AI Threat Alert

Google

432 AI/ML vulnerabilities tracked for Google.

432

Total CVEs

22

Pages

Page 17 of 22

Current

Severity	CVE	Headline	Package	CVSS
MEDIUM	CVE-2022-29212	TensorFlow Lite: quantization assert crash (DoS)	tensorflow	5.5
MEDIUM	CVE-2022-29213	TensorFlow: input validation DoS in FFT signal ops	tensorflow	5.5
HIGH	CVE-2022-29216	TensorFlow CLI: eval() injection enables reverse shell	tensorflow	7.8
HIGH	CVE-2022-35934	TensorFlow: tf.reshape DoS via integer overflow	tensorflow	7.5
HIGH	CVE-2022-35935	TensorFlow: DoS via SobolSample CHECK-failure	tensorflow	7.5
CRITICAL	CVE-2022-35937	TensorFlow: GatherNd OOB read crashes inference servers	tensorflow	9.1
CRITICAL	CVE-2022-35938	TensorFlow: OOB read in GatherNd causes crash/data leak	tensorflow	9.1
CRITICAL	CVE-2022-35939	TensorFlow: ScatterNd OOB write enables RCE/crash	tensorflow	9.8
HIGH	CVE-2022-35940	TensorFlow: integer overflow in RaggedRangeOp crashes service	tensorflow	7.5
HIGH	CVE-2022-35941	TensorFlow: DoS via negative ksize in AvgPoolOp	tensorflow	7.5
HIGH	CVE-2022-35952	TensorFlow: DoS via UnbatchGradOp assertion crash	tensorflow	7.5
HIGH	CVE-2022-35959	TensorFlow: DoS via AvgPool3DGradOp input overflow	tensorflow	7.5
HIGH	CVE-2022-35960	TensorFlow: DoS via malformed TensorListReserve input	tensorflow	7.5
HIGH	CVE-2022-35963	TensorFlow: DoS via FractionalAvgPoolGrad overflow	tensorflow	7.5
HIGH	CVE-2022-35964	TensorFlow: remote DoS via BlockLSTMGradV2 validation	tensorflow	7.5
HIGH	CVE-2022-35965	TensorFlow: NULL deref DoS via empty tensor input	tensorflow	7.5
HIGH	CVE-2022-35966	TensorFlow: DoS via QuantizedAvgPool input validation	tensorflow	7.5
HIGH	CVE-2022-35967	TensorFlow: DoS via QuantizedAdd tensor rank flaw	tensorflow	7.5
HIGH	CVE-2022-35968	TensorFlow: DoS via AvgPoolGrad shape validation failure	tensorflow	7.5
HIGH	CVE-2022-35969	TensorFlow: DoS via malformed Conv2DBackpropInput	tensorflow	7.5

Page 17 of 22