https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 09 May 2026 04:14:57 +0000 https://vulnerability.circl.lu/sighting/1acd7a16-bfa3-4a68-b7f7-99d300fcb6d5/export {"uuid": "1acd7a16-bfa3-4a68-b7f7-99d300fcb6d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41216", "type": "seen", "source": "https://t.me/cibsecurity/31922", "content": "\u203c CVE-2021-41216 \u203c\n\nTensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape inference function does not validate that the indices in `perm` are all valid. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-06T01:26:14.000000Z"} {"uuid": "1acd7a16-bfa3-4a68-b7f7-99d300fcb6d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41216", "type": "seen", "source": "https://t.me/cibsecurity/31922", "content": "\u203c CVE-2021-41216 \u203c\n\nTensorFlow is an open source platform for machine learning. In affected versions the shape inference function for `Transpose` is vulnerable to a heap buffer overflow. This occurs whenever `perm` contains negative elements. The shape inference function does not validate that the indices in `perm` are all valid. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-06T01:26:14.000000Z"} https://vulnerability.circl.lu/sighting/1acd7a16-bfa3-4a68-b7f7-99d300fcb6d5/export Sat, 06 Nov 2021 01:26:14 +0000 https://vulnerability.circl.lu/sighting/4c5f73cc-3dd5-476f-a6f1-30574e2e7dc8/export {"uuid": "4c5f73cc-3dd5-476f-a6f1-30574e2e7dc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41218", "type": "seen", "source": "https://t.me/cibsecurity/31932", "content": "\u203c CVE-2021-41218 \u203c\n\nTensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `AllToAll` can be made to execute a division by 0. This occurs whenever the `split_count` argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-06T01:26:28.000000Z"} {"uuid": "4c5f73cc-3dd5-476f-a6f1-30574e2e7dc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41218", "type": "seen", "source": "https://t.me/cibsecurity/31932", "content": "\u203c CVE-2021-41218 \u203c\n\nTensorFlow is an open source platform for machine learning. In affected versions the shape inference code for `AllToAll` can be made to execute a division by 0. This occurs whenever the `split_count` argument is 0. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-06T01:26:28.000000Z"} https://vulnerability.circl.lu/sighting/4c5f73cc-3dd5-476f-a6f1-30574e2e7dc8/export Sat, 06 Nov 2021 01:26:28 +0000 https://vulnerability.circl.lu/sighting/cc24b1af-d0cc-4a7e-bc7d-ddd939b0719c/export {"uuid": "cc24b1af-d0cc-4a7e-bc7d-ddd939b0719c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41213", "type": "seen", "source": "https://t.me/cibsecurity/31938", "content": "\u203c CVE-2021-41213 \u203c\n\nTensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutually recursive. This occurs due to using a non-reentrant `Lock` Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive `tf.function`, although this is not a frequent scenario. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-06T01:26:36.000000Z"} {"uuid": "cc24b1af-d0cc-4a7e-bc7d-ddd939b0719c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41213", "type": "seen", "source": "https://t.me/cibsecurity/31938", "content": "\u203c CVE-2021-41213 \u203c\n\nTensorFlow is an open source platform for machine learning. In affected versions the code behind `tf.function` API can be made to deadlock when two `tf.function` decorated Python functions are mutually recursive. This occurs due to using a non-reentrant `Lock` Python object. Loading any model which contains mutually recursive functions is vulnerable. An attacker can cause denial of service by causing users to load such models and calling a recursive `tf.function`, although this is not a frequent scenario. The fix will be included in TensorFlow 2.7.0. We will also cherrypick this commit on TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, as these are also affected and still in supported range.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-06T01:26:36.000000Z"} https://vulnerability.circl.lu/sighting/cc24b1af-d0cc-4a7e-bc7d-ddd939b0719c/export Sat, 06 Nov 2021 01:26:36 +0000 https://vulnerability.circl.lu/sighting/308f1f47-a764-43fa-9824-a9f2101737f6/export {"uuid": "308f1f47-a764-43fa-9824-a9f2101737f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4121", "type": "seen", "source": "https://t.me/cibsecurity/34132", "content": "\u203c CVE-2021-4121 \u203c\n\nyetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-16T12:37:07.000000Z"} {"uuid": "308f1f47-a764-43fa-9824-a9f2101737f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4121", "type": "seen", "source": "https://t.me/cibsecurity/34132", "content": "\u203c CVE-2021-4121 \u203c\n\nyetiforcecrm is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-16T12:37:07.000000Z"} https://vulnerability.circl.lu/sighting/308f1f47-a764-43fa-9824-a9f2101737f6/export Thu, 16 Dec 2021 12:37:07 +0000