CVE-2022-36018: TensorFlow is an open source platform for machine learning. If `RaggedTensorToVariant` is given a `rt_nested_splits` lis
mediumvulnerability
TensorFlow, an open source platform for machine learning, has a vulnerability where a function called `RaggedTensorToVariant` can crash if it receives incorrectly formatted input (tensors with ranks other than one). An attacker could use this crash to launch a denial of service attack (making the system unavailable).
The issue has been patched in GitHub commit 88f93dfe691563baa4ae1e80ccde2d5c7a143821. The fix is included in TensorFlow 2.10.0 and will also be backported to (applied to earlier versions of) TensorFlow 2.9.1, TensorFlow 2.8.1, and TensorFlow 2.7.2.
5.9(medium)
EPSS: 0.1%
CVE-2022-29200: TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implem
CVE-2021-29541: TensorFlow is an end-to-end open source platform for machine learning. An attacker can trigger a dereference of a null p
CVE-2021-29615: TensorFlow is an end-to-end open source platform for machine learning. The implementation of `ParseAttrValue`(https://gi
CVE-2021-29604: TensorFlow is an end-to-end open source platform for machine learning. The TFLite implementation of hashtable lookup is
CVE-2026-31949: LibreChat is a ChatGPT clone with additional features. Prior to 0.8.3-rc1, a Denial of Service (DoS) vulnerability exist
Original source: https://nvd.nist.gov/vuln/detail/CVE-2022-36018
First tracked: February 15, 2026 at 08:41 PM
Classified by LLM (prompt v3) · confidence: 95%