{"data":{"id":"12817afe-47cc-467c-a6e8-856b4e371e5f","title":"CVE-2021-37650: TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.r","summary":"TensorFlow, a machine learning platform, has a vulnerability in two functions that can cause a heap buffer overflow (writing data past the end of allocated memory) and crash the program when processing dataset records. The code incorrectly assumes all records are strings without checking, but users might pass numeric types instead, triggering the error.","solution":"The issue was patched in GitHub commit e0b6e58c328059829c3eb968136f17aa72b6c876. The fix is included in TensorFlow 2.6.0 and was also applied to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-37650","publishedAt":"2021-08-13T01:15:08.077Z","cveId":"CVE-2021-37650","cweIds":["CWE-120","CWE-787"],"cvssScore":"7.8","cvssSeverity":"high","severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00014,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-100"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}