Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-k3rw-xwzv-1uer
Vulnerability ID VCID-k3rw-xwzv-1uer
Aliases CVE-2022-29216
GHSA-75c9-jrh4-79mc
Summary
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-94 Improper Control of Generation of Code ('Code Injection')
System Score Found at
epss 0.00169 https://api.first.org/data/v1/epss?cve=CVE-2022-29216
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-75c9-jrh4-79mc
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow
generic_textual HIGH https://github.com/tensorflow/tensorflow
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/tools/saved_model_cli.py#L566-L574
generic_textual HIGH https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/tools/saved_model_cli.py#L566-L574
ssvc Track* https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/tools/saved_model_cli.py#L566-L574
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7
generic_textual HIGH https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7
ssvc Track* https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow/commit/c5da7af048611aa29e9382371f0aed5018516cac
generic_textual HIGH https://github.com/tensorflow/tensorflow/commit/c5da7af048611aa29e9382371f0aed5018516cac
ssvc Track* https://github.com/tensorflow/tensorflow/commit/c5da7af048611aa29e9382371f0aed5018516cac
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
generic_textual HIGH https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
ssvc Track* https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
generic_textual HIGH https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
ssvc Track* https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
generic_textual HIGH https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
ssvc Track* https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
generic_textual HIGH https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
ssvc Track* https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
cvssv3.1 7.8 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75c9-jrh4-79mc
cvssv3.1_qr HIGH https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75c9-jrh4-79mc
generic_textual HIGH https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75c9-jrh4-79mc
ssvc Track* https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75c9-jrh4-79mc
cvssv3.1 7.8 https://nvd.nist.gov/vuln/detail/CVE-2022-29216
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2022-29216
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-29216
https://github.com/tensorflow/tensorflow
https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/tools/saved_model_cli.py#L566-L574
https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7
https://github.com/tensorflow/tensorflow/commit/c5da7af048611aa29e9382371f0aed5018516cac
https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
CVE-2022-29216 https://nvd.nist.gov/vuln/detail/CVE-2022-29216
GHSA-75c9-jrh4-79mc https://github.com/advisories/GHSA-75c9-jrh4-79mc
GHSA-75c9-jrh4-79mc https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75c9-jrh4-79mc
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/tools/saved_model_cli.py#L566-L574
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:15Z/ Found at https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/python/tools/saved_model_cli.py#L566-L574
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:15Z/ Found at https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/commit/c5da7af048611aa29e9382371f0aed5018516cac
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:15Z/ Found at https://github.com/tensorflow/tensorflow/commit/c5da7af048611aa29e9382371f0aed5018516cac
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:15Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:15Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:15Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:15Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75c9-jrh4-79mc
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-04-22T15:43:15Z/ Found at https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75c9-jrh4-79mc
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-29216
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.37795
EPSS Score 0.00169
Published At May 30, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-30T22:18:04.641148+00:00 EPSS Importer Import https://epss.cyentia.com/epss_scores-current.csv.gz 38.6.0