{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T04:47:36.039","vulnerabilities":[{"cve":{"id":"CVE-2022-29203","sourceIdentifier":"security-advisories@github.com","published":"2022-05-20T23:15:44.543","lastModified":"2024-11-21T06:58:42.410","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.SpaceToBatchND` (in all backends such as XLA and handwritten kernels) is vulnerable to an integer overflow: The result of this integer overflow is used to allocate the output tensor, hence we get a denial of service via a `CHECK`-failure (assertion failure), as in TFSA-2021-198. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue."},{"lang":"es","value":"TensorFlow es una plataforma de código abierto para el aprendizaje automático. En versiones anteriores a 2.9.0, 2.8.1, 2.7.2 y 2.6.4, la implementación de \"tf.raw_ops.SpaceToBatchND\" (en todos los backends como XLA y kernels manuscritos) es vulnerable a un desbordamiento de enteros: El resultado de este desbordamiento de enteros es usado para asignar el tensor de salida, por lo que es obtenido una denegación de servicio por medio de un fallo de \"CHECK\" (fallo de aserción), como en TFSA-2021-198. Las versiones 2.9.0, 2.8.1, 2.7.2 y 2.6.4 contienen un parche para este problema"}],"metrics":{"cvssMetricV31":[{"source":"security-advisories@github.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:N/A:P","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"PARTIAL"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"security-advisories@github.com","type":"Secondary","description":[{"lang":"en","value":"CWE-190"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*","versionEndExcluding":"2.6.4","matchCriteriaId":"D9359D32-D090-44CF-AC43-2046084A28BB"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:*:*:*:*:*:*:*:*","versionStartIncluding":"2.7.0","versionEndExcluding":"2.7.2","matchCriteriaId":"C4DFBF2D-5283-42F6-8800-D653BFA5CE82"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:2.7.0:rc0:*:*:*:*:*:*","matchCriteriaId":"A58EDA5C-66D6-46F1-962E-60AFB7C784A7"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:2.7.0:rc1:*:*:*:*:*:*","matchCriteriaId":"89522760-C2DF-400D-9624-626D8F160CBA"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:2.8.0:-:*:*:*:*:*:*","matchCriteriaId":"E9EA1898-ACAA-4699-8BAE-54D62C1819FB"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:2.8.0:rc0:*:*:*:*:*:*","matchCriteriaId":"130DE3C9-6842-456F-A259-BF8FF8457217"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:2.8.0:rc1:*:*:*:*:*:*","matchCriteriaId":"BBF2FCEF-989C-409D-9F4C-81418C65B972"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:2.9.0:rc0:*:*:*:*:*:*","matchCriteriaId":"9CFB1CFC-579D-4647-A472-6DE8BE1951DE"},{"vulnerable":true,"criteria":"cpe:2.3:a:google:tensorflow:2.9.0:rc1:*:*:*:*:*:*","matchCriteriaId":"F3F3F37E-D27F-4060-830C-0AFF16150777"}]}]}],"references":[{"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf","source":"security-advisories@github.com","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0","source":"security-advisories@github.com","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jjm6-4vf7-cjh4","source":"security-advisories@github.com","tags":["Exploit","Patch","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-198.md","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/commit/acd56b8bcb72b163c834ae4f18469047b001fadf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.6.4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.7.2","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.8.1","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/releases/tag/v2.9.0","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Third Party Advisory"]},{"url":"https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jjm6-4vf7-cjh4","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Patch","Third Party Advisory"]}]}}]}