Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/keras@1.0.8
Typepypi
Namespace
Namekeras
Version1.0.8
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version3.13.2
Latest_non_vulnerable_version3.13.2
Affected_by_vulnerabilities
0
url VCID-1wr2-9bym-kke5
vulnerability_id VCID-1wr2-9bym-kke5
summary 
Keras Directory Traversal Vulnerability
Keras's `keras.utils.get_file()` function is vulnerable to directory traversal attacks despite implementing `filter_safe_paths()`. The vulnerability exists because `extract_archive()` uses Python's `tarfile.extractall()` method without the security-critical `filter="data"` parameter. A PATH_MAX symlink resolution bug occurs before path filtering, allowing malicious tar archives to bypass security checks and write files outside the intended extraction directory.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12060.json
reference_id
reference_type
scores
0
value 8.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12060.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-12060
reference_id
reference_type
scores
0
value 0.00105
scoring_system epss
scoring_elements 0.28003
published_at 2026-06-08T12:55:00Z
1
value 0.00105
scoring_system epss
scoring_elements 0.28132
published_at 2026-06-05T12:55:00Z
2
value 0.00105
scoring_system epss
scoring_elements 0.28083
published_at 2026-06-06T12:55:00Z
3
value 0.00105
scoring_system epss
scoring_elements 0.28046
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-12060
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12060
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12060
3
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras
4
reference_url https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951
5
reference_url https://github.com/keras-team/keras/pull/21760
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-01T03:55:52Z/
url https://github.com/keras-team/keras/pull/21760
6
reference_url https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2407443
reference_id 2407443
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2407443
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-12060
reference_id CVE-2025-12060
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-12060
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-12638
reference_id CVE-2025-12638
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-12638
10
reference_url https://github.com/advisories/GHSA-hjqc-jx6g-rwp9
reference_id GHSA-hjqc-jx6g-rwp9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hjqc-jx6g-rwp9
11
reference_url https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9
reference_id GHSA-hjqc-jx6g-rwp9
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-01T03:55:52Z/
url https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9
12
reference_url https://access.redhat.com/errata/RHSA-2025:22759
reference_id RHSA-2025:22759
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:22759
13
reference_url https://access.redhat.com/errata/RHSA-2025:23531
reference_id RHSA-2025:23531
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23531
14
reference_url https://access.redhat.com/errata/RHSA-2026:5807
reference_id RHSA-2026:5807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5807
fixed_packages
0
url pkg:pypi/keras@3.12.0
purl pkg:pypi/keras@3.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xj9-1kng-8ua4
1
vulnerability VCID-aw3f-8xuy-d3gw
2
vulnerability VCID-ptyp-n4df-aqf1
3
vulnerability VCID-zsjb-zbnj-z3d8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@3.12.0
aliases CVE-2025-12060, GHSA-hjqc-jx6g-rwp9
risk_score 4.4
exploitability 0.5
weighted_severity 8.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1wr2-9bym-kke5
1
url VCID-3sjs-86sn-fbe2
vulnerability_id VCID-3sjs-86sn-fbe2
summary 
Keras code injection vulnerability
A arbitrary code injection vulnerability in TensorFlow's Keras framework (<2.13) allows attackers to execute arbitrary code with the same permissions as the application using a model that allow arbitrary code irrespective of the application.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-3660
reference_id
reference_type
scores
0
value 0.0037
scoring_system epss
scoring_elements 0.59211
published_at 2026-06-06T12:55:00Z
1
value 0.0037
scoring_system epss
scoring_elements 0.59186
published_at 2026-06-08T12:55:00Z
2
value 0.0037
scoring_system epss
scoring_elements 0.59203
published_at 2026-06-07T12:55:00Z
3
value 0.0037
scoring_system epss
scoring_elements 0.59207
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-3660
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3660
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3660
2
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras
3
reference_url https://github.com/keras-team/keras/compare/r2.12...r2.13
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/compare/r2.12...r2.13
4
reference_url https://kb.cert.org/vuls/id/253266
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-29T19:29:38Z/
url https://kb.cert.org/vuls/id/253266
5
reference_url https://www.kb.cert.org/vuls/id/253266
