{"data":{"id":"d12b16d9-d4de-45b1-af54-2c2631799157","title":"CVE-2021-37682: TensorFlow is an end-to-end open source platform for machine learning. In affected versions all TFLite operations that u","summary":"TensorFlow, an open-source machine learning platform, has a vulnerability in TFLite (TensorFlow Lite, a lightweight version for mobile devices) where operations using quantization (a technique that reduces model size by using lower-precision numbers) can accidentally use uninitialized values because the code doesn't properly check whether quantization settings are valid before using them. This could cause unpredictable behavior in machine learning models running on mobile or embedded devices.","solution":"The issue has been patched in GitHub commits 537bc7c723439b9194a358f64d871dd326c18887, 4a91f2069f7145aab6ba2d8cfe41be8a110c18a5, and 8933b8a21280696ab119b63263babdb54c298538. The fix is included in TensorFlow 2.6.0 and has been backported to TensorFlow 2.5.1, 2.4.3, and 2.3.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-37682","publishedAt":"2021-08-13T03:15:08.390Z","cveId":"CVE-2021-37682","cweIds":["CWE-908"],"cvssScore":"4.4","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00039,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}