AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2021-29618: TensorFlow is an end-to-end open source platform for machine learning. Passing a complex argument to `tf.transpose` at t

lowvulnerability

security

Source: NVD/CVE DatabaseMay 14, 2021CVE-2021-29618

Summary

TensorFlow (an open source machine learning platform) crashes when you pass a complex argument to the `tf.transpose` function while also using the `conjugate=True` argument. This happens because the software doesn't properly handle this unusual combination of inputs.

Solution / Mitigation

Update to TensorFlow 2.5.0 or later. If you're using an older supported version, updates are also available for TensorFlow 2.4.2, 2.3.3, 2.2.3, and 2.1.4.

Vulnerability Details

CVSS Score

2.5(low)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationTrivial

Impact (CIA+S)

availability

AI Component TargetedFramework

Taxonomy References

CWE (Weakness Type)

CWE-755

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-29618

First tracked: February 15, 2026 at 08:39 PM

Classified by LLM (prompt v3) · confidence: 95%