AI Threat Alert

Google

432 AI/ML vulnerabilities tracked for Google.

432

Total CVEs

22

Pages

Page 21 of 22

Current

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2022-41901	TensorFlow: DoS via SparseMatrixNNZ CHECK assertion fail	tensorflow	7.5
HIGH	CVE-2022-41907	TensorFlow: integer overflow in ResizeNearestNeighborGrad → DoS	tensorflow	7.5
HIGH	CVE-2022-41908	TensorFlow: DoS via invalid UTF-8 input to PyFunc op	tensorflow	7.5
HIGH	CVE-2022-41909	TensorFlow: remote DoS via malformed tensor input	tensorflow	7.5
HIGH	CVE-2022-41911	TensorFlow: type confusion DoS via bool cast in tensors	tensorflow	7.5
CRITICAL	CVE-2022-41902	TensorFlow Grappler: OOB read/crash via crafted model	tensorflow	9.1
CRITICAL	CVE-2022-41910	TensorFlow Grappler: OOB read crashes or leaks memory	tensorflow	9.1
HIGH	CVE-2023-25658	TensorFlow: OOB read in GRUBlockCellGrad causes DoS	tensorflow	7.5
HIGH	CVE-2023-25659	TensorFlow: OOB read in DynamicStitch enables DoS	tensorflow	7.5
HIGH	CVE-2023-25660	TensorFlow: null ptr deref in Print op allows remote DoS	tensorflow	7.5
HIGH	CVE-2023-25662	TensorFlow: integer overflow in EditDistance causes DoS	tensorflow	7.5
HIGH	CVE-2023-25663	TensorFlow: null ptr deref crashes inference serving	tensorflow	7.5
CRITICAL	CVE-2023-25664	TensorFlow: heap overflow in AvgPoolGrad, RCE risk	tensorflow	9.8
HIGH	CVE-2023-25665	TensorFlow: null ptr deref DoS via sparse tensors	tensorflow	7.5
HIGH	CVE-2023-25666	TensorFlow: FPE in AudioSpectrogram causes DoS	tensorflow	7.5
HIGH	CVE-2023-25667	TensorFlow: integer overflow DoS in video frame decoding	tensorflow	7.5
CRITICAL	CVE-2023-25668	TensorFlow: unauthenticated RCE via heap buffer overflow	tensorflow	9.8
HIGH	CVE-2023-25669	TensorFlow: DoS via AvgPoolGrad invalid stride params	tensorflow	7.5
HIGH	CVE-2023-25670	TensorFlow: null ptr DoS in quantized MKL MatMul	tensorflow	7.5
HIGH	CVE-2023-25671	TensorFlow: OOB write DoS via integer type mismatch	tensorflow	7.5

Page 21 of 22