AI Threat Alert
AI Component
Framework
AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.
1205
Total CVEs
61
Pages
Page 15 of 61
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| MEDIUM | CVE-2022-21735 | TensorFlow: DoS via FractionalMaxPool div-by-zero | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23569 | TensorFlow: DoS via reachable assertions in ML ops | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21737 | TensorFlow: DoS via malformed Bincount arguments | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21738 | TensorFlow: integer overflow crashes process via sparse op | tensorflow | 6.5 |
| MEDIUM | CVE-2022-21739 | TensorFlow: QuantizedMaxPool null ptr deref causes DoS | tensorflow | 6.5 |
| HIGH | CVE-2022-21740 | TensorFlow: heap overflow in sparse ops, RCE risk | tensorflow | 8.8 |
| MEDIUM | CVE-2022-21741 | TensorFlow Lite: DoS via crafted depthwise conv model | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23557 | TensorFlow TFLite: DoS via divide-by-zero in BiasAndClamp | tensorflow | 6.5 |
| HIGH | CVE-2022-23558 | TFLite: integer overflow in model loading, RCE risk | tensorflow | 8.8 |
| HIGH | CVE-2022-23559 | TFLite: integer overflow in embedding lookup → heap OOB RW | tensorflow | 8.8 |
| HIGH | CVE-2022-23560 | TFLite: OOB read/write in sparse tensor → RCE | tensorflow | 8.8 |
| HIGH | CVE-2022-23561 | TensorFlow Lite: OOB write, arbitrary write primitive | tensorflow | 8.8 |
| HIGH | CVE-2022-23562 | TensorFlow: Range integer overflow, RCE/DoS risk | tensorflow | 8.8 |
| MEDIUM | CVE-2022-23563 | TensorFlow: TOC/TOU race allows temp file hijacking | tensorflow | 6.3 |
| MEDIUM | CVE-2022-23564 | TensorFlow: DoS via reachable assertion in protobuf decode | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23565 | TensorFlow: DoS via malicious SavedModel AttrDef duplication | tensorflow | 6.5 |
| HIGH | CVE-2022-23566 | TensorFlow: heap OOB write in Grappler, RCE risk | tensorflow | 8.8 |
| MEDIUM | CVE-2022-23570 | TensorFlow: null-deref DoS via malformed protobuf tensor | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23571 | TensorFlow: protobuf assertion DoS via invalid tensor dtype | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23572 | TensorFlow: DoS via shape inference assertion failure | tensorflow | 6.5 |