PyPi: Keras

CVE-2024-55459

Safety vulnerability ID: 76369

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Jan 08, 2025 Updated at Apr 02, 2025

Scan your Python projects for vulnerabilities →

Advisory

An issue in Keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.

Affected package

keras

Latest version: 3.9.2

Multi-backend Keras

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/advisories/GHSA-cjgq-5qmw-rcj6
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55459

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application