{"data":{"id":"c3a8d019-2572-4c17-807f-48ea0317b6cf","title":"CVE-2022-21729: Tensorflow is an Open Source Machine Learning Framework. The implementation of `UnravelIndex` is vulnerable to a divisio","summary":"TensorFlow, an open-source machine learning framework, has a vulnerability in its `UnravelIndex` function caused by an integer overflow bug (a situation where a number becomes too large for the system to handle correctly) that leads to division by zero. This flaw affects multiple versions of TensorFlow and could allow attackers to crash or disrupt the software.","solution":"The fix will be included in TensorFlow 2.8.0. TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3 will also receive this fix through a cherrypick (applying a specific code change to older versions).","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-21729","publishedAt":"2022-02-03T18:15:07.943Z","cveId":"CVE-2022-21729","cweIds":["CWE-190","CWE-190"],"cvssScore":"6.5","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.0022,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}