11 matches found
📄 Google Keras 3.13.0 Denial of Service
A denial of service vulnerability exists in the HDF5 weight loading component of Google Keras versions 3.0.0 through 3.13.0 on all platforms. The vulnerability is caused by the absence of any validation or throttling when processing HDF5 dataset shape metadata declared inside a .keras archive...
GHSA-3M4Q-JMJ6-R34Q Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading
Summary TensorFlow / Keras continues to honor HDF5 “external storage” and ExternalLink features when loading weights. A malicious .weights.h5 or a .keras archive embedding such weights can direct loadweights to read from an arbitrary readable filesystem path. The bytes pulled from that path...
Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading
Summary TensorFlow / Keras continues to honor HDF5 “external storage” and ExternalLink features when loading weights. A malicious .weights.h5 or a .keras archive embedding such weights can direct loadweights to read from an arbitrary readable filesystem path. The bytes pulled from that path...
GHSA-XFHX-R7WW-5995 Duplicate Advisory: Google Keras Allocates Resources Without Limits or Throttling in the HDF5 weight loading component
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-mgx6-5cf9-rr43. This link is maintained to preserve external references. Original Description Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 throu...
CVE-2026-0897
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...
CVE-2026-0897
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...
PYSEC-2026-73
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...
PYSEC-2026-73
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading componentin GoogleKeras3.0.0 through 3.13.0on all platformsallows a remote attackerto cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpretervia a crafted .keras archive containin...
AZL-74631 CVE-2026-0897 affecting package keras for versions less than 3.3.3-6
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...
CVE-2026-0897
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service DoS through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive...
Keras security vulnerabilities
Keras is an open-source deep learning framework with multiple backends. Versions 3.0.0 to 3.13.0 of Keras contain security vulnerabilities. These vulnerabilities stem from the HDF5 weight loading component, which allows unlimited or throttled resource allocation. This could allow remote attackers...