{"data":{"id":"cc7fff2c-1288-4ed2-abbb-ccc7edfe986c","title":"CVE-2022-29208: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem","summary":"TensorFlow, an open source platform for machine learning, has a vulnerability in the `tf.raw_ops.EditDistance` function where incomplete validation allows users to pass negative values that cause a segmentation fault (a program crash from accessing invalid memory). An attacker could exploit this by crafting input that produces negative array indices, allowing writes before the intended array location and potentially crashing the system.","solution":"Update to TensorFlow versions 2.9.0, 2.8.1, 2.7.2, or 2.6.4, which contain a patch for this issue.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-29208","publishedAt":"2022-05-21T03:15:45.150Z","cveId":"CVE-2022-29208","cweIds":["CWE-787"],"cvssScore":"7.1","cvssSeverity":"high","severity":"high","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":["NVIDIA"],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00059,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-100"],"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}