{"data":{"id":"0dd6bc02-551c-411d-abc0-87b142f24f76","title":"CVE-2021-37675: TensorFlow is an end-to-end open source platform for machine learning. In affected versions most implementations of conv","summary":"TensorFlow, a machine learning platform, has a vulnerability where attackers can crash the software by exploiting division by zero errors in convolution operators (mathematical operations that process data in machine learning models). This happens because the code that checks input shapes is missing validation steps before performing divisions, allowing someone to trigger a denial of service (making the system unavailable).","solution":"The issue has been patched in GitHub commit 8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4. The fix will be included in TensorFlow 2.6.0 and will be backported to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-37675","publishedAt":"2021-08-13T02:15:08.557Z","cveId":"CVE-2021-37675","cweIds":["CWE-369"],"cvssScore":"5.5","cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00012,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}