PT-2025-19869 · Unknown · Tensorflow
Ori Hollander
·
Published
2025-05-06
·
Updated
2025-05-07
·
CVE-2025-0649
CVSS v4.0
8.9
High
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H |
Name of the Vulnerable Software and Affected Versions
Tensorflow serving versions up to 2.18.0
Description
The issue is related to incorrect JSON input stringification in Tensorflow serving, which allows for potentially unbounded recursion. This can lead to a server crash.
Recommendations
For versions up to 2.18.0, update to a version later than 2.18.0 to resolve the issue.
Fix
Memory Corruption
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Tensorflow