AI Threat Alert
AI Component
Framework
AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.
1205
Total CVEs
61
Pages
Page 14 of 61
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2021-41216 | TensorFlow: heap overflow in Transpose via negative perm | tensorflow | 7.8 |
| HIGH | CVE-2021-41220 | TensorFlow: use-after-free in async collective ops | tensorflow | 7.8 |
| HIGH | CVE-2021-41221 | TensorFlow: CuDNN heap overflow, local code execution | tensorflow | 7.8 |
| MEDIUM | CVE-2021-41222 | TensorFlow: SplitV negative arg segfault crashes process | tensorflow | 5.5 |
| HIGH | CVE-2021-41225 | TensorFlow Grappler: uninitialized var, local priv-esc | tensorflow | 7.8 |
| MEDIUM | CVE-2021-41227 | TensorFlow: OOB read in ImmutableConst leaks memory | tensorflow | 5.5 |
| HIGH | CVE-2021-41228 | TensorFlow: eval() in saved_model_cli allows RCE | tensorflow | 7.8 |
| HIGH | CVE-2022-21726 | TensorFlow: heap OOB read in Dequantize op allows RCE | tensorflow | 8.8 |
| HIGH | CVE-2022-21727 | TensorFlow: Dequantize integer overflow, RCE risk | tensorflow | 8.8 |
| HIGH | CVE-2022-21728 | TensorFlow: heap OOB read in ReverseSequence op | tensorflow | 8.1 |
| HIGH | CVE-2022-21730 | TensorFlow: OOB read leaks heap memory, enables DoS | tensorflow | 8.1 |
| MEDIUM | CVE-2022-21731 | TensorFlow: ConcatV2 type confusion enables remote DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21732 | TensorFlow: ThreadPoolHandle DoS via memory exhaustion | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21733 | TensorFlow: StringNGrams integer overflow enables OOM DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21736 | TensorFlow: NULL deref DoS via SparseTensorSliceDataset | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23567 | TensorFlow: integer overflow DoS in sparse tensor ops | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23568 | TensorFlow: integer overflow DoS in sparse tensor ops | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21725 | TensorFlow: DoS via div-by-zero in conv cost estimator | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21729 | TensorFlow: UnravelIndex integer overflow → DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21734 | TensorFlow: DoS via MapStage non-scalar key crash | tensorflow | 6.5 |