Out-of-Bounds Access in SparseToDense Inference Shape Operation

Out-of-Bounds Access in SparseToDense Inference Shape Operation

CVE-2021-33650 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

When performing the inference shape operation of the SparseToDense operator, if the number of inputs is less than three, it will access data outside of bounds of inputs which allocated from heap buffers.

Learn more about our Web Application Penetration Testing UK.