CVE-2021-41197: TensorFlow is an open source platform for machine learning. In affected versions TensorFlow allows tensor to have a larg
Summary
TensorFlow (an open source machine learning platform) has a vulnerability where tensors (multi-dimensional arrays of numbers) with very large dimensions can cause an integer overflow (when a calculation produces a number too big to store), resulting in a crash or inconsistent behavior. The vulnerability occurs because the code checks for overflow incorrectly in some parts of the codebase.
Solution / Mitigation
The fix will be included in TensorFlow 2.7.0. Users of affected versions should update to TensorFlow 2.7.0, or apply cherrypicked patches available for TensorFlow 2.6.1, TensorFlow 2.5.2, and TensorFlow 2.4.4.
Vulnerability Details
5.5(medium)
EPSS: 0.0%
Classification
Affected Vendors
Related Issues
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null p
Original source: https://nvd.nist.gov/vuln/detail/CVE-2021-41197
First tracked: February 15, 2026 at 08:40 PM
Classified by LLM (prompt v3) · confidence: 92%