{"data":{"id":"e358016b-8f65-435b-a6b7-7b2809c47844","title":"CVE-2022-29207: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, multiple T","summary":"TensorFlow (an open source platform for machine learning) has a vulnerability in versions before 2.9.0, 2.8.1, 2.7.2, and 2.6.4 where certain operations fail when given an invalid resource handle (a reference to data or tools the program needs). In eager mode (where TensorFlow executes code immediately rather than preparing a plan first), this can cause a reference to point to a null pointer (a memory location that doesn't exist), leading to undefined behavior and potential crashes or errors. Graph mode had safeguards that prevented this issue.","solution":"Update TensorFlow to versions 2.9.0, 2.8.1, 2.7.2, or 2.6.4 or later, which contain a patch for this issue.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-29207","publishedAt":"2022-05-21T02:16:40.997Z","cveId":"CVE-2022-29207","cweIds":["CWE-20","CWE-475"],"cvssScore":"5.5","cvssSeverity":"medium","severity":"medium","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00045,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["availability","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}