Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-exym-4mq2-rkbj
Vulnerability ID VCID-exym-4mq2-rkbj
Aliases CVE-2022-29204
GHSA-hx9q-2mx4-m4pg
Summary
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-20 Improper Input Validation
CWE-191 Integer Underflow (Wrap or Wraparound)
System Score Found at
epss 0.00062 https://api.first.org/data/v1/epss?cve=CVE-2022-29204
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-hx9q-2mx4-m4pg
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow
generic_textual MODERATE https://github.com/tensorflow/tensorflow
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14
generic_textual MODERATE https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14
ssvc Track https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
generic_textual MODERATE https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
ssvc Track https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147
generic_textual MODERATE https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147
ssvc Track https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943
generic_textual MODERATE https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943
ssvc Track https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
generic_textual MODERATE https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
ssvc Track https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
generic_textual MODERATE https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
ssvc Track https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
generic_textual MODERATE https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
ssvc Track https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
generic_textual MODERATE https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
ssvc Track https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg
cvssv3.1_qr MODERATE https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg
generic_textual MODERATE https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg
ssvc Track https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg
cvssv3.1 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29204
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2022-29204
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-29204
https://github.com/tensorflow/tensorflow
https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14
https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147
https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943
https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
CVE-2022-29204 https://nvd.nist.gov/vuln/detail/CVE-2022-29204
GHSA-hx9q-2mx4-m4pg https://github.com/advisories/GHSA-hx9q-2mx4-m4pg
GHSA-hx9q-2mx4-m4pg https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/unsorted_segment_join_op.cc#L83-L14
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/commit/20cb18724b0bf6c09071a3f53434c4eec53cc147
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/commit/84563f265f28b3c36a15335c8b005d405260e943
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:46:46Z/ Found at https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hx9q-2mx4-m4pg
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-29204
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.19582
EPSS Score 0.00062
Published At May 30, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-30T22:18:04.393674+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0