{"data":{"id":"fcb1dc39-1431-41a8-8855-c558376c3e45","title":"CVE-2022-23562: Tensorflow is an Open Source Machine Learning Framework. The implementation of `Range` suffers from integer overflows. T","summary":"TensorFlow (an open-source framework for building machine learning models) has a vulnerability in its Range function where integer overflows (when numbers get too large and wrap around to incorrect values) can cause undefined behavior or extremely large memory allocations. This bug affects multiple versions of the software.","solution":"The fix will be included in TensorFlow 2.8.0. The vulnerability will also be patched in TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, which are still supported versions.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2022-23562","publishedAt":"2022-02-05T04:15:13.843Z","cveId":"CVE-2022-23562","cweIds":["CWE-190"],"cvssScore":"7.6","cvssSeverity":"high","severity":"high","attackType":[],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["TensorFlow"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00361,"patchAvailable":null,"disclosureDate":null,"capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["integrity","availability"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.95,"researchCategory":null,"atlasIds":null}}