{"data":{"id":"38c29ee7-3ac7-4ee8-ba25-d8069fd5705c","title":"CVE-2021-29564: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a null pointer dereferenc","summary":"TensorFlow, a machine learning platform, has a vulnerability in its EditDistance function where attackers can cause a null pointer dereference (a crash caused by accessing memory that doesn't exist) by sending specially crafted input parameters that don't get validated properly. The vulnerability allows attackers to potentially crash or disrupt TensorFlow applications.","solution":"The fix will be included in TensorFlow 2.5.0. The vulnerability will also be patched in earlier supported versions: TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3, and TensorFlow 2.1.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-29564","publishedAt":"2021-05-15T00:15:13.557Z","cveId":"CVE-2021-29564","cweIds":["CWE-476"],"cvssScore":"2.5","cvssSeverity":"low","severity":"low","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00015,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}