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-29T19:29:38Z/
url https://www.kb.cert.org/vuls/id/253266
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-3660
reference_id CVE-2024-3660
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-3660
7
reference_url https://github.com/advisories/GHSA-x4wf-678h-2pmq
reference_id GHSA-x4wf-678h-2pmq
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x4wf-678h-2pmq
fixed_packages
0
url pkg:pypi/keras@2.13.1rc0
purl pkg:pypi/keras@2.13.1rc0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wr2-9bym-kke5
1
vulnerability VCID-4mb7-t1tm-eqf8
2
vulnerability VCID-4tbn-aaek-rkb9
3
vulnerability VCID-64yr-ww4w-ckdr
4
vulnerability VCID-aw3f-8xuy-d3gw
5
vulnerability VCID-c11z-ye25-k7eh
6
vulnerability VCID-h5tb-645a-3fdv
7
vulnerability VCID-x454-t8qh-k7g1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@2.13.1rc0
aliases CVE-2024-3660, GHSA-x4wf-678h-2pmq
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3sjs-86sn-fbe2
2
url VCID-4mb7-t1tm-eqf8
vulnerability_id VCID-4mb7-t1tm-eqf8
summary 
Duplicate Advisory: Keras keras.utils.get_file API is vulnerable to a path traversal attack
### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-hjqc-jx6g-rwp9. This link is maintained to preserve external references.

### Original Description
Keras version 3.11.3 is affected by a path traversal vulnerability in the keras.utils.get_file() function when extracting tar archives. The vulnerability arises because the function uses Python's tarfile.extractall() method without the security-critical filter='data' parameter. Although Keras attempts to filter unsafe paths using filter_safe_paths(), this filtering occurs before extraction, and a PATH_MAX symlink resolution bug triggers during extraction. This bug causes symlink resolution to fail due to path length limits, resulting in a security bypass that allows files to be written outside the intended extraction directory. This can lead to arbitrary file writes outside the cache directory, enabling potential system compromise or malicious code execution. The vulnerability affects Keras installations that process tar archives with get_file() and does not affect versions where this extraction method is secured with the appropriate filter parameter.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12638.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12638.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-12638
reference_id
reference_type
scores
0
value 0.00031
scoring_system epss
scoring_elements 0.09264
published_at 2026-06-08T12:55:00Z
1
value 0.00031
scoring_system epss
scoring_elements 0.0932
published_at 2026-06-05T12:55:00Z
2
value 0.00031
scoring_system epss
scoring_elements 0.09339
published_at 2026-06-06T12:55:00Z
3
value 0.00031
scoring_system epss
scoring_elements 0.09324
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-12638
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12638
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12638
3
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras
4
reference_url https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951
reference_id
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951
5
reference_url https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2025-11-28T15:07:39Z/
url https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2417711
reference_id 2417711
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2417711
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-12638
reference_id CVE-2025-12638
reference_type
scores
0
value 8.0
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-12638
8
reference_url https://github.com/advisories/GHSA-9g7v-8wxv-mwxp
reference_id GHSA-9g7v-8wxv-mwxp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9g7v-8wxv-mwxp
9
reference_url https://access.redhat.com/errata/RHSA-2025:23531
reference_id RHSA-2025:23531
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23531
10
reference_url https://access.redhat.com/errata/RHSA-2026:3713
reference_id RHSA-2026:3713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:3713
11
reference_url https://access.redhat.com/errata/RHSA-2026:4271
reference_id RHSA-2026:4271
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:4271
12
reference_url https://access.redhat.com/errata/RHSA-2026:5807
reference_id RHSA-2026:5807
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:5807
fixed_packages
0
url pkg:pypi/keras@3.12.0
purl pkg:pypi/keras@3.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xj9-1kng-8ua4
1
vulnerability VCID-aw3f-8xuy-d3gw
2
vulnerability VCID-ptyp-n4df-aqf1
3
vulnerability VCID-zsjb-zbnj-z3d8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@3.12.0
aliases CVE-2025-12638, GHSA-9g7v-8wxv-mwxp
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mb7-t1tm-eqf8
3
url VCID-4tbn-aaek-rkb9
vulnerability_id VCID-4tbn-aaek-rkb9
summary 
Duplicate Advisory: Keras arbitrary code execution vulnerability
# Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-48g7-3x6r-xfhp. This link is maintained to preserve external references.

