CVE-2025-1550

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2025-1550

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2025-1550.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2025-1550

Aliases

GHSA-48g7-3x6r-xfhp

Related

UBUNTU-CVE-2025-1550

Published

2025-03-11T09:15:25Z

Modified

2025-03-12T10:45:41.294018Z

Summary

[none]

Details

The Keras Model.loadmodel function permits arbitrary code execution, even with safemode=True, through a manually constructed, malicious .keras archive. By altering the config.json file within the archive, an attacker can specify arbitrary Python modules and functions, along with their arguments, to be loaded and executed during model loading.

References

Affected packages

Debian:11 / keras

Package

Name: keras
Purl: pkg:deb/debian/keras?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.3.1+dfsg-3

2.3.1+dfsg2-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}