CVE-2025-0649
EUVD-2025-1364206.05.2025, 21:16
Incorrect JSON input stringification in Google's Tensorflow serving versions up to 2.18.0 allows for potentially unbounded recursion leading to server crash.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| tensorflow_serving | 𝑥 ≤ 2.18.0 |
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
| Vendor | Product | Version | Source |
|---|---|---|---|
| tensorflow | 𝑥 ≤ 2.18.0 | CNA |
Common Weakness Enumeration
- CWE-121 - Stack-based Buffer OverflowA stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
- CWE-787 - Out-of-bounds WriteThe software writes data past the end, or before the beginning, of the intended buffer.