# Original Description

The Keras Model.load_model function permits arbitrary code execution, even with safe_mode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading.
references
0
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras
1
reference_url https://github.com/keras-team/keras/commit/e67ac8ffd0c883bec68eb65bb52340c7f9d3a903
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/commit/e67ac8ffd0c883bec68eb65bb52340c7f9d3a903
2
reference_url https://github.com/keras-team/keras/pull/20751
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/pull/20751
3
reference_url https://github.com/keras-team/keras/releases/tag/v3.9.0
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/releases/tag/v3.9.0
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-1550
reference_id CVE-2025-1550
reference_type
scores
0
value 7.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-1550
5
reference_url https://github.com/advisories/GHSA-5478-v2w6-c6q7
reference_id GHSA-5478-v2w6-c6q7
reference_type
scores
url https://github.com/advisories/GHSA-5478-v2w6-c6q7
fixed_packages
0
url pkg:pypi/keras@3.9.0
purl pkg:pypi/keras@3.9.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wr2-9bym-kke5
1
vulnerability VCID-1xj9-1kng-8ua4
2
vulnerability VCID-4mb7-t1tm-eqf8
3
vulnerability VCID-64yr-ww4w-ckdr
4
vulnerability VCID-aw3f-8xuy-d3gw
5
vulnerability VCID-c11z-ye25-k7eh
6
vulnerability VCID-cmug-fp72-8qc4
7
vulnerability VCID-d61w-bj6k-9kc9
8
vulnerability VCID-dy5p-938j-d7fr
9
vulnerability VCID-h5tb-645a-3fdv
10
vulnerability VCID-ptyp-n4df-aqf1
11
vulnerability VCID-rgqk-3hht-h3dc
12
vulnerability VCID-zsjb-zbnj-z3d8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@3.9.0
aliases GHSA-5478-v2w6-c6q7
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4tbn-aaek-rkb9
4
url VCID-64yr-ww4w-ckdr
vulnerability_id VCID-64yr-ww4w-ckdr
summary 
The Keras Model.load_model method can be exploited to achieve arbitrary code execution, even with safe_mode=True.

One can create a specially crafted .keras model archive that, when loaded via Model.load_model, will trigger arbitrary code to be executed. This is achieved by crafting a special config.json (a file within the .keras archive) that will invoke keras.config.enable_unsafe_deserialization() to disable safe mode. Once safe mode is disable, one can use the Lambda layer feature of keras, which allows arbitrary Python code in the form of pickled code. Both can appear in the same archive. Simply the keras.config.enable_unsafe_deserialization() needs to appear first in the archive and the Lambda with arbitrary code needs to be second.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9906.json
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-9906.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-9906
reference_id
reference_type
scores
0
value 0.00068
scoring_system epss
scoring_elements 0.21156
published_at 2026-06-06T12:55:00Z
1
value 0.00068
scoring_system epss
scoring_elements 0.21169
published_at 2026-06-05T12:55:00Z
2
value 0.00068
scoring_system epss
scoring_elements 0.21048
published_at 2026-06-08T12:55:00Z
3
value 0.00068
scoring_system epss
scoring_elements 0.21112
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-9906
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9906
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-9906
3
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras
4
reference_url https://github.com/keras-team/keras/commit/713172ab56b864e59e2aa79b1a51b0e728bba858
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/commit/713172ab56b864e59e2aa79b1a51b0e728bba858
5
reference_url https://github.com/keras-team/keras/pull/21429
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value 8.6
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/AU:Y/R:A
2
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3
value HIGH
scoring_system generic_textual
scoring_elements
4
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-09-20T03:55:42Z/
url https://github.com/keras-team/keras/pull/21429
6
reference_url https://github.com/keras-team/keras/releases/tag/v3.11.0
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/releases/tag/v3.11.0
