{"data":{"id":"da060b8d-2a3d-4eae-8757-acb862e09d2e","title":"CVE-2022-41911: TensorFlow is an open source platform for machine learning. When printing a tensor, we get it's data as a `const char*` ","summary":"TensorFlow, an open source platform for machine learning, has a bug where converting character data to boolean values can cause crashes because the conversion is undefined unless the character is exactly 0 or 1. This issue affects the process of printing tensors (multi-dimensional arrays of data used in machine learning).","solution":"The issue has been patched in GitHub commit `1be74370327`. The fix will be included in TensorFlow 2.11.0, and will also be applied to TensorFlow 2.10.1, TensorFlow 2.9.3, and TensorFlow 2.8.4.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-41911","publishedAt":"2022-11-19T03:15:22.743Z","cveId":"CVE-2022-41911","cweIds":["CWE-704"],"cvssScore":"4.8","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00134,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.92,"researchCategory":null,"atlasIds":null}}