{"data":{"id":"68165e4b-001e-474a-857d-82f79787e06e","title":"CVE-2020-15194: In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `SparseFillEmptyRowsGrad` implementation has in","summary":"TensorFlow (an open-source machine learning library) before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 has a bug in the `SparseFillEmptyRowsGrad` function where it doesn't properly check the shape (dimensions) of one of its inputs called `grad_values_t`. An attacker could exploit this by sending invalid data to cause the program to crash, disrupting AI systems that use TensorFlow to serve predictions.","solution":"Update TensorFlow to version 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1 or later, which contain the patch released in commit 390611e0d45c5793c7066110af37c8514e6a6c54.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2020-15194","publishedAt":"2020-09-25T23:15:14.683Z","cveId":"CVE-2020-15194","cweIds":["CWE-20","CWE-617","CWE-617"],"cvssScore":"5.3","cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.0022,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}