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keras/PYSEC-2025-76.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keras/PYSEC-2025-76.yaml
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2396644
reference_id 2396644
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2396644
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-9906
reference_id CVE-2025-9906
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-9906
10
reference_url https://osv.dev/vulnerability/CVE-2025-9906
reference_id CVE-2025-9906
reference_type
scores
0
value 7.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://osv.dev/vulnerability/CVE-2025-9906
11
reference_url https://github.com/advisories/GHSA-36fq-jgmw-4r9c
reference_id GHSA-36fq-jgmw-4r9c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-36fq-jgmw-4r9c
12
reference_url https://access.redhat.com/errata/RHSA-2025:23531
reference_id RHSA-2025:23531
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:23531
fixed_packages
0
url pkg:pypi/keras@3.11.0
purl pkg:pypi/keras@3.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wr2-9bym-kke5
1
vulnerability VCID-1xj9-1kng-8ua4
2
vulnerability VCID-4mb7-t1tm-eqf8
3
vulnerability VCID-aw3f-8xuy-d3gw
4
vulnerability VCID-c11z-ye25-k7eh
5
vulnerability VCID-cmug-fp72-8qc4
6
vulnerability VCID-dy5p-938j-d7fr
7
vulnerability VCID-h5tb-645a-3fdv
8
vulnerability VCID-ptyp-n4df-aqf1
9
vulnerability VCID-zj76-dr8t-47d2
10
vulnerability VCID-zsjb-zbnj-z3d8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@3.11.0
aliases CVE-2025-9906, GHSA-36fq-jgmw-4r9c, PYSEC-2025-76
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-64yr-ww4w-ckdr
5
url VCID-aw3f-8xuy-d3gw
vulnerability_id VCID-aw3f-8xuy-d3gw
summary keras: Keras: Arbitrary Code Execution Vulnerability Bypassing Safe Mode
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1462.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-1462.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2026-1462
reference_id
reference_type
scores
0
value 0.0007
scoring_system epss
scoring_elements 0.216
published_at 2026-06-08T12:55:00Z
1
value 0.0007
scoring_system epss
scoring_elements 0.21716
published_at 2026-06-05T12:55:00Z
2
value 0.0007
scoring_system epss
scoring_elements 0.21703
published_at 2026-06-06T12:55:00Z
3
value 0.0007
scoring_system epss
scoring_elements 0.21659
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2026-1462
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1462
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-1462
3
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras
4
reference_url https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-13T18:53:01Z/
url https://github.com/keras-team/keras/commit/b6773d3decaef1b05d8e794458e148cb362f163f
5
reference_url https://github.com/keras-team/keras/pull/22035
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/pull/22035
6
reference_url https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
2
value HIGH
scoring_system generic_textual
scoring_elements
3
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2026-04-13T18:53:01Z/
url https://huntr.com/bounties/7e78d6f1-6977-4300-b595-e81bdbda331c
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2026-1462
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2026-1462
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2457856
reference_id 2457856
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2457856
9
reference_url https://github.com/advisories/GHSA-4f3f-g24h-fr8m
reference_id GHSA-4f3f-g24h-fr8m
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4f3f-g24h-fr8m
fixed_packages
0
url pkg:pypi/keras@3.13.2
purl pkg:pypi/keras@3.13.2
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@3.13.2
aliases CVE-2026-1462, GHSA-4f3f-g24h-fr8m
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aw3f-8xuy-d3gw
6
url VCID-c11z-ye25-k7eh
vulnerability_id VCID-c11z-ye25-k7eh
summary 
Duplicate Advisory: Keras keras.utils.get_file API is vulnerable to a path traversal attack
### Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-hjqc-jx6g-rwp9. This link is maintained to preserve external references.

