AI Threat Alert
AI Component
Framework
AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.
1220
Total CVEs
61
Pages
Page 22 of 61
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2022-41897 | TensorFlow: OOB read in FractionMaxPoolGrad causes DoS | tensorflow | 7.5 |
| HIGH | CVE-2022-41898 | TensorFlow: DoS crash via empty SparseFillEmptyRowsGrad inputs | tensorflow | 7.5 |
| HIGH | CVE-2022-41899 | TensorFlow: SdcaOptimizer DoS via malformed tensor rank | tensorflow | 7.5 |
| CRITICAL | CVE-2022-41900 | TensorFlow: heap OOB RCE in FractionalMaxPool op | tensorflow | 9.8 |
| HIGH | CVE-2022-41901 | TensorFlow: DoS via SparseMatrixNNZ CHECK assertion fail | tensorflow | 7.5 |
| HIGH | CVE-2022-41907 | TensorFlow: integer overflow in ResizeNearestNeighborGrad → DoS | tensorflow | 7.5 |
| HIGH | CVE-2022-41908 | TensorFlow: DoS via invalid UTF-8 input to PyFunc op | tensorflow | 7.5 |
| HIGH | CVE-2022-41909 | TensorFlow: remote DoS via malformed tensor input | tensorflow | 7.5 |
| HIGH | CVE-2022-41911 | TensorFlow: type confusion DoS via bool cast in tensors | tensorflow | 7.5 |
| CRITICAL | CVE-2022-41902 | TensorFlow Grappler: OOB read/crash via crafted model | tensorflow | 9.1 |
| CRITICAL | CVE-2022-41910 | TensorFlow Grappler: OOB read crashes or leaks memory | tensorflow | 9.1 |
| HIGH | CVE-2023-25658 | TensorFlow: OOB read in GRUBlockCellGrad causes DoS | tensorflow | 7.5 |
| HIGH | CVE-2023-25659 | TensorFlow: OOB read in DynamicStitch enables DoS | tensorflow | 7.5 |
| HIGH | CVE-2023-25660 | TensorFlow: null ptr deref in Print op allows remote DoS | tensorflow | 7.5 |
| HIGH | CVE-2023-25662 | TensorFlow: integer overflow in EditDistance causes DoS | tensorflow | 7.5 |
| HIGH | CVE-2023-25663 | TensorFlow: null ptr deref crashes inference serving | tensorflow | 7.5 |
| CRITICAL | CVE-2023-25664 | TensorFlow: heap overflow in AvgPoolGrad, RCE risk | tensorflow | 9.8 |
| HIGH | CVE-2023-25665 | TensorFlow: null ptr deref DoS via sparse tensors | tensorflow | 7.5 |
| HIGH | CVE-2023-25666 | TensorFlow: FPE in AudioSpectrogram causes DoS | tensorflow | 7.5 |
| HIGH | CVE-2023-25667 | TensorFlow: integer overflow DoS in video frame decoding | tensorflow | 7.5 |