GHSA-48G7-3X6R-XFHP Arbitrary Code Execution via Crafted Keras Config for Model Loading
Impact The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their...