{"data":{"id":"ad8518be-d2f5-4507-863b-4455f669d86f","title":"CVE-2021-29557: TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service via a F","summary":"TensorFlow (an open-source machine learning platform) has a vulnerability where an attacker can crash a system by triggering a divide-by-zero error (FPE, or floating-point exception) in a specific operation called `tf.raw_ops.SparseMatMul` when given an empty tensor (a multidimensional array with no data). This causes a denial of service attack (making the system unavailable to legitimate users).","solution":"Update to TensorFlow 2.5.0 or later. If you cannot upgrade to 2.5.0, the fix will also be available in TensorFlow 2.4.2, 2.3.3, 2.2.3, or 2.1.4, depending on which version you currently use.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-29557","publishedAt":"2021-05-15T00:15:13.247Z","cveId":"CVE-2021-29557","cweIds":["CWE-369"],"cvssScore":"2.5","cvssSeverity":"low","severity":"low","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00015,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}