AI Threat Alert

Google

432 AI/ML vulnerabilities tracked for Google.

432

Total CVEs

22

Pages

Page 8 of 22

Current

Severity	CVE	Headline	Package	CVSS
HIGH	CVE-2021-29610	TensorFlow: heap R/W via quantization axis underflow	tensorflow	7.8
MEDIUM	CVE-2021-29611	TensorFlow: DoS via SparseReshape invalid tensor input	tensorflow	5.5
HIGH	CVE-2021-29612	TensorFlow: heap overflow in linalg op, RCE risk	tensorflow	7.8
HIGH	CVE-2021-29613	TensorFlow: CTCLoss heap OOB read, info leak + crash	tensorflow	7.1
HIGH	CVE-2021-29614	TensorFlow: OOB write in decode_raw crashes interpreter	tensorflow	7.8
MEDIUM	CVE-2021-29615	TensorFlow: uncontrolled recursion DoS in ParseAttrValue	tensorflow	5.5
HIGH	CVE-2021-29616	TensorFlow: null ptr deref in graph optimizer	tensorflow	7.8
MEDIUM	CVE-2021-29617	TensorFlow: DoS via CHECK-fail in strings.substr	tensorflow	5.5
MEDIUM	CVE-2021-29618	TensorFlow: DoS crash via tf.transpose complex+conjugate	tensorflow	5.5
MEDIUM	CVE-2021-29619	TensorFlow: DoS via invalid SparseCount op args	tensorflow	5.5
CRITICAL	CVE-2021-35958	TensorFlow: path traversal in get_file allows file overwrite	tensorflow	9.1
MEDIUM	CVE-2021-37636	TensorFlow: div-by-zero DoS in SparseDenseCwiseDiv op	tensorflow	5.5
MEDIUM	CVE-2021-37640	TensorFlow: SparseReshape div-by-zero crashes ML pipelines	tensorflow	5.5
MEDIUM	CVE-2021-37642	TensorFlow: ResourceScatterDiv div-by-zero enables DoS	tensorflow	5.5
MEDIUM	CVE-2021-37653	TensorFlow: DoS via divide-by-zero in ResourceGather op	tensorflow	5.5
MEDIUM	CVE-2021-37660	TensorFlow: DoS via divide-by-zero in inplace ops	tensorflow	5.5
MEDIUM	CVE-2021-37637	TensorFlow: null ptr dereference in CompressElement (DoS)	tensorflow	5.5
HIGH	CVE-2021-37638	TensorFlow: null ptr deref in RaggedTensorToTensor op	tensorflow	7.8
HIGH	CVE-2021-37639	TensorFlow: heap OOB read via tensor restore API	tensorflow	7.8
HIGH	CVE-2021-37643	TensorFlow: null deref in MatrixDiagPartOp, DoS risk	tensorflow	7.1

Page 8 of 22