### Original Description
The keras.utils.get_file API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special symlinks, which, when extracted, allows them to write arbitrary files to any location on the filesystem outside of the intended destination folder. This vulnerability is linked to the underlying Python tarfile weakness, identified as CVE-2025-4517. Note that upgrading Python to one of the versions that fix CVE-2025-4517 (e.g. Python 3.13.4) is not enough. One additionally needs to upgrade Keras to a version with the fix (Keras 3.12).
references
0
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras
1
reference_url https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951
2
reference_url https://github.com/keras-team/keras/pull/21760
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/pull/21760
3
reference_url https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4
reference_id
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-12060
reference_id CVE-2025-12060
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-12060
5
reference_url https://github.com/advisories/GHSA-28jp-44vh-q42h
reference_id GHSA-28jp-44vh-q42h
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-28jp-44vh-q42h
6
reference_url https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9
reference_id GHSA-hjqc-jx6g-rwp9
reference_type
scores
0
value 8.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/security/advisories/GHSA-hjqc-jx6g-rwp9
fixed_packages
0
url pkg:pypi/keras@3.12.0
purl pkg:pypi/keras@3.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xj9-1kng-8ua4
1
vulnerability VCID-aw3f-8xuy-d3gw
2
vulnerability VCID-ptyp-n4df-aqf1
3
vulnerability VCID-zsjb-zbnj-z3d8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@3.12.0
aliases GHSA-28jp-44vh-q42h
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c11z-ye25-k7eh
7
url VCID-h5tb-645a-3fdv
vulnerability_id VCID-h5tb-645a-3fdv
summary 
Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery
The Keras.Model.load_model method, including when executed with the intended security mitigation safe_mode=True, is vulnerable to arbitrary local file loading and Server-Side Request Forgery (SSRF).


This vulnerability stems from the way the StringLookup layer is handled during model loading from a specially crafted .keras archive. The constructor for the StringLookup layer accepts a vocabulary argument that can specify a local file path or a remote file path.

*  Arbitrary Local File Read: An attacker can create a malicious .keras file that embeds a local path in the StringLookup layer's configuration. When the model is loaded, Keras will attempt to read the content of the specified local file and incorporate it into the model state (e.g., retrievable via get_vocabulary()), allowing an attacker to read arbitrary local files on the hosting system.


*  Server-Side Request Forgery (SSRF): Keras utilizes tf.io.gfile for file operations. Since tf.io.gfile supports remote filesystem handlers (such as GCS and HDFS) and HTTP/HTTPS protocols, the same mechanism can be leveraged to fetch content from arbitrary network endpoints on the server's behalf, resulting in an SSRF condition.


The security issue is that the feature allowing external path loading was not properly restricted by the safe_mode=True flag, which was intended to prevent such unintended data access.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12058.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-12058.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-12058
reference_id
reference_type
scores
0
value 0.00079
scoring_system epss
scoring_elements 0.23393
published_at 2026-06-08T12:55:00Z
1
value 0.00079
scoring_system epss
scoring_elements 0.23509
published_at 2026-06-05T12:55:00Z
2
value 0.00079
scoring_system epss
scoring_elements 0.23493
published_at 2026-06-06T12:55:00Z
3
value 0.00079
scoring_system epss
scoring_elements 0.23447
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-12058
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-12058
3
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras
4
reference_url https://github.com/keras-team/keras/commit/61ac8c1e51862c471dee7b49029c356f55531487
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/commit/61ac8c1e51862c471dee7b49029c356f55531487
5
reference_url https://github.com/keras-team/keras/pull/21751
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T14:07:04Z/
url https://github.com/keras-team/keras/pull/21751
6
reference_url https://www.cve.org/CVERecord?id=CVE-2025-12058
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://www.cve.org/CVERecord?id=CVE-2025-12058
