{"data":{"id":"c6c3f71b-e1d5-425b-913a-842cd52ade36","title":"CVE-2021-37668: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can cause denial","summary":"TensorFlow, an open source platform for machine learning, has a vulnerability (CVE-2021-37668) where attackers can crash applications by exploiting the `tf.raw_ops.UnravelIndex` function through division by zero (a math error where a program tries to divide by 0). The bug occurs because the code doesn't check if the `dims` tensor (a multi-dimensional array) is empty before performing calculations.","solution":"The issue was patched in GitHub commit a776040a5e7ebf76eeb7eb923bf1ae417dd4d233. The fix is included in TensorFlow 2.6.0 and will be backported (adapted for earlier versions) to TensorFlow 2.5.1, TensorFlow 2.4.3, and TensorFlow 2.3.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-37668","publishedAt":"2021-08-13T03:15:07.440Z","cveId":"CVE-2021-37668","cweIds":["CWE-369","CWE-369"],"cvssScore":"5.5","cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00044,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}