CVE-2021-29514: TensorFlow is an end-to-end open source platform for machine learning. If the `splits` argument of `RaggedBincount` does
Summary
TensorFlow has a vulnerability in its RaggedBincount operation where invalid input arguments can cause a heap buffer overflow (a crash or memory corruption from accessing memory outside allocated bounds). An attacker can craft malicious input to make the code read or write to memory it shouldn't access, potentially compromising the system running the code.
Solution / Mitigation
The fix will be included in TensorFlow 2.5.0. The vulnerability will also be patched in TensorFlow 2.4.2 and TensorFlow 2.3.3.
Vulnerability Details
2.5(low)
EPSS: 0.0%
Classification
Affected Vendors
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-29514
First tracked: February 15, 2026 at 08:38 PM
Classified by LLM (prompt v3) · confidence: 95%