AI Threat Alert
AI Component
Framework
AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.
1204
Total CVEs
61
Pages
Page 11 of 61
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2021-37662 | TensorFlow: null deref in BoostedTrees training ops | tensorflow | 7.8 |
| HIGH | CVE-2021-37664 | TensorFlow: heap OOB read in BoostedTrees ops | tensorflow | 7.1 |
| HIGH | CVE-2021-37648 | TensorFlow SaveV2: null ptr deref, local crash/RCE | tensorflow | 7.8 |
| HIGH | CVE-2021-37652 | TensorFlow: double-free in BoostedTrees, code exec | tensorflow | 7.8 |
| HIGH | CVE-2021-37666 | TensorFlow: null-ptr deref in RaggedTensorToVariant op | tensorflow | 7.8 |
| HIGH | CVE-2021-37667 | TensorFlow: UnicodeEncode null deref, local code exec | tensorflow | 7.8 |
| HIGH | CVE-2021-37671 | TensorFlow: null-ptr deref in Map ops, local C/I/A:High | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37675 | TensorFlow: DoS via division by zero in conv ops | tensorflow | 5.5 |
| HIGH | CVE-2021-37676 | TensorFlow: null ptr deref in SparseFillEmptyRows op | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37680 | TFLite: division by zero crashes fully connected layers | tensorflow | 5.5 |
| HIGH | CVE-2021-37681 | TensorFlow Lite: null ptr deref crashes SVDF inference | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37686 | TFLite: infinite loop DoS via crafted strided slice model | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37688 | TensorFlow Lite: DoS via crafted TFLite model file | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37689 | TensorFlow Lite: MLIR null ptr deref crashes inference | tensorflow | 5.5 |
| HIGH | CVE-2021-37663 | TensorFlow: QuantizeV2 heap OOB/null-deref in quantization | tensorflow | 7.8 |
| HIGH | CVE-2021-37665 | TensorFlow MKL: null-ptr/heap-OOB in requantization ops | tensorflow | 7.8 |
| MEDIUM | CVE-2021-37668 | TensorFlow: DoS via div-by-zero in UnravelIndex op | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37669 | TensorFlow: integer conversion DoS in NonMaxSuppression ops | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37670 | TensorFlow: heap OOB read in sorting ops | tensorflow | 5.5 |
| MEDIUM | CVE-2021-37672 | TensorFlow: heap OOB read in SdcaOptimizerV2 | tensorflow | 5.5 |