Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-v2r1-wbmd-d7a1
Vulnerability ID VCID-v2r1-wbmd-d7a1
Aliases CVE-2022-29198
GHSA-mg66-qvc5-rm93
Summary TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SparseTensorToCSRSparseMatrix` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. The code assumes `dense_shape` is a vector and `indices` is a matrix (as part of requirements for sparse tensors) but there is no validation for this. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-20 Improper Input Validation
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-29198
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-29198
epss 0.00056 https://api.first.org/data/v1/epss?cve=CVE-2022-29198
cvssv3.1_qr MODERATE https://github.com/advisories/GHSA-mg66-qvc5-rm93
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow
generic_textual MODERATE https://github.com/tensorflow/tensorflow
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/sparse/sparse_tensor_to_csr_sparse_matrix_op.cc#L65-L119
generic_textual MODERATE https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/sparse/sparse_tensor_to_csr_sparse_matrix_op.cc#L65-L119
ssvc Track https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/sparse/sparse_tensor_to_csr_sparse_matrix_op.cc#L65-L119
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/commit/ea50a40e84f6bff15a0912728e35b657548cef11
generic_textual MODERATE https://github.com/tensorflow/tensorflow/commit/ea50a40e84f6bff15a0912728e35b657548cef11
ssvc Track https://github.com/tensorflow/tensorflow/commit/ea50a40e84f6bff15a0912728e35b657548cef11
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
generic_textual MODERATE https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
ssvc Track https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
generic_textual MODERATE https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
ssvc Track https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
generic_textual MODERATE https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
ssvc Track https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
generic_textual MODERATE https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
ssvc Track https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
cvssv3.1 5.5 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mg66-qvc5-rm93
cvssv3.1_qr MODERATE https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mg66-qvc5-rm93
generic_textual MODERATE https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mg66-qvc5-rm93
ssvc Track https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mg66-qvc5-rm93
cvssv3.1 5.5 https://nvd.nist.gov/vuln/detail/CVE-2022-29198
generic_textual MODERATE https://nvd.nist.gov/vuln/detail/CVE-2022-29198
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2022-29198
https://github.com/tensorflow/tensorflow
CVE-2022-29198 https://nvd.nist.gov/vuln/detail/CVE-2022-29198
ea50a40e84f6bff15a0912728e35b657548cef11 https://github.com/tensorflow/tensorflow/commit/ea50a40e84f6bff15a0912728e35b657548cef11
GHSA-mg66-qvc5-rm93 https://github.com/advisories/GHSA-mg66-qvc5-rm93
GHSA-mg66-qvc5-rm93 https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mg66-qvc5-rm93
sparse_tensor_to_csr_sparse_matrix_op.cc#L65-L119 https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/sparse/sparse_tensor_to_csr_sparse_matrix_op.cc#L65-L119
v2.6.4 https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
v2.7.2 https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
v2.8.1 https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
v2.9.0 https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
No exploits are available.
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/sparse/sparse_tensor_to_csr_sparse_matrix_op.cc#L65-L119
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:47:26Z/ Found at https://github.com/tensorflow/tensorflow/blob/f3b9bf4c3c0597563b289c0512e98d4ce81f886e/tensorflow/core/kernels/sparse/sparse_tensor_to_csr_sparse_matrix_op.cc#L65-L119
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/commit/ea50a40e84f6bff15a0912728e35b657548cef11
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:47:26Z/ Found at https://github.com/tensorflow/tensorflow/commit/ea50a40e84f6bff15a0912728e35b657548cef11
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:47:26Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:47:26Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:47:26Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:47:26Z/ Found at https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mg66-qvc5-rm93
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-22T15:47:26Z/ Found at https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mg66-qvc5-rm93
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2022-29198
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.17705
EPSS Score 0.00056
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T17:39:13.305084+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2022/29xxx/CVE-2022-29198.json 38.6.0