CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-55459

An issue in keras 3.7.0 allows attackers to write arbitrary files to the user's machine via downloading a crafted tar file through the get_file function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.7%

CVSS Severity

CVSS v3 Score 6.5

References

https://github.com/keras-team/keras
https://keras.io
https://river-bicycle-f1e.notion.site/Arbitrary-File-Write-Vulnerability-in-get_file-function-11888e31952580179224e50892976d32

Products affected by CVE-2024-55459

Keras » Keras » Version: 3.7.0

cpe:2.3:a:keras:keras:3.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-55459

Products

Pricing

Contact Us