{"data":{"id":"a11bb572-3fcf-4448-93cc-888e52b7bfe2","title":"CVE-2021-29549: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a runtime division by zero ","summary":"TensorFlow, a machine learning platform, has a vulnerability where an attacker can cause a division by zero error (attempting to divide by zero, which crashes a program) in a specific operation called `tf.raw_ops.QuantizedBatchNormWithGlobalNormalization`. The bug happens because the code performs a modulo operation (finding the remainder after division) without checking if the divisor is zero first, and an attacker can craft input shapes to make this divisor equal zero.","solution":"The fix will be included in TensorFlow 2.5.0. The fix will also be backported (applied to older versions still being supported) to TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3, and TensorFlow 2.1.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-29549","publishedAt":"2021-05-15T00:15:12.853Z","cveId":"CVE-2021-29549","cweIds":["CWE-369","CWE-369"],"cvssScore":"2.5","cvssSeverity":"low","severity":"low","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00015,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}