{"data":{"id":"c6fa16ea-d38c-4292-b9d6-27b03bbe1e14","title":"CVE-2022-41885: TensorFlow is an open source platform for machine learning. When `tf.raw_ops.FusedResizeAndPadConv2D` is given a large t","summary":"TensorFlow (an open source machine learning platform) has a vulnerability in the `tf.raw_ops.FusedResizeAndPadConv2D` function where a buffer overflow (a memory error where data exceeds available space) occurs when given very large tensor shapes. The bug stems from an incorrect buffer size calculation.","solution":"The fix is available in TensorFlow 2.11. For users on earlier versions, the patch has been applied to TensorFlow 2.10.1, 2.9.3, and 2.8.4. Users should update to one of these versions.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-41885","publishedAt":"2022-11-19T03:15:14.147Z","cveId":"CVE-2022-41885","cweIds":["CWE-131","CWE-131"],"cvssScore":"4.8","cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.0016,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}