{"data":{"id":"034bf6cb-650b-44f5-a8b1-314fae8c896f","title":"CVE-2021-29592: TensorFlow is an end-to-end open source platform for machine learning. The fix for CVE-2020-15209(https://cve.mitre.org/","summary":"A previous security fix for TensorFlow (a machine learning platform) didn't work properly when the Reshape operator (which changes a tensor's shape, or dimensions) received its target shape from a 1-D tensor (a single row of data). This incomplete fix accidentally allowed a problematic null-buffer-backed tensor (a data structure with no actual memory backing) to be used, creating a security weakness.","solution":"The fix will be included in TensorFlow 2.5.0 and will be backported (adapted for earlier versions) to TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3, and TensorFlow 2.1.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-29592","publishedAt":"2021-05-15T00:15:15.070Z","cveId":"CVE-2021-29592","cweIds":["CWE-476","CWE-476"],"cvssScore":"4.4","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00017,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}