AI Threat Alert
AI Component
Framework
AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.
1219
Total CVEs
61
Pages
Page 18 of 61
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2022-29208 | TensorFlow: OOB write in EditDistance enables local DoS | tensorflow | 7.1 |
| MEDIUM | CVE-2022-29209 | TensorFlow: CHECK macro type confusion causes DoS | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29210 | TensorFlow: heap OOB in TensorKey causes DoS | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29211 | TensorFlow: NaN input crashes histogram op (CPU DoS) | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29212 | TensorFlow Lite: quantization assert crash (DoS) | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29213 | TensorFlow: input validation DoS in FFT signal ops | tensorflow | 5.5 |
| HIGH | CVE-2022-29216 | TensorFlow CLI: eval() injection enables reverse shell | tensorflow | 7.8 |
| HIGH | CVE-2022-35934 | TensorFlow: tf.reshape DoS via integer overflow | tensorflow | 7.5 |
| HIGH | CVE-2022-35935 | TensorFlow: DoS via SobolSample CHECK-failure | tensorflow | 7.5 |
| CRITICAL | CVE-2022-35937 | TensorFlow: GatherNd OOB read crashes inference servers | tensorflow | 9.1 |
| CRITICAL | CVE-2022-35938 | TensorFlow: OOB read in GatherNd causes crash/data leak | tensorflow | 9.1 |
| CRITICAL | CVE-2022-35939 | TensorFlow: ScatterNd OOB write enables RCE/crash | tensorflow | 9.8 |
| HIGH | CVE-2022-35940 | TensorFlow: integer overflow in RaggedRangeOp crashes service | tensorflow | 7.5 |
| HIGH | CVE-2022-35941 | TensorFlow: DoS via negative ksize in AvgPoolOp | tensorflow | 7.5 |
| HIGH | CVE-2022-35952 | TensorFlow: DoS via UnbatchGradOp assertion crash | tensorflow | 7.5 |
| HIGH | CVE-2022-35959 | TensorFlow: DoS via AvgPool3DGradOp input overflow | tensorflow | 7.5 |
| HIGH | CVE-2022-35960 | TensorFlow: DoS via malformed TensorListReserve input | tensorflow | 7.5 |
| HIGH | CVE-2022-35963 | TensorFlow: DoS via FractionalAvgPoolGrad overflow | tensorflow | 7.5 |
| HIGH | CVE-2022-35964 | TensorFlow: remote DoS via BlockLSTMGradV2 validation | tensorflow | 7.5 |
| HIGH | CVE-2022-35965 | TensorFlow: NULL deref DoS via empty tensor input | tensorflow | 7.5 |