Lucene search
K

6 matches found

OSV
OSV
added 2025/11/14 12:39 p.m.5 views

OESA-2025-2690 python-Keras security update

Keras is a high-level neural networks API for Python. Security Fixes: The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF. This vulnerability stems from th...

5.9CVSS6.5AI score0.00239EPSS
Exploits0References2
OSV
OSV
added 2025/11/14 12:39 p.m.5 views

OESA-2025-2691 python-Keras security update

Keras is a high-level neural networks API for Python. Security Fixes: The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF. This vulnerability stems from th...

5.9CVSS7.3AI score0.00239EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/29 6:25 p.m.1 views

CVE-2025-12058

The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF. This vulnerability stems from the way the StringLookup layer is handled during model loading from a...

5.9CVSS6.1AI score0.00239EPSS
Exploits0References5
vulnersOsv
vulnersOsv
added 2025/10/29 9:44 a.m.5 views

adpred (=1.3.2), bacpipe (>=1.2.0 <=1.3.2.dev0) +14 more potentially affected by CVE-2025-12058 via keras (>=3.0.0 <=3.11.3)

keras PYPI version =3.0.0, =1.2.0, =0.1.0, =0.0.4, =0.4.7, =1.0.3, =0.0.28, =0.2.0, =2.4.0, =0.1.0, =0.1.1, =1.1.0, =1.10.0 and more Source cves: CVE-2025-12058 Source advisory: SNYK:PYTHON-KERAS-13743411...

5.9CVSS7.3AI score0.00239EPSS
Exploits0
OSV
OSV
added 2025/10/29 9:15 a.m.1 views

DEBIAN-CVE-2025-12058

The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF. This vulnerability stems from the way the StringLookup layer is handled during model loading from a...

5.9CVSS7.8AI score0.00239EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/29 8:48 a.m.312 views

CVE-2025-12058 Vulnerability in Keras Model.load_model Leading to Arbitrary Local File Loading and SSRF

The Keras.Model.loadmodel method, including when executed with the intended security mitigation safemode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery SSRF. This vulnerability stems from the way the StringLookup layer is handled during model loading from a...

5.9CVSS0.00239EPSS
Exploits0References2
Rows per page
Query Builder