{"data":{"id":"8277e6f0-ec75-4170-9049-323fcc972999","title":"CVE-2022-36002: TensorFlow is an open source platform for machine learning. When `Unbatch` receives a nonscalar input `id`, it gives a `","summary":"TensorFlow (an open source machine learning platform) has a vulnerability where the `Unbatch` operation crashes when it receives a nonscalar input `id` (a variable with multiple dimensions rather than a single value), which can be exploited to cause a denial of service attack (making a system unavailable by overwhelming it).","solution":"The issue has been patched in GitHub commit 4419d10d576adefa36b0e0a9425d2569f7c0189f. Users should upgrade to TensorFlow 2.10.0 or apply the patch to supported versions 2.9.1, 2.8.1, and 2.7.2. No workarounds are available.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-36002","publishedAt":"2022-09-17T03:15:10.763Z","cveId":"CVE-2022-36002","cweIds":["CWE-617"],"cvssScore":"5.9","cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00061,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}