GHSA-pwq7-2gvj-vg9v: Duplicate Advisory: Keras safe mode bypass vulnerability

August 11, 2025 (updated August 12, 2025)

Duplicate Advