AI Threat Alert
AI Component
Framework
AI/ML frameworks (LangChain, PyTorch, TensorFlow, etc.) are the foundational libraries for building AI applications. Vulnerabilities here have wide blast radius due to high adoption.
1201
Total CVEs
61
Pages
Page 5 of 61
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2021-29525 | TensorFlow: div-by-zero DoS in Conv2DBackpropInput | tensorflow | 7.8 |
| MEDIUM | CVE-2021-29526 | TensorFlow: Conv2D divide-by-zero crashes ML workloads | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29527 | TensorFlow: divide-by-zero DoS in QuantizedConv2D | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29528 | TensorFlow: DoS via division-by-zero in QuantizedMul | tensorflow | 5.5 |
| HIGH | CVE-2021-29529 | TensorFlow: heap buffer overflow in quantized image resize | tensorflow | 7.8 |
| HIGH | CVE-2021-29530 | TensorFlow: null ptr deref in sparse Cholesky ops | tensorflow | 7.8 |
| MEDIUM | CVE-2021-29531 | TensorFlow: DoS crash via empty tensor in PNG encoding | tensorflow | 5.5 |
| HIGH | CVE-2021-29532 | TensorFlow: heap OOB read via RaggedCross op | tensorflow | 7.1 |
| MEDIUM | CVE-2021-29533 | TensorFlow: DoS via empty image in DrawBoundingBoxes | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29534 | TensorFlow: DoS via CHECK-fail in SparseConcat op | tensorflow | 5.5 |
| HIGH | CVE-2021-29535 | TensorFlow: heap overflow in QuantizedMul op | tensorflow | 7.8 |
| HIGH | CVE-2021-29536 | TensorFlow: heap overflow in QuantizedReshape op | tensorflow | 7.8 |
| HIGH | CVE-2021-29537 | TensorFlow: heap overflow in QuantizedResizeBilinear op | tensorflow | 7.8 |
| MEDIUM | CVE-2021-29538 | TensorFlow: div-by-zero DoS in Conv2DBackpropFilter | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29539 | TensorFlow: type confusion in ImmutableConst causes DoS | tensorflow | 5.5 |
| HIGH | CVE-2021-29540 | TensorFlow: heap buffer overflow in Conv2D gradient op | tensorflow | 7.8 |
| MEDIUM | CVE-2021-29541 | TensorFlow: null ptr deref DoS in StringNGrams op | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29542 | TensorFlow: StringNGrams heap overflow crashes ML process | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29543 | TensorFlow: DoS via assertion fail in CTCGreedyDecoder | tensorflow | 5.5 |
| MEDIUM | CVE-2021-29544 | TensorFlow: DoS via missing tensor rank validation | tensorflow | 5.5 |