Path traversal via startswith() prefix confusion in is_path_in_dir (bypass of CVE-2025-12638 fix)

Description The ispathindir function in keras/src/utils/fileutils.py line 47-48 is a security-critical path validation function introduced as part of the fix for CVE-2025-12638. It is used by both filtersafezipinfos and filtersafetarinfos to validate that archive entries stay within the intended...

CVE-2025-12638

creationtimestamp| type| source ---|---|--- 2025-11-28 17:28:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m6pfuqrnmz2b...

CVE-2025-12638

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.getfile function when extracting tar archives. The vulnerability arises because the function uses Python's tarfile.extractall method without the security-critical filter='data' parameter. Although Keras attempts...

DEBIAN-CVE-2025-12638

Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.getfile function when extracting tar archives. The vulnerability arises because the function uses Python's tarfile.extractall method without the security-critical filter='data' parameter. Although Keras attempts...

adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +14 more potentially affected by CVE-2025-12638 via keras (>=3.0.0 <=3.11.3)

keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.10.0 and more Source cves: CVE-2025-12638 Source advisory: SNYK:PYTHON-KERAS-14152002...

CVE-2025-12638

Keras 3.11.3 is affected by a path traversal in keras.utils.get_file() via tar archive extraction. The root cause is tarfile.extractall() used without filter="data"; though filter_safe_paths() is applied, a PATH_MAX symlink resolution bug during extraction can cause symlinks to be treated as lite...

CVE-2024-12638

The Bulk Me Now! WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2020-12638

An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266NONOSSDK devices through 3.0.3, and ESP8266RTOSSDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encrypti...

CVE-2024-12638

The Bulk Me Now! WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-12638

creationtimestamp| type| source ---|---|--- 2025-01-30 06:09:17+00:00| seen| https://infosec.exchange/users/cve/statuses/113915812708813731 2025-01-30 06:15:55+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgwthxe6le2p 2025-01-30 07:11:24+00:00| seen|...

CVE-2024-12638 Bulk Me Now <= 2.0 - Reflected XSS

The Bulk Me Now! WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-12638 Bulk Me Now <= 2.0 - Reflected XSS

The Bulk Me Now! WordPress plugin through 2.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2019-12638

creationtimestamp| type| source ---|---|--- 2024-01-15 16:11:22+00:00| seen| https://t.me/ctinow/168429...

CVE-2020-12638

creationtimestamp| type| source ---|---|--- 2020-07-23 20:55:19+00:00| seen| https://t.me/cibsecurity/13626...

CVE-2020-12638

The CVE affects Espressif IoT SDKs: ESP-IDF up to 4.2, ESP8266_NONOS_SDK up to 3.0.3, and ESP8266_RTOS_SDK up to 3.3. A forged-beacon-frame exploit forces a device to switch its authentication mode to OPEN, effectively disabling 802.11 encryption. The underlying issue is an encryption bypass trig...

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability (cisco-sa-20191016-ise-store-xss)

A cross-site scripting XSS vulnerability exists in the web-based management interface of Cisco Identity Services Engine ISE due to improper validation of user-supplied input before returning it to users. An authenticated, remote attacker can exploit this, persuading a user of the interface to cli...

CVE-2019-12638

CVE-2019-12638 affects Cisco Identity Services Engine (ISE) stores XSS in the web-based management interface due to insufficient input validation. The issue allows an authenticated, remote attacker to coerce a user into clicking a crafted link, resulting in execution of arbitrary script code in t...

CVE-2019-12638 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web-based management interface. The vulnerability is due to insufficient validation of...

CVE-2018-12638

creationtimestamp| type| source ---|---|--- 2019-03-21 19:26:45+00:00| seen| https://t.me/cibsecurity/3266...

CVE-2018-12638

An issue was discovered in the Bose Soundtouch app 18.1.4 for iOS. There is no frontend input validation of the device name. A malicious device name can execute JavaScript on the registered Bose User Account if a speaker has been connected to the app...