17 matches found
EUVD-2026-2735
Keras vulnerable to DoS via Malicious .keras Model HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor...
EUVD-2025-36634
Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery...
EUVD-2025-30281
Malicious code in bioql PyPI...
EUVD-2025-24127
Malicious code in bioql PyPI...
GHSA-36FQ-JGMW-4R9C Keras is vulnerable to Deserialization of Untrusted Data
Arbitrary Code Execution in Keras Keras versions prior to 3.11.0 allow for arbitrary code execution when loading a crafted .keras model archive, even when safemode=True. The issue arises because the archive’s config.json is parsed before layer deserialization. This can invoke...
Linux Distros Unpatched Vulnerability : CVE-2025-8747
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by...
GHSA-PWQ7-2GVJ-VG9V Duplicate Advisory: Keras safe mode bypass vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-c9rc-mg46-23w3. This link is maintained to preserve external references. Original Description A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an...
Duplicate Advisory: Keras safe mode bypass vulnerability
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-c9rc-mg46-23w3. This link is maintained to preserve external references. Original Description A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an...
CVE-2025-8747
A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive...
PYSEC-2025-75
A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive...
CVE-2025-8747
A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive...
AZL-66171 CVE-2025-8747 affecting package keras for versions less than 3.3.3-3
A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive...
UBUNTU-CVE-2025-8747
A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive...
CVE-2025-8747 Keras safe_mode bypass allows arbitrary code execution when loading a malicious model.
A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive...
CVE-2025-8747
CVE-2025-8747 corresponds to a safe-mode bypass in Keras Model.load_model, allowing arbitrary code execution by loading a crafted .keras archive. Connected IBM bulletins confirm the vulnerability affects Keras 3.0.0–3.10.0 and describe a bypass via manipulated config.json or inner Lambda mechanis...
CVE-2025-8747 Keras safe_mode bypass allows arbitrary code execution when loading a malicious model.
A safe mode bypass vulnerability in the Model.loadmodel method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive...
Keras 代码注入漏洞
Keras is a multi-backend deep learning framework open-sourced by Keras. Keras suffers from a code injection vulnerability that stems from allowing execution of arbitrary code via a manually constructed malicious keras archive, even in safe mode...