Hugging Face's logo

Rodion111
/
tf-jpeg-dos-poc

security
vulnerability
dos
tensorflow
cwe-770
Model card Files
xet
 Community

TensorFlow JPEG Decoder DoS β€” Proof of Concept

CVE: Pending
Severity: High (CVSS 7.5) β€” CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-770: Allocation of Resources Without Limits or Throttling
Affected: tensorflow β€” DecodeJpegV2 in decode_image_op.cc

Summary

A ~200-byte crafted JPEG file triggers a ~10.8 GB unbounded memory allocation in TensorFlow's DecodeJpegV2 kernel. All other decoders in the same file (BMP, PNG, WebP) have hard limits β€” JPEG does not.

Files

  • poc_exploit.py β€” generates malicious JPEG and triggers OOM
  • vulnerability_report.md β€” full technical report

Quick Reproduction 

pip install tensorflow
python3 poc_exploit.py

Researcher

Rodion Khoroshev (Rodion111)
Reported: 2026-04-09

Downloads last month

-

Downloads are not tracked for this model. How to track
Inference Providers NEW
This model isn't deployed by any Inference Provider. πŸ™‹ Ask for provider support