{"id":"CVE-2021-29519","details":"TensorFlow is an end-to-end open source platform for machine learning. The API of `tf.raw_ops.SparseCross` allows combinations which would result in a `CHECK`-failure and denial of service. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/3d782b7d47b1bf2ed32bd4a246d6d6cadc4c903d/tensorflow/core/kernels/sparse_cross_op.cc#L114-L116) is tricked to consider a tensor of type `tstring` which in fact contains integral elements. Fixing the type confusion by preventing mixing `DT_STRING` and `DT_INT64` types solves this issue. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.","aliases":["BIT-tensorflow-2021-29519","GHSA-772j-h9xw-ffp5","PYSEC-2021-156","PYSEC-2021-447","PYSEC-2021-645"],"modified":"2026-04-11T17:12:39.273800Z","published":"2021-05-14T20:15:11.480Z","related":["GHSA-772j-h9xw-ffp5"],"references":[{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/commit/b1cc5e5a50e7cee09f2c6eb48eb40ee9c4125025"},{"type":"FIX","url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-772j-h9xw-ffp5"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tensorflow/tensorflow","events":[{"introduced":"0"},{"fixed":"0931ea3d985bb9c8fdd054a5e29c4129623c849b"},{"introduced":"2b96f3662bd776e277f86997659e61046b56c315"},{"fixed":"cfe0c80169ae984bcdc99ff6de7444164aaa8e07"},{"introduced":"b36436b087bd8e8701ef51718179037cccdfc26e"},{"fixed":"3929ffacfbef7c431e8397920d040aaf47acff19"},{"introduced":"582c8d236cb079023657287c318ff26adb239002"},{"fixed":"1923123d32ea41d92b70a27a3f6ecf0763b56f6c"},{"fixed":"b1cc5e5a50e7cee09f2c6eb48eb40ee9c4125025"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"2.1.4"},{"introduced":"2.2.0"},{"fixed":"2.2.3"},{"introduced":"2.3.0"},{"fixed":"2.3.3"},{"introduced":"2.4.0"},{"fixed":"2.4.2"}]}}],"versions":["0.5.0","0.6.0","v1.1.0-rc1","v1.1.0-rc2","v1.12.1","v1.6.0-rc1","v1.9.0-rc2","v2.1.0","v2.1.0-rc0","v2.1.0-rc1","v2.1.0-rc2","v2.1.1","v2.1.2","v2.1.3","v2.2.0","v2.2.1","v2.2.2","v2.3.0","v2.3.1","v2.3.2","v2.4.0","v2.4.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-29519.json","vanir_signatures":[{"source":"https://github.com/tensorflow/tensorflow/commit/b1cc5e5a50e7cee09f2c6eb48eb40ee9c4125025","signature_version":"v1","signature_type":"Function","digest":{"length":2830,"function_hash":"130342139269504088076764693872616337560"},"deprecated":false,"target":{"function":"ValidateInput","file":"tensorflow/core/kernels/sparse_cross_op.cc"},"id":"CVE-2021-29519-0dd7cc9f"},{"source":"https://github.com/tensorflow/tensorflow/commit/b1cc5e5a50e7cee09f2c6eb48eb40ee9c4125025","signature_version":"v1","signature_type":"Line","digest":{"threshold":0.9,"line_hashes":["256636748043249681873866895206394724535","312451947312717767256760545154702797935","122150029948065352684984747351409898414","280301859650971932057387605060238066224","33417065409690747893785936484699392860","239129514477343093466692278146394943487","52944011659043100807285725253382170346","43669630295865809770599504552175117409","297918352857671795486982719306831960785","282589221582168803870673714666164379662","284699328473846372968477334678367751119","63268561322274005123833328984847187965","154984739973294359131324206430004363968","249095016082583295962500880526325386717","256412866331640892462074538979259620241","156318210550066424726301107944852104149","106330643672165513623277237663651938014","105636737493971997197976286208329551152","94206706756925639502309783242631531490","171575937090622739162304099868836635132","317614926629187703724406534476623327391","244438813058267017176307449376377005152","236426833160401848982533479508134718298","322699573092126221944047727792487974679","327746036804984812410608266190634345187","234970537535586533354837717416676219709","230094059336673568710173101038374743489","251236488219319220335671116444947127557","170577144811387021224433783263759638659","189286259274647084593944439280174852206","25129008934926547642281506050334868411","191735126960400767383108477474986395983","215634673441910154712298591417153825092","12729469507683112987811355774503471750","166439952431012219366212054987679485124","230094059336673568710173101038374743489","251236488219319220335671116444947127557","113616801581370089587017435157375944786","198989917371177505519585749195330498736","280177778005665782301462017742836980450","230094059336673568710173101038374743489","251236488219319220335671116444947127557","284403526972689746586774322824493160182","177178553569239707004918862774506809854","61776339989714874884542389083573777698"]},"deprecated":false,"target":{"file":"tensorflow/core/kernels/sparse_cross_op.cc"},"id":"CVE-2021-29519-80d21d2e"}],"vanir_signatures_modified":"2026-04-11T17:12:39Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}