{"data":{"id":"22b3ddcd-a7aa-486f-9fb8-8dc31f3c93db","title":"CVE-2022-36015: TensorFlow is an open source platform for machine learning. When `RangeSize` receives values that do not fit into an `in","summary":"TensorFlow (an open source platform for machine learning) has a bug where the `RangeSize` function crashes when it receives numbers too large to fit into an `int64_t` (a 64-bit integer data type). This is caused by an integer overflow (when a number becomes too large for its data type to handle).","solution":"Update to TensorFlow 2.10.0, or apply the patch from GitHub commit 37e64539cd29fcfb814c4451152a60f5d107b0f0. Users of TensorFlow 2.9.1, 2.8.1, or 2.7.2 should also update to patched versions of those releases. The source states: 'There are no known workarounds for this issue.'","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-36015","publishedAt":"2022-09-17T03:15:11.243Z","cveId":"CVE-2022-36015","cweIds":["CWE-190"],"cvssScore":"5.9","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00181,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}