{"data":{"id":"7ced4da2-6496-49b6-bc46-da0288aafd65","title":"CVE-2020-15208: In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of ","summary":"TensorFlow Lite (a lightweight version of TensorFlow for mobile and embedded devices) before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1, and 2.3.1 has a bug where it doesn't properly check if two tensors (multi-dimensional arrays of data) have compatible sizes. An attacker can exploit this to cause the interpreter to read or write data outside of the allocated memory region, potentially crashing the program or enabling other attacks.","solution":"Update TensorFlow Lite to version 1.15.4, 2.0.3, 2.1.2, 2.2.1, or 2.3.1 or later. The issue was patched in commit 8ee24e7949a203d234489f9da2c5bf45a7d5157d.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2020-15208","publishedAt":"2020-09-25T23:15:16.103Z","cveId":"CVE-2020-15208","cweIds":["CWE-125","CWE-787"],"cvssScore":"7.4","cvssSeverity":"high","severity":"high","attackType":["model_evasion"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow","TensorFlow Lite"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.0033,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-100","CAPEC-540"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"inference","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}