{"data":{"id":"25c17f08-8102-458c-8a8d-6e66ee1ef364","title":"CVE-2021-29514: TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does","summary":"TensorFlow has a vulnerability in its RaggedBincount operation where invalid input arguments can cause a heap buffer overflow (a crash or memory corruption from accessing memory outside allocated bounds). An attacker can craft malicious input to make the code read or write to memory it shouldn't access, potentially compromising the system running the code.","solution":"The fix will be included in TensorFlow 2.5.0. The vulnerability will also be patched in TensorFlow 2.4.2 and TensorFlow 2.3.3.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-29514","publishedAt":"2021-05-15T00:15:11.247Z","cveId":"CVE-2021-29514","cweIds":["CWE-787"],"cvssScore":"2.5","cvssSeverity":"low","severity":"low","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00018,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-100"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}