CVE-2024-55459

Опубликовано: 08 янв. 2025

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:keras:keras:3.7.0:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00115

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-494

Связанные уязвимости

CVE-2024-55459

CVSS3: 6.5

ubuntu

11 месяцев назад

An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.

CVE-2024-55459

CVSS3: 5.7

redhat

11 месяцев назад

An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.

CVE-2024-55459

msrc

3 месяца назад

An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.

CVE-2024-55459

CVSS3: 6.5

debian

11 месяцев назад

An issue in keras 3.7.0 allows attackers to write arbitrary files to t ...

GHSA-cjgq-5qmw-rcj6

github

11 месяцев назад

keras Path Traversal vulnerability

EPSS

Процентиль: 26%

0.00115

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-494