CVE-2021-29592 log

Severity Medium
Remote No
Type Denial of service
A security issue has been found in TensorFlow before version 2.4.2. The fix for CVE-2020-15209( missed the case when the target shape of `Reshape` operator is given by the elements of a 1-D tensor. As such, the fix for the vulnerability( allowed passing a null-buffer-backed tensor with a 1D shape.
Group Package Affected Fixed Severity Status Ticket
AVG-1962 tensorflow 2.4.1-10 2.5.0-1 Critical Fixed