Linux Distros Unpatched Vulnerability : CVE-2025-0649

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

DEBIAN-CVE-2025-0649

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

CVE-2025-0649 Stack Exhaustion In Tensorflow Serving

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

CVE-2025-0649

CVE-2025-0649 affects Google’s TensorFlow Serving up to version 2.18.0, where an incorrect JSON input stringification can lead to potentially unbounded recursion and a server crash. Root cause: improper handling of JSON inputs in the serving component. Impact: high availability risk (server crash...

CVE-2025-0649

Removed by vendor...

CVE-2025-0649 Stack Exhaustion In Tensorflow Serving

Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash...

PT-2025-19869 · Unknown · Tensorflow

Name of the Vulnerable Software and Affected Versions: Tensorflow serving versions up to 2.18.0 Description: The issue is related to incorrect JSON input stringification in Tensorflow serving, which allows for potentially unbounded recursion. This can lead to a server crash. Recommendations: For...

TensorFlow Serving 安全漏洞

TensorFlow Serving is a flexible, high-performance machine learning model serving system open-sourced by TensorFlow. A security vulnerability exists in TensorFlow Serving version 2.18.0 and earlier, which stems from improper stringing of JSON inputs and could lead to infinite recursion and server...

BIT-TENSORFLOW-2020-15206 Denial of Service in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's SavedModel protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. This can cause a denial of service in products using tensorflow-servin...

CVE-2023-46136 vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, airflow-core, py3-tensorflow-serving-api, kubeflow-jupyter-web-app, py3-werkzeug, kubeflow-pipelines-visualization-server...

GHSA-HRFV-MQP8-Q5RW vulnerabilities

Vulnerabilities for packages: kubeflow-volumes-web-app, airflow-core, py3-tensorflow-serving-api, kubeflow-jupyter-web-app, py3-werkzeug, kubeflow-pipelines-visualization-server...

GHSA-G4MX-Q9VG-27P4 vulnerabilities

Vulnerabilities for packages: py3-pipenv, py3-cassandra-medusa, py3-tensorflow-serving-api, az, kubeflow-jupyter-web-app, kubeflow-volumes-web-app, jwt-tool, kubeflow-katib...

GHSA-G4MX-Q9VG-27P4 vulnerabilities

Vulnerabilities for packages: py3-pipenv, kubeflow-volumes-web-app, kubeflow-katib, k8s-sidecar, py3-tensorflow-serving-api, py3.11-torchvision-cuda-11.8, py3.11-torchaudio-cuda-12.3, py3-cassandra-medusa, request-1276, py3.11-torchvision-cuda-12.3, kubeflow-jupyter-web-app, jwt-tool, az,...

CVE-2023-45803 vulnerabilities

Vulnerabilities for packages: py3-pipenv, kubeflow-volumes-web-app, kubeflow-katib, k8s-sidecar, py3-tensorflow-serving-api, py3.11-torchvision-cuda-11.8, py3.11-torchaudio-cuda-12.3, py3-cassandra-medusa, request-1276, py3.11-torchvision-cuda-12.3, kubeflow-jupyter-web-app, jwt-tool, az,...

CVE-2023-45803 vulnerabilities

Vulnerabilities for packages: py3-pipenv, py3-cassandra-medusa, py3-tensorflow-serving-api, az, kubeflow-jupyter-web-app, kubeflow-volumes-web-app, jwt-tool, kubeflow-katib...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29587 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29587 Source advisory: OSV:PYSEC-2021-713...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29563 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29563 Source advisory: OSV:PYSEC-2021-689...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29550 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29550 Source advisory: OSV:PYSEC-2021-676...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29549 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29549 Source advisory: OSV:PYSEC-2021-675...

d3m-simon (=1.2.5), deep-floorplan (=0.0.0) +2 more potentially affected by CVE-2021-29546 via tensorflow-gpu (>=2.2.0 <=2.3.0)

tensorflow-gpu PYPI version =2.2.0, =1.3.0, =2.2.0, =2.2.0rc2 Source cves: CVE-2021-29546 Source advisory: OSV:PYSEC-2021-672...