Описание
A safe mode bypass vulnerability in the Model.load_model method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| upstream | needs-triage |
Показывать по
10
EPSS
Процентиль: 0%
0.00006
Низкий
7.8 High
CVSS3
Связанные уязвимости
CVSS3: 7.8
nvd
13 дней назад
A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.
CVSS3: 7.8
debian
13 дней назад
A safe mode bypass vulnerability in the `Model.load_model` method in K ...
CVSS3: 8.8
github
12 дней назад
Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality
EPSS
Процентиль: 0%
0.00006
Низкий
7.8 High
CVSS3