{"data":{"id":"8ca308b4-079f-420c-96fa-d5f431cb79ae","title":"CVE-2022-41895: TensorFlow is an open source platform for machine learning. If `MirrorPadGrad` is given outsize input `paddings`, Tensor","summary":"TensorFlow, an open source machine learning platform, has a vulnerability where the `MirrorPadGrad` function crashes with a heap OOB error (out-of-bounds memory access, where the software tries to read memory it shouldn't) when given incorrectly sized input padding values. This bug allows attackers to potentially crash TensorFlow applications.","solution":"The fix is included in TensorFlow 2.11 and has been backported (applied to older versions) in TensorFlow 2.10.1, 2.9.3, and 2.8.4. Users should update to one of these patched versions. The fix was committed in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-41895","publishedAt":"2022-11-19T03:15:18.107Z","cveId":"CVE-2022-41895","cweIds":["CWE-125"],"cvssScore":"4.8","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00127,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-540"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}