A arbitrary code injection vulnerability in TensorFlowβs Keras framework (<2.13) allows attackers to execute arbitrary code with the same permissions as the application using a model that allow arbitrary code irrespective of the application.
[
{
"vendor": "tensorflow",
"product": "keras",
"versions": [
{
"status": "affected",
"version": "*",
"lessThan": "2.13",
"versionType": "custom"
}
]
}
]