{"data":{"id":"9a7f9ced-9ed4-4f31-afff-56bdbc9b5169","title":"CVE-2021-29547: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a segfault and denial of se","summary":"TensorFlow, an open source machine learning platform, has a vulnerability in a specific operation called `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization` that allows attackers to crash the system by accessing memory outside intended bounds. The bug occurs when the operation receives empty inputs, causing it to try to read from an invalid memory location.","solution":"The fix will be included in TensorFlow 2.5.0. Additionally, the fix will be backported (applied to older versions) in TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3, and TensorFlow 2.1.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-29547","publishedAt":"2021-05-15T00:15:12.763Z","cveId":"CVE-2021-29547","cweIds":["CWE-125"],"cvssScore":"2.5","cvssSeverity":"low","severity":"low","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00015,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-540"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}