CVE-2021-29553 log

Severity Low
Remote No
Type Information disclosure
A security issue has been found in TensorFlow before version 2.4.2. An attacker can read data outside of bounds of heap allocated buffer in `tf.raw_ops.QuantizeAndDequantizeV3`. This is because the implementation( does not validate the value of user supplied `axis` attribute before using it to index in the array backing the `input` argument.
Group Package Affected Fixed Severity Status Ticket
AVG-1962 tensorflow 2.4.1-10 2.5.0-1 Critical Fixed