TensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `tf.ragged.cross` can trigger a read outside of bounds of heap allocated array. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.
                
            References
                    | Link | Resource | 
|---|---|
| https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g | Exploit Patch Third Party Advisory | 
| https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8 | Patch Third Party Advisory | 
Configurations
                    Configuration 1 (hide)
| 
 | 
Information
                Published : 2021-11-05 14:15
Updated : 2021-11-09 07:21
NVD link : CVE-2021-41212
Mitre link : CVE-2021-41212
JSON object : View
CWE
                
                    
                        
                        CWE-125
                        
            Out-of-bounds Read
Products Affected
                - tensorflow


