12 matches found
CVE-2026-42027
A flaw was found in Apache OpenNLP. An attacker, by providing a specially crafted model archive, can exploit a vulnerability in the ExtensionLoader component. This allows the attacker to force the system to load and initialize any class present on the classpath, executing its static initializer...
Unsafe Reflection
Overview org.apache.opennlp:opennlp-tools is an is a machine learning based toolkit for the processing of natural language text. Affected versions of this package are vulnerable to Unsafe Reflection that leads to arbitrary class instantiation, via the instantiateExtension method in the...
Security Bulletin: Multiple Vulnerabilities affect IBM Watson Studio in Cloud Pak for Data.
Summary Multiple vulnerabilities have been addressed in IBM Watson Studio in Cloud Pak for Data version 5.2.2 Vulnerability Details CVEID:CVE-2024-3568 DESCRIPTION: The huggingface/transformers library is vulnerable to arbitrary code execution through deserialization of untrusted data within the...
AZL-67508 CVE-2025-9906 affecting package keras for versions less than 3.3.3-4
The Keras Model.loadmodel method can be exploited to achieve arbitrary code execution, even with safemode=True. One can create a specially crafted .keras model archive that, when loaded via Model.loadmodel, will trigger arbitrary code to be executed. This is achieved by crafting a special...
Improper Control of Dynamically-Managed Code Resources
Overview keras is a Keras is a high-level neural networks API for Python.. Affected versions of this package are vulnerable to Improper Control of Dynamically-Managed Code Resources via the Model.loadmodel method. An attacker can execute arbitrary code by providing a specially crafted .h5 or .hdf...
Keras 安全漏洞
Keras is a multi-backend deep learning framework open-sourced by Keras. A security vulnerability exists in Keras that stems from a specially crafted .keras model archive that could trigger arbitrary code execution...
Zip Flag Bit Exploit Crashes Picklescan But Not PyTorch
Summary PickleScan fails to detect malicious pickle files inside PyTorch model archives when certain ZIP file flag bits are modified. By flipping specific bits in the ZIP file headers, an attacker can embed malicious pickle files that remain undetected by PickleScan while still being successfully...
PT-2025-32526 · Keras +1 · Keras +1
Name of the Vulnerable Software and Affected Versions: Keras versions 3.0.0 through 3.10.0 Description: A safe mode bypass vulnerability exists in the Model.load model method. This allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model...
CVE-2021-42556
Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file...
CVE-2021-42556
Rasa X before 0.42.4 allows Directory Traversal during archive extraction. In the functionality that allows a user to load a trained model archive, an attacker has arbitrary write capability within specific directories via a crafted archive file...
GHSA-4365-FHM5-QCRX Maliciously Crafted Model Archive Can Lead To Arbitrary File Write
Impact An Archive Extraction Zip Slip vulnerability in the functionality that allows a user to load a trained model archive in Rasa 2.8.9 and older allows an attacker arbitrary write capability within specific directories using a malicious crafted archive file. Patches The vulnerability is fixed ...
CVE-2021-41127 Maliciously Crafted Model Archive Can Lead To Arbitrary File Write in rasa
Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model tar.gz file which allows a malicious actor to craft a model.tar.gz file which can overwrite or replace bot...