{"data":{"id":"ce70547d-b2e6-41c9-a7eb-dad6f1d21264","title":"CVE-2021-29606: TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an","summary":"TensorFlow, an open source machine learning platform, has a vulnerability in TFLite (TensorFlow Lite, a lightweight version for mobile devices) where a maliciously designed model can trigger an OOB read (out-of-bounds read, accessing memory outside the intended data area) on the heap when the `Split_V` operation receives an invalid axis value that falls outside the expected range.","solution":"The fix will be included in TensorFlow 2.5.0. Additionally, the fix will be backported (applied to earlier versions still receiving support) to TensorFlow 2.4.2, 2.3.3, 2.2.3, and 2.1.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-29606","publishedAt":"2021-05-15T00:15:15.717Z","cveId":"CVE-2021-29606","cweIds":["CWE-125"],"cvssScore":"7.1","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00017,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-540"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality","integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}