched integer type sizes.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j5w9-hmfh-4cr6

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35937: OOB read in 'Gather_nd' op in TF Lite.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pxrw-j2fv-hx3h

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36001: 'CHECK' fail in 'DrawBoundingBoxes'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jqm7-m5q7-3hm5

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41884: If a numpy array is created with a shape such that one element is zero and the others sum to a large number, an error will be raised. 
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jq6x-99hj-q636

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25670: Versions prior to 2.12.0 and 2.11.1 have a null point error in QuantizedMatMulWithBiasAndDequantize with MKL enabled.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rq-hwc3-x77w

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41909: An input 'encoded' that is not a valid 'CompositeTensorVariant' tensor will trigger a segfault in 'tf.raw_ops.CompositeTensorVariantToComponents'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rjx6-v474-2ch9

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35995: 'CHECK' fail in 'AudioSummaryV2'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g9h5-vr8m-x2h4

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36005: 'CHECK' fail in 'FakeQuantWithMinMaxVarsGradient'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r26c-679w-mrjm

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41891: If 'tf.raw_ops.TensorListConcat' is given 'element_shape=[]', it results segmentation fault which can be used to trigger a denial of service attack.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-66vq-54fq-6jvv

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41888: When running on GPU, 'tf.image.generate_bounding_box_proposals' receives a 'scores' input that must be of rank 4 but is not checked.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6x99-gv2v-q76v

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25673: Versions prior to 2.12.0 and 2.11.1 have a Floating Point Exception in TensorListSplit with XLA. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36016: 'CHECK'-fail in 'tensorflow::full_type::SubstituteFromAttrs'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g468-qj8g-vcjc

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35989: 'CHECK' fail in 'MaxPool'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j43h-pgmg-5hjq

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35987: 'CHECK' fail in 'DenseBincount'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w62h-8xjm-fv49

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25658: Prior to versions 2.12.0 and 2.11.1, an out of bounds read is in GRUBlockCellGrad.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-68v3-g9cm-rmm6

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35934: 'CHECK' failure in tf.reshape via overflows.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f4w6-h4f5-wx45

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35993: 'CHECK' fail in 'SetSize'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wq6q-6m32-9rv9

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25662: Versions prior to 2.12.0 and 2.11.1 are vulnerable to integer overflow in EditDistance.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7jvm-xxmr-v5cw

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25667: Prior to versions 2.12.0 and 2.11.1, integer overflow occurs when '2^31 <= num_frames * height * width * channels < 2^32', for example Full HD screencast of at least 346 frames.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fqm2-gh8w-gr68

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35982: Segfault in 'SparseBincount'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-397c-5g2j-qxpv

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35952: 'CHECK' failures in 'UnbatchGradOp'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h5vq-gw2c-pq47

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41893: If 'tf.raw_ops.TensorListResize' is given a nonscalar value for input 'size', it results 'CHECK' fail which can be used to trigger a denial of service attack.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-67pf-62xr-q35m

Tensorflow 2.9.3 and 2.10.1 include a fix for CVE-2022-41887: 'tf.keras.losses.poisson' receives a 'y_pred' and 'y_true' that are passed through 'functor::mul' in 'BinaryOp'. If the resulting dimensions overflow an 'int32', TensorFlow will crash due to a size mismatch during broadcast assignment.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8fvv-46hw-vpg3

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36026: 'CHECK' fail in 'QuantizeAndDequantizeV3'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9cr2-8pwr-fhfq

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35998: 'CHECK' fail in 'EmptyTensorList'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qhw4-wwr7-gjc5

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41908: TensorFlow is an open source platform for machine learning. An input 'token' that is not a UTF-8 bytestring will trigger a 'CHECK' fail in 'tf.raw_ops.PyFunc'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv77-9g28-cwg3

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25666: Prior to versions 2.12.0 and 2.11.1, there is a floating point exception in AudioSpectrogram. A fix is included in TensorFlow version 2.12.0 and version 2.11.1.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f637-vh3r-vfh2

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35988: 'CHECK' fail in 'tf.linalg.matrix_rank'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vqj-64pv-w55c

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35986: Segfault in 'RaggedBincount'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wr9v-g9vf-c74v

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35979: Segfault in 'QuantizedRelu' and 'QuantizedRelu6'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v7vw-577f-vp8x

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35971: 'CHECK' fail in 'FakeQuantWithMinMaxVars'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9fpg-838v-wpv7

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35984: 'CHECK' fail in 'ParameterizedTruncatedNormal'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p2xf-8hgm-hpw5

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35965: Segfault in 'LowerBound' and 'UpperBound'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qxpx-j395-pw36

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35964: Segfault in 'BlockLSTMGradV2'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f7r5-q7cx-h668

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41896: If 'ThreadUnsafeUnigramCandidateSampler' is given input 'filterbank_channel_count' greater than the allowed max size, TensorFlow will crash.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rmg2-f698-wq35

