{"data":{"id":"ed77a88b-bf09-46dd-b637-9d8439af4064","title":"CVE-2022-36017: TensorFlow is an open source platform for machine learning. If `Requantize` is given `input_min`, `input_max`, `requeste","summary":"TensorFlow, an open source platform for machine learning, has a vulnerability where a function called `Requantize` crashes when given certain types of input data (tensors of nonzero rank), allowing attackers to trigger a denial of service attack (making the system unavailable). The issue has been fixed and will be released in updated versions of the software.","solution":"The fix is included in TensorFlow 2.10.0. The patch will also be applied to TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2. Users should upgrade to one of these patched versions. There are no known workarounds for this issue.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-36017","publishedAt":"2022-09-17T03:15:11.367Z","cveId":"CVE-2022-36017","cweIds":["CWE-20"],"cvssScore":"5.9","cvssSeverity":"medium","severity":"medium","attackType":["denial_of_service"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00061,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"trivial","impactType":["availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}