{"data":{"id":"42568107-3c79-47bc-ab09-296270281623","title":"CVE-2023-25801: TensorFlow is an open source machine learning platform. Prior to versions 2.12.0 and 2.11.1, `nn_ops.fractional_avg_pool","summary":"TensorFlow, an open source machine learning platform, had a bug in two pooling functions (`nn_ops.fractional_avg_pool_v2` and `nn_ops.fractional_max_pool_v2`) that required certain parameters to equal 1.0 because pooling on batch and channel dimensions (the different ways data is organized in the neural network) was not supported. This vulnerability was fixed in TensorFlow versions 2.12.0 and 2.11.1.","solution":"Update to TensorFlow version 2.12.0 or 2.11.1, which include the fix for this vulnerability.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2023-25801","publishedAt":"2023-03-25T04:15:08.120Z","cveId":"CVE-2023-25801","cweIds":["CWE-415"],"cvssScore":"8","cvssSeverity":"high","severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00078,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}