CVE-2022-36016

unknown

Published 2022-09-16 · Modified 2024-11-28

CVSS v3

—

CVSS v2

—

VIR risk

—

Description

TensorFlow vulnerable to `CHECK`-fail in `tensorflow::full_type::SubstituteFromAttrs`

Exploit likelihood

20%

Patch ETA

—

Heuristic predictions, AS-IS, for prioritization only.

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2022-36016

OS	Version	Status	Fixed in
debian	forky	fixed	`0`
debian	sid	fixed	`0`

Ecosystem	Package	Vulnerable	Fixed
PyPI	tensorflow	`<2.7.2`	`2.7.2`
PyPI	tensorflow	`>=2.8.0,<2.8.1`	`2.8.1`
PyPI	tensorflow	`>=2.9.0,<2.9.1`	`2.9.1`
PyPI	tensorflow-cpu	`<2.7.2`	`2.7.2`
PyPI	tensorflow-cpu	`>=2.8.0,<2.8.1`	`2.8.1`
PyPI	tensorflow-cpu	`>=2.9.0,<2.9.1`	`2.9.1`
PyPI	tensorflow-gpu	`<2.7.2`	`2.7.2`
PyPI	tensorflow-gpu	`>=2.8.0,<2.8.1`	`2.8.1`
PyPI	tensorflow-gpu	`>=2.9.0,<2.9.1`	`2.9.1`

Verify integrity in audit chain (admin only). AS-IS.