{"data":{"id":"97f49656-306b-4c26-95f5-ffe4ef4e3c05","title":"CVE-2021-41214: TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged","summary":"TensorFlow, an open source machine learning platform, has a bug in its shape inference code for the `tf.ragged.cross` function where it tries to use a null pointer (a reference to nothing), causing undefined behavior. The vulnerability is caused by accessing an uninitialized pointer (a memory location that hasn't been set up yet).","solution":"The fix will be included in TensorFlow 2.7.0. Patches will also be backported (applied to earlier versions) to TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-41214","publishedAt":"2021-11-06T01:15:08.940Z","cveId":"CVE-2021-41214","cweIds":["CWE-824","CWE-824"],"cvssScore":"7.8","cvssSeverity":"high","severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00018,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}