2 matches found
CVE-2026-12480
Keras versions up to and including 3.13.2 are vulnerable to an arbitrary HDF5 file read due to an incomplete fix for CVE-2026-1669. The vulnerability resides in the H5IOStore.verifydataset and fileeditor.py methods, which fail to check the dataset.isvirtual property of HDF5 datasets. This allows ...
AZL-58368 CVE-2025-2153 affecting package hdf5 for versions less than 1.14.6-1
A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SMdelete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is...