CVE-2021-33647

{"id": "CVE-2021-33647", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-06-27T17:15:08.590", "references": [{"url": "https://gitee.com/mindspore/community/blob/master/security/security_advisory_list/mssa-2021-008_en.md", "tags": ["Patch", "Third Party Advisory"], "source": "securities@openeuler.org"}, {"url": "https://gitee.com/mindspore/community/blob/master/security/security_advisory_list/mssa-2021-008_en.md", "tags": ["Patch", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "securities@openeuler.org", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers."}, {"lang": "es", "value": "Cuando es llevada a cabo la operaci\u00f3n de inferencia de forma del operador Tile, si el tipo de datos de entrada no es int o int32, ser\u00e1 accedido a datos fuera de l\u00edmites de los b\u00faferes asignados a la pila"}], "lastModified": "2024-11-21T06:09:16.343", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mindspore:mindspore:*:*:*:*:*:openeuler:*:*", "vulnerable": true, "matchCriteriaId": "1C2C732E-38EA-44A6-85EA-6361337A34C0", "versionEndExcluding": "1.3.0", "versionStartIncluding": "1.0.0"}, {"criteria": "cpe:2.3:a:mindspore:mindspore:0.7.0:beta:*:*:*:openeuler:*:*", "vulnerable": true, "matchCriteriaId": "E51B4E88-2117-4BBA-B640-236E15F809C6"}], "operator": "OR"}]}], "sourceIdentifier": "securities@openeuler.org"}