Linux Distros Unpatched Vulnerability : CVE-2025-0649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

DEBIAN-CVE-2025-0649

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

CVE-2025-0649

CVE-2025-0649 affects Google’s TensorFlow Serving up to version 2.18.0, where an incorrect JSON input stringification can lead to potentially unbounded recursion and a server crash. Root cause: improper handling of JSON inputs in the serving component. Impact: high availability risk (server crash...

CVE-2025-0649 Stack Exhaustion In Tensorflow Serving

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

CVE-2025-0649

Removed by vendor...

CVE-2025-0649 Stack Exhaustion In Tensorflow Serving

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

PT-2025-19869 · Unknown · Tensorflow

Name of the Vulnerable Software and Affected Versions: Tensorflow serving versions up to 2.18.0 Description: The issue is related to incorrect JSON input stringification in Tensorflow serving, which allows for potentially unbounded recursion. This can lead to a server crash. Recommendations: For...

TensorFlow Serving 安全漏洞

TensorFlow Serving is a flexible, high-performance machine learning model serving system open-sourced by TensorFlow. A security vulnerability exists in TensorFlow Serving version 2.18.0 and earlier, which stems from improper stringing of JSON inputs and could lead to infinite recursion and server...

BIT-TENSORFLOW-2020-15206 Denial of Service in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...

CVE-2023-46136 vulnerabilities

Vulnerabilities for packages: airflow-core, py3-tensorflow-serving-api, kubeflow-volumes-web-app, kubeflow-pipelines-visualization-server, kubeflow-jupyter-web-app, py3-werkzeug...

GHSA-HRFV-MQP8-Q5RW vulnerabilities

Vulnerabilities for packages: airflow-core, py3-tensorflow-serving-api, kubeflow-volumes-web-app, kubeflow-pipelines-visualization-server, kubeflow-jupyter-web-app, py3-werkzeug...

GHSA-G4MX-Q9VG-27P4 vulnerabilities

Vulnerabilities for packages: jwt-tool, az, kubeflow-jupyter-web-app, kubeflow-katib, py3-cassandra-medusa, py3-tensorflow-serving-api, py3-pipenv, kubeflow-volumes-web-app...

GHSA-G4MX-Q9VG-27P4 vulnerabilities

Vulnerabilities for packages: py3.13-scanner-test-libraries, k8s-sidecar, py3-tensorflow-serving-api, kubeflow-katib, py3.11-torchaudio-cuda-12.3, py3.11-pytorch-cuda-12.3, py3.11-torchvision-cuda-12.3, py3-pipenv, kubeflow-volumes-web-app, jwt-tool, nvidia-nsight-compute-13.1,...

CVE-2023-45803 vulnerabilities

Vulnerabilities for packages: jwt-tool, az, kubeflow-jupyter-web-app, kubeflow-katib, py3-cassandra-medusa, py3-tensorflow-serving-api, py3-pipenv, kubeflow-volumes-web-app...

CVE-2023-45803 vulnerabilities

Vulnerabilities for packages: py3.13-scanner-test-libraries, k8s-sidecar, py3-tensorflow-serving-api, kubeflow-katib, py3.11-torchaudio-cuda-12.3, py3.11-pytorch-cuda-12.3, py3.11-torchvision-cuda-12.3, py3-pipenv, kubeflow-volumes-web-app, jwt-tool, nvidia-nsight-compute-13.1,...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29514 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29514 Source advisory: OSV:PYSEC-2021-640...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29533 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29533 Source advisory: OSV:PYSEC-2021-659...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29534 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29534 Source advisory: OSV:PYSEC-2021-660...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29535 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29535 Source advisory: OSV:PYSEC-2021-661...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29536 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29536 Source advisory: OSV:PYSEC-2021-662...