Heap OOB read in `tf.ragged.cross`

🗓️ 10 Nov 2021 19:31:00Reported by GitHub Advisory DatabaseType

Heap OOB read in `tf.ragged.cross` impacting TensorFlow versions 2.7.0, 2.6.1, 2.5.2, 2.4.

Reporter	Title	Published	Views	Family All 13
Prion	Out-of-bounds	5 Nov 202121:15	–	prion
OSV	CVE-2021-41212	5 Nov 202121:15	–	osv
OSV	Heap OOB read in `tf.ragged.cross`	10 Nov 202119:00	–	osv
OSV	PYSEC-2021-819	5 Nov 202121:15	–	osv
OSV	PYSEC-2021-621	5 Nov 202121:15	–	osv
OSV	BIT-tensorflow-2021-41212	6 Mar 202411:16	–	osv
OSV	PYSEC-2021-404	5 Nov 202121:15	–	osv
Veracode	Denial Of Service (DoS)	9 Nov 202110:26	–	veracode
Cvelist	CVE-2021-41212 Heap OOB read in `tf.ragged.cross`	5 Nov 202120:15	–	cvelist
NVD	CVE-2021-41212	5 Nov 202121:15	–	nvd

Vulners

Node

tensorflow\-gpuRange<2.4.4

tensorflow\-gpuRange2.5.0–2.5.2

tensorflow\-gpuRange2.6.0–2.6.1

tensorflow\-cpuRange<2.4.4

tensorflow\-cpuRange2.5.0–2.5.2

tensorflow\-cpuRange2.6.0–2.6.1

google tensorflowRange<2.4.4

google tensorflowRange2.5.0–2.5.2

google tensorflowRange2.6.0–2.6.1

Source	Link
github	www.github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g
nvd	www.nvd.nist.gov/vuln/detail/CVE-2021-41212
github	www.github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8
github	www.github.com/pypa/advisory-database/tree/main/vulns/tensorflow-cpu/PYSEC-2021-621.yaml
github	www.github.com/pypa/advisory-database/tree/main/vulns/tensorflow-gpu/PYSEC-2021-819.yaml
github	www.github.com/pypa/advisory-database/tree/main/vulns/tensorflow/PYSEC-2021-404.yaml
github	www.github.com/advisories/GHSA-fr77-rrx3-cp7g

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Nov 2021 19:00Current

0.6Low risk

Vulners AI Score0.6

CVSS23.6

CVSS37.1

EPSS0.00042

CWE-125