Lucene search
China National Vulnerability DatabaseCNVD-2021-85888HistoryNov 08, 2021 - 12:00 a.m.
Google TensorFlow null pointer dereference vulnerability (CNVD-2021-85888)
2021-11-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
0.0004 Low
EPSS
Percentile
13.0%
Google TensorFlow, an end-to-end open source machine learning platform, is vulnerable to a null pointer dereference in the shape inference code of DeserializeSparse in versions of TensorFlow prior to 2.7.0. The vulnerability stems from the shape inference function assuming that the serialize_sparse tensor is a tensor with positive rank.
| CPE | Name | Operator | Version |
|---|---|---|---|
| google tensorflow | lt | 2.7.0 |
Related
osv
osv
BIT-tensorflow-2021-41215
2024-03-06 11:16:11
CVE-2021-41215
2021-11-05 21:15:09
PYSEC-2021-407
2021-11-05 21:15:00
cvelist
cvelist
CVE-2021-41215 Null pointer exception in `DeserializeSparse`
2021-11-05 20:55:16
github
github
Null pointer exception in `DeserializeSparse`
2021-11-10 18:57:45
veracode
veracode
Denial Of Service (DoS)
2021-11-09 10:51:50
prion
prion
Null pointer dereference
2021-11-05 21:15:00
cve
cve
CVE-2021-41215
2021-11-05 21:15:09
nvd
nvd
CVE-2021-41215
2021-11-05 21:15:09
