AI Threat Alert
AI Component
Framework
AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.
1218
Total CVEs
61
Pages
Page 17 of 61
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2022-23593 | TensorFlow MLIR-TFRT: DoS via scalar shape segfault | tensorflow | 7.5 |
| MEDIUM | CVE-2022-23594 | TensorFlow MLIR: heap OOB via malicious SavedModel file | tensorflow | 5.5 |
| MEDIUM | CVE-2022-23595 | TensorFlow XLA: null pointer dereference causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-29191 | TensorFlow: DoS via GetSessionTensor input validation | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29192 | TensorFlow: DoS via QuantizeAndDequantize input validation | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29194 | TensorFlow: DoS via malformed DeleteSessionTensor input | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29193 | TensorFlow: DoS via TensorSummaryV2 input validation failure | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29195 | TensorFlow: StagePeek DoS via unvalidated index scalar | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29196 | TensorFlow: DoS via invalid Conv3D filter input | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29197 | TensorFlow: DoS via UnsortedSegmentJoin input validation | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29198 | TensorFlow: DoS via sparse tensor input validation failure | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29199 | TensorFlow: CHECK-fail DoS in LoadAndRemapMatrix op | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29200 | TensorFlow: LSTMBlockCell DoS via invalid tensor rank | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29207 | TensorFlow: null-ptr deref in eager mode causes DoS | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29201 | TensorFlow: QuantizedConv2D null deref crashes model server | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29202 | TensorFlow: DoS via ragged tensor memory exhaustion | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29203 | TensorFlow: DoS via SpaceToBatchND integer overflow | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29204 | TensorFlow: DoS via UnsortedSegmentJoin input validation | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29205 | TensorFlow: NULL deref DoS via compat.v1 ops | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29206 | TensorFlow: SparseTensorDenseAdd null ptr deref DoS | tensorflow | 5.5 |