AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2021-41200: TensorFlow is an open source platform for machine learning. In affected versions if `tf.summary.create_file_writer` is c

mediumvulnerability

security

Source: NVD/CVE DatabaseNovember 5, 2021CVE-2021-41200

Summary

TensorFlow (an open source platform for machine learning) has a bug where calling a specific function called `tf.summary.create_file_writer` with non-scalar arguments (values that aren't single numbers) causes the program to crash due to a failed assertion check. This vulnerability affects several versions of TensorFlow.

Solution / Mitigation

The fix will be included in TensorFlow 2.7.0. The developers will also apply this fix to TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4, which are still in the supported range. Users can reference the patch commit at https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e.

Vulnerability Details

CVSS Score

5.5(medium)

EPSS (30-day exploit probability)

EPSS: 0.0%

Classification

Attack SophisticationTrivial

Impact (CIA+S)

availability

AI Component TargetedFramework

Taxonomy References

CWE (Weakness Type)

CWE-617 CWE-617

Affected Vendors

Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-41200

First tracked: February 15, 2026 at 08:40 PM

Classified by LLM (prompt v3) · confidence: 95%