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35985: 'CHECK' fail in 'LRNGrad'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9942-r22v-78cp

Tensorflow 2.11.1 and 2.12.0 include a fix for CVE-2023-25669: Prior to versions 2.12.0 and 2.11.1, if the stride and window size are not positive for 'tf.raw_ops.AvgPoolGrad', it can give a floating point exception.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rcf8-g8jv-vg6p

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36013: Null-dereference in 'mlir::tfg::GraphDefImporter::ConvertNodeDef'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-828c-5j5q-vrjq

Tensorflow 2.8.4, 2.9.3 and 2.10.1 include a fix for CVE-2022-41885: When 'tf.raw_ops.FusedResizeAndPadConv2D' is given a large tensor shape, it overflows.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-762h-vpvw-3rcx

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-35940: Int overflow in 'RaggedRangeOp'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x989-q2pq-4q5x

TensorFlow 2.7.4, 2.8.3 and 2.9.2 include a fix for CVE-2022-36014: Null-dereference in 'mlir::tfg::TFOp::nameAttr'.
https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7j3m-8g3c-9qqq

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563

Setuptools 65.5.1 includes a fix for CVE-2022-40897: Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py.
https://pyup.io/posts/pyup-discovers-redos-vulnerabilities-in-top-python-packages

Cryptography version 42.0.5 introduces a limit on the number of name constraint checks during X.509 path validation to prevent denial of service attacks.
https://github.com/pyca/cryptography/commit/4be53bf20cc90cbac01f5f94c5d1aecc5289ba1f

Cryptography 41.0.6 includes a fix for CVE-2023-49083: NULL-dereference when loading PKCS7 certificates.
https://github.com/advisories/GHSA-jfhm-5ghh-2f97

The cryptography package before 41.0.2 for Python mishandles SSH certificates that have critical options.

Cryptography 41.0.0 updates its dependency 'OpenSSL' to v3.1.1 to include a security fix.
https://github.com/pyca/cryptography/commit/8708245ccdeaff21d65eea68a4f8d2a7c5949a22

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 39.0.1 includes a fix for CVE-2022-3996, a DoS vulnerability affecting openssl.
https://github.com/pyca/cryptography/issues/7940

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.4 updates Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.3, that includes a security fix.
https://github.com/pyca/cryptography/commit/fc11bce6930e591ce26a2317b31b9ce2b3e25512

Cryptography 39.0.1 includes a fix for CVE-2023-23931: In affected versions 'Cipher.update_into' would accept Python objects which implement the buffer protocol, but provide only immutable buffers. This would allow immutable objects (such as 'bytes') to be mutated, thus violating fundamental rules of Python and resulting in corrupted output. This issue has been present since 'update_into' was originally introduced in cryptography 1.8.
https://github.com/pyca/cryptography/security/advisories/GHSA-w7pp-m8wf-vj6r

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data. See CVE-2023-50782.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.3 updates its bundled OpenSSL version to include a fix for a Denial of Service vulnerability.
https://github.com/pyca/cryptography/commit/b22271cf3c3dd8dc8978f8f4b00b5c7060b6538d
https://www.openssl.org/news/secadv/20230731.txt

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.3 updates its bundled OpenSSL version to include a fix for a Denial of Service vulnerability.
https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
https://www.openssl.org/news/secadv/20230719.txt

Cryptography 41.0.3  updates its bundled OpenSSL version to include a fix for CVE-2023-2975: AES-SIV implementation ignores empty associated data entries.
https://github.com/pyca/cryptography/commit/bfa4d95f0f356f2d535efd5c775e0fb3efe90ef2
https://www.openssl.org/news/secadv/20230714.txt

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography starting from version 42.0.0 updates its CI configurations to use newer versions of BoringSSL or OpenSSL as a countermeasure to CVE-2023-5678. This vulnerability, affecting the package, could cause Denial of Service through specific DH key generation and verification functions when given overly long parameters.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Cryptography 41.0.5 updates Windows, macOS, and Linux wheels to be compiled with OpenSSL 3.1.4, that includes a security fix.

Cryptography 39.0.1 updates its dependency 'OpenSSL' to v3.0.8 to include security fixes.
https://github.com/pyca/cryptography/issues/8229

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Lxml 4.9.1 includes a fix for CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a denial of service (or application crash). This only applies when lxml is used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and earlier are not affected. It allows triggering crashes through forged input data, given a vulnerable code sequence in the application. The vulnerability is caused by the iterwalk function (also used by the canonicalize function). Such code shouldn't be in wide-spread use, given that parsing + iterwalk would usually be replaced with the more efficient iterparse function. However, an XML converter that serialises to C14N would also be vulnerable, for example, and there are legitimate use cases for this code sequence. If untrusted input is received (also remotely) and processed via iterwalk function, a crash can be triggered.

Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints.
https://github.com/sqlalchemy/sqlalchemy/pull/8563