{"data":{"id":"8885f3ce-0c56-4db6-8c76-402279a12558","title":"CVE-2022-23578: Tensorflow is an Open Source Machine Learning Framework. If a graph node is invalid, TensorFlow can leak memory in the i","summary":"TensorFlow (an open-source machine learning framework) has a memory leak bug in a function called `ImmutableExecutorState::Initialize`. When a graph node (a processing unit in a machine learning model) is invalid, the software sets a pointer (a reference to a location in memory) to null without freeing the memory it previously pointed to, causing that memory to be wasted and unavailable for other tasks.","solution":"The fix will be included in TensorFlow 2.8.0. The fix will also be backported (applied to older versions still being supported) to TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-23578","publishedAt":"2022-02-05T04:15:14.553Z","cveId":"CVE-2022-23578","cweIds":["CWE-401"],"cvssScore":"4.3","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.002,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}