Описание
A safe mode bypass vulnerability in the Model.load_model method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | DNE | |
| esm-apps/bionic | needs-triage | |
| esm-apps/focal | needs-triage | |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
Показывать по
10
7.8 High
CVSS3
Связанные уязвимости
CVSS3: 7.8
nvd
2 месяца назад
A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.
CVSS3: 7.8
debian
2 месяца назад
A safe mode bypass vulnerability in the `Model.load_model` method in K ...
CVSS3: 8.8
github
2 месяца назад
Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality
7.8 High
CVSS3