CVE-2022-29198

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...

lsmmdma (>=0.0.4 <=0.1.7), tpu-tf2 (=1.0.0) potentially affected by CVE-2022-29198 via tensorflow-cpu (=2.7.0)

tensorflow-cpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - lsmmdma =0.0.4, =0.1.7 - tpu-tf2 =1.0.0 Source cves: CVE-2022-29198 Source advisory: OSV:GHSA-MG66-QVC5-RM93...

a62-emotion (>=0.10.12 <=0.11.4), aiproteomics (=0.2.1) +97 more potentially affected by CVE-2022-29198 via tensorflow-cpu (>=1.15.0 <=2.5.3)

tensorflow-cpu PYPI version =1.15.0, =0.10.12, =2.0.0, =2.0.0, =1.0.0, =0.0.5, =0.3.0, =0.0.1, =0.8.1, =0.1.1, =1.3.0, =0.1.0.dev1, =0.0.1, =0.3.3 and more Source cves: CVE-2022-29198 Source advisory: OSV:GHSA-MG66-QVC5-RM93...

aadhaar-detection (=0.5.0), accuinsight (>=1.0.84 <=1.0.87) +39 more potentially affected by CVE-2022-29198 via tensorflow (>=2.7.0 <=2.7.1)

tensorflow PYPI version =2.7.0, =1.0.84, =3.0.22, =0.1.11, =0.1.11, =0.1.11, =0.1.0, =0.0.1, =1.2.1, =0.1.5.dev202303131412, =0.1.0, =0.1.1 and more Source cves: CVE-2022-29198 Source advisory: OSV:GHSA-MG66-QVC5-RM93...

rpnet (>=0.0.1 <=0.1.0), rpnet-dev (>=0.0.5 <=0.0.12) +4 more potentially affected by CVE-2022-29198 via tensorflow-gpu (=2.7.0)

tensorflow-gpu PYPI version =2.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - rpnet =0.0.1, =0.0.5, =1.0.5, =1.1.1 - tpu-tf2 =1.0.0 - troj =1.0.0 Source cves: CVE-2022-29198 Source advisory:...

acuity (=6.18.0), acuitypro (=6.18.0) +60 more potentially affected by CVE-2022-29198 via tensorflow (>=2.8.0 <=2.8.0rc1)

tensorflow PYPI version =2.8.0, =1.2.8, =1.0.43, =0.2.2, =0.0.1, =0.0.2, =0.2.8, =0.14.0, =0.1.3, =0.0.9, =0.2.27, =0.2.41 - complaintclassify =0.0.5 - conversational-sentence-encoder =0.0.6 and more Source cves: CVE-2022-29198 Source advisory: OSV:GHSA-MG66-QVC5-RM93...

causalegm (>=0.2.1 <=0.2.5), chrombpnet (>=0.1.0 <=0.1.2) +3 more potentially affected by CVE-2022-29198 via tensorflow-gpu (=2.8.0)

tensorflow-gpu PYPI version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - causalegm =0.2.1, =0.1.0, =0.0.6, =2.3.5, =2.4.1 - tlaunch =0.0.2 Source cves: CVE-2022-29198 Source advisory: OSV:GHSA-MG66-QVC5-R...

animl (>=1.1.2 <=1.1.4), arekit (>=0.21.0 <=0.22.1) +176 more potentially affected by CVE-2022-29198 via tensorflow-gpu (>=1.10.1 <=2.6.3)

tensorflow-gpu PYPI version =1.10.1, =1.1.2, =0.21.0, =0.23.0, =0.9.2, =1.0.0, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 and more Source cves: CVE-2022-29198 Source advisory: OSV:GHSA-MG66-QVC5-RM93...

CVE-2022-29198

creationtimestamp| type| source ---|---|--- 2022-05-21 02:31:11+00:00| seen| https://t.me/cibsecurity/43117 2025-04-22 18:03:49+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12930...

CVE-2022-29198

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...

CVE-2022-29198

CVE-2022-29198 concerns TensorFlow’s tf.raw_ops.SparseTensorToCSRSparseMatrix, where input validation is incomplete for dense_shape and indices. This can trigger a CHECK failure, potentially enabling a denial of service. The issue is documented to affect TensorFlow versions prior to 2.9.0, 2.8.1,...

CVE-2022-29198 Missing validation causes denial of service in TensorFlow via `SparseTensorToCSRSparseMatrix`

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of tf.rawops.SparseTensorToCSRSparseMatrix does not fully validate the input arguments. This results in a CHECK-failure which can be used to trigger a denial of service...