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2407019
reference_id 2407019
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2407019
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2025-12058
reference_id CVE-2025-12058
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2025-12058
9
reference_url https://github.com/advisories/GHSA-mq84-hjqx-cwf2
reference_id GHSA-mq84-hjqx-cwf2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-mq84-hjqx-cwf2
10
reference_url https://github.com/keras-team/keras/security/advisories/GHSA-qg93-c7p6-gg7f
reference_id GHSA-qg93-c7p6-gg7f
reference_type
scores
0
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L
1
value 5.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:A/AC:H/AT:P/PR:L/UI:P/VC:H/VI:L/VA:L/SC:H/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-10-29T14:07:04Z/
url https://github.com/keras-team/keras/security/advisories/GHSA-qg93-c7p6-gg7f
fixed_packages
0
url pkg:pypi/keras@3.12.0
purl pkg:pypi/keras@3.12.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1xj9-1kng-8ua4
1
vulnerability VCID-aw3f-8xuy-d3gw
2
vulnerability VCID-ptyp-n4df-aqf1
3
vulnerability VCID-zsjb-zbnj-z3d8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@3.12.0
aliases CVE-2025-12058, GHSA-mq84-hjqx-cwf2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h5tb-645a-3fdv
8
url VCID-x454-t8qh-k7g1
vulnerability_id VCID-x454-t8qh-k7g1
summary An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55459.json
reference_id
reference_type
scores
0
value 5.7
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-55459.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-55459
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35129
published_at 2026-06-08T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.35186
published_at 2026-06-05T12:55:00Z
2
value 0.00149
scoring_system epss
scoring_elements 0.35164
published_at 2026-06-07T12:55:00Z
3
value 0.00149
scoring_system epss
scoring_elements 0.35201
published_at 2026-06-06T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-55459
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55459
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55459
3
reference_url https://github.com/keras-team/keras
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T17:32:15Z/
url https://github.com/keras-team/keras
4
reference_url https://github.com/keras-team/keras/blob/8f5592bcb61ff48c96560c8923e482db1076b54a/keras/src/utils/file_utils.py#L115
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/keras-team/keras/blob/8f5592bcb61ff48c96560c8923e482db1076b54a/keras/src/utils/file_utils.py#L115
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/keras/PYSEC-2025-121.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/keras/PYSEC-2025-121.yaml
6
reference_url https://keras.io
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T17:32:15Z/
url https://keras.io
7
reference_url https://river-bicycle-f1e.notion.site/Arbitrary-File-Write-Vulnerability-in-get_file-function-11888e31952580179224e50892976d32
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-01-08T17:32:15Z/
url https://river-bicycle-f1e.notion.site/Arbitrary-File-Write-Vulnerability-in-get_file-function-11888e31952580179224e50892976d32
8
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2336426
reference_id 2336426
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2336426
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-55459
reference_id CVE-2024-55459
reference_type
scores
0
value 5.5
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-55459
10
reference_url https://github.com/advisories/GHSA-cjgq-5qmw-rcj6
reference_id GHSA-cjgq-5qmw-rcj6
reference_type
scores
url https://github.com/advisories/GHSA-cjgq-5qmw-rcj6
fixed_packages
0
url pkg:pypi/keras@3.8.0
purl pkg:pypi/keras@3.8.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1wr2-9bym-kke5
1
vulnerability VCID-1xj9-1kng-8ua4
2
vulnerability VCID-4mb7-t1tm-eqf8
3
vulnerability VCID-4tbn-aaek-rkb9
4
vulnerability VCID-64yr-ww4w-ckdr
5
vulnerability VCID-aw3f-8xuy-d3gw
6
vulnerability VCID-c11z-ye25-k7eh
7
vulnerability VCID-cmug-fp72-8qc4
8
vulnerability VCID-d61w-bj6k-9kc9
9
vulnerability VCID-dy5p-938j-d7fr
10
vulnerability VCID-gu8d-jjtb-zuau
11
vulnerability VCID-h5tb-645a-3fdv
12
vulnerability VCID-ptyp-n4df-aqf1
13
vulnerability VCID-rgqk-3hht-h3dc
14
vulnerability VCID-zsjb-zbnj-z3d8
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/keras@3.8.0
aliases CVE-2024-55459, GHSA-cjgq-5qmw-rcj6, PYSEC-2025-121
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x454-t8qh-k7g1
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/keras@1.0.8