AI Threat Alert
AI Component
Inference
Inference-layer vulnerabilities target the serving infrastructure that runs ML models in production — including vLLM, TensorRT, Triton, and custom serving endpoints.
535
Total CVEs
27
Pages
Page 11 of 27
Current
| Severity | CVE | Headline | Package | CVSS |
|---|---|---|---|---|
| HIGH | CVE-2022-23573 | TensorFlow: uninitialized memory in AssignOp | tensorflow | 8.8 |
| HIGH | CVE-2022-23574 | TensorFlow: heap OOB read/write enables network RCE | tensorflow | 8.8 |
| MEDIUM | CVE-2022-23575 | TensorFlow: integer overflow in cost estimator → DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23576 | TensorFlow: integer overflow in cost estimator causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23577 | TensorFlow: null pointer deref crashes model loader | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23578 | TensorFlow: memory leak via invalid graph node | tensorflow | 4.3 |
| MEDIUM | CVE-2022-23580 | TensorFlow: uncontrolled allocation DoS in shape inference | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23581 | TensorFlow: DoS via Grappler optimizer CHECK failure | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23582 | TensorFlow: SavedModel CHECK-fail causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23583 | TensorFlow: SavedModel type confusion triggers DoS crash | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23584 | TensorFlow: use-after-free in PNG decode causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-23585 | TensorFlow: memory leak in PNG decode causes DoS | tensorflow | 6.5 |
| CRITICAL | CVE-2022-23587 | TensorFlow: integer overflow in Grappler enables RCE | tensorflow | 9.8 |
| MEDIUM | CVE-2022-23588 | TensorFlow: DoS via crafted SavedModel crashes Grappler | tensorflow | 6.5 |
| HIGH | CVE-2022-23590 | TensorFlow: DoS via malicious SavedModel GraphDef | tensorflow | 7.5 |
| HIGH | CVE-2022-23592 | TensorFlow: heap OOB read in type inference engine | tensorflow | 8.1 |
| HIGH | CVE-2022-23593 | TensorFlow MLIR-TFRT: DoS via scalar shape segfault | tensorflow | 7.5 |
| MEDIUM | CVE-2022-23595 | TensorFlow XLA: null pointer dereference causes DoS | tensorflow | 6.5 |
| MEDIUM | CVE-2022-29194 | TensorFlow: DoS via malformed DeleteSessionTensor input | tensorflow | 5.5 |
| MEDIUM | CVE-2022-29195 | TensorFlow: StagePeek DoS via unvalidated index scalar | tensorflow | 5.5 |