{"data":{"id":"b3e37255-2cef-4463-a11c-9347d270ae90","title":"CVE-2021-37640: TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of `tf.ra","summary":"TensorFlow, an open-source machine learning platform, has a bug in the `tf.raw_ops.SparseReshape` function where it can crash with a division by zero error (dividing a number by zero). This happens because the code doesn't check if the target shape has any elements before dividing by it, allowing attackers to trigger this crash by providing specially crafted input.","solution":"The issue was patched in GitHub commit 4923de56ec94fff7770df259ab7f2288a74feb41. The fix is included in TensorFlow 2.6.0 and will also be applied to TensorFlow 2.5.1.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-37640","publishedAt":"2021-08-12T22:15:10.490Z","cveId":"CVE-2021-37640","cweIds":["CWE-369"],"cvssScore":"5.5","cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00033,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}