Vulnerabilities

search
ID
Packages
Summary
Published
arrow_upward
Attributes
GHSA-mgx6-5cf9-rr43
  • PyPI/keras
 Keras vulnerable to DoS via Malicious .keras Model (HDF5 Shape Bomb Causes Petabyte Allocation in KerasFileEditor) 06 May
  • Fix available
  • Severity - 7.1 (High)
GHSA-4f3f-g24h-fr8m
  • PyPI/keras
 Keras has an untrusted deserialization vulnerability 13 Apr
  • Fix available
  • Severity - 8.8 (High)
GHSA-3m4q-jmj6-r34q
  • PyPI/keras
 Keras has a Local File Disclosure via HDF5 External Storage During Keras Weight Loading 18 Feb
  • Fix available
  • Severity - 7.1 (High)
PYSEC-2026-73
  • PyPI/keras
 See record for full details 15 Jan
  • Fix available
  • Severity - 7.5 (High)
GHSA-hjqc-jx6g-rwp9
  • PyPI/keras
 Keras Directory Traversal Vulnerability 02 Dec 2025
  • Fix available
  • Severity - 8.9 (High)
GHSA-mq84-hjqx-cwf2
  • PyPI/keras
 Keras is vulnerable to arbitrary local file loading and Server-Side Request Forgery 29 Oct 2025
  • Fix available
  • Severity - 5.9 (Medium)
GHSA-cvhh-q5g5-qprp
  • PyPI/keras
 Keras framework vulnerable to deserialization of untrusted data 17 Oct 2025
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-36rr-ww3j-vrjv
  • PyPI/keras
 The Keras `Model.load_model` method **silently** ignores `safe_mode=True` and allows arbitrary code execution when a `.h5`/`.hdf5` file is loaded. 19 Sep 2025
  • Fix available
  • Severity - 8.7 (High)
GHSA-36fq-jgmw-4r9c
  • PyPI/keras
 Keras is vulnerable to Deserialization of Untrusted Data 19 Sep 2025
  • Fix available
  • Severity - 8.7 (High)
PYSEC-2025-76
  • PyPI/keras
 See record for full details 19 Sep 2025
  • No fix available
  • Severity - 7.3 (High)
PYSEC-2025-123
  • PyPI/keras
 See record for full details 19 Sep 2025
  • Fix available
  • Severity - 7.3 (High)
GHSA-c9rc-mg46-23w3
  • PyPI/keras
 Keras vulnerable to CVE-2025-1550 bypass via reuse of internal functionality 12 Aug 2025
  • Fix available
  • Severity - 8.8 (High)
PYSEC-2025-75
  • PyPI/keras
 See record for full details 11 Aug 2025
  • No fix available
  • Severity - 7.8 (High)
GHSA-48g7-3x6r-xfhp
  • PyPI/keras
 Arbitrary Code Execution via Crafted Keras Config for Model Loading 11 Mar 2025
  • Fix available
  • Severity - 7.3 (High)
PYSEC-2025-122
  • PyPI/keras
 See record for full details 11 Mar 2025
  • Fix available
  • Severity - 9.8 (Critical)
GHSA-cjgq-5qmw-rcj6
  • PyPI/keras
 keras Path Traversal vulnerability 08 Jan 2025
  • No fix available
  • Severity - 5.5 (Medium)
Load more...(1 page left)