AI Threat Alert

Google

432 AI/ML vulnerabilities tracked for Google.

432

Total CVEs

22

Pages

Page 10 of 22

Current

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2021-37666	TensorFlow: null-ptr deref in RaggedTensorToVariant op	tensorflow	7.8
HIGH	CVE-2021-37667	TensorFlow: UnicodeEncode null deref, local code exec	tensorflow	7.8
HIGH	CVE-2021-37671	TensorFlow: null-ptr deref in Map ops, local C/I/A:High	tensorflow	7.8
MEDIUM	CVE-2021-37675	TensorFlow: DoS via division by zero in conv ops	tensorflow	5.5
HIGH	CVE-2021-37676	TensorFlow: null ptr deref in SparseFillEmptyRows op	tensorflow	7.8
MEDIUM	CVE-2021-37680	TFLite: division by zero crashes fully connected layers	tensorflow	5.5
HIGH	CVE-2021-37681	TensorFlow Lite: null ptr deref crashes SVDF inference	tensorflow	7.8
MEDIUM	CVE-2021-37686	TFLite: infinite loop DoS via crafted strided slice model	tensorflow	5.5
MEDIUM	CVE-2021-37688	TensorFlow Lite: DoS via crafted TFLite model file	tensorflow	5.5
MEDIUM	CVE-2021-37689	TensorFlow Lite: MLIR null ptr deref crashes inference	tensorflow	5.5
HIGH	CVE-2021-37663	TensorFlow: QuantizeV2 heap OOB/null-deref in quantization	tensorflow	7.8
HIGH	CVE-2021-37665	TensorFlow MKL: null-ptr/heap-OOB in requantization ops	tensorflow	7.8
MEDIUM	CVE-2021-37668	TensorFlow: DoS via div-by-zero in UnravelIndex op	tensorflow	5.5
MEDIUM	CVE-2021-37669	TensorFlow: integer conversion DoS in NonMaxSuppression ops	tensorflow	5.5
MEDIUM	CVE-2021-37670	TensorFlow: heap OOB read in sorting ops	tensorflow	5.5
MEDIUM	CVE-2021-37672	TensorFlow: heap OOB read in SdcaOptimizerV2	tensorflow	5.5
MEDIUM	CVE-2021-37673	TensorFlow: MapStage CHECK-fail causes process DoS	tensorflow	5.5
MEDIUM	CVE-2021-37674	TensorFlow: DoS via MaxPoolGrad invalid tensor input	tensorflow	5.5
MEDIUM	CVE-2021-37677	TensorFlow: DoS via invalid Dequantize axis argument	tensorflow	5.5
HIGH	CVE-2021-37678	TensorFlow/Keras: RCE via YAML model deserialization	tensorflow	8.8

Page 10 of 22