VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-3nws-uqh8-wydf

Essentials
Severities (0)
References (2)
Severity details (0)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-3nws-uqh8-wydf
Aliases	GHSA-h6gw-r52c-724r GMS-2022-49 GMS-2022-52 GMS-2022-55
Summary	NULL Pointer Dereference and Access of Uninitialized Pointer in TensorFlow ### Impact The code for boosted trees in TensorFlow is still missing validation. This allows malicious users to read and write outside of bounds of heap allocated data as well as trigger denial of service (via dereferencing `nullptr`s or via `CHECK`-failures). This follows after CVE-2021-41208 where these APIs were still vulnerable to multiple security issues. Note: Given that the boosted trees implementation in TensorFlow is unmaintained, it is recommend to no longer use these APIs. Instead, please use the downstream [TensorFlow Decision Forests] project which is newer and supports more features. These APIs are now deprecated in TensorFlow 2.8. We will remove TensorFlow's boosted trees APIs in subsequent releases. ### Patches We have patched the known issues in multiple GitHub commits. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. This should allow users to use existing boosted trees APIs for a while until they migrate to TensorFlow Decision Forests while guaranteeing that known vulnerabilities are fixed. ### For more information Please consult our security guide for more information regarding the security model and how to contact us with issues and questions. ### Attribution These vulnerabilities have been reported by Yu Tian of Qihoo 360 AIVul Team and Faysal Hossain Shezan from University of Virginia. Some of the issues have been discovered internally after a careful audit of the APIs.
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (2)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
There are no known severity scores.

Reference id	Reference type	URL
GHSA-h6gw-r52c-724r		https://github.com/advisories/GHSA-h6gw-r52c-724r
GHSA-h6gw-r52c-724r		https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6gw-r52c-724r

No exploits are available.

There are no known vectors.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-02T04:41:17.919349+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/tensorflow/GMS-2022-49.yml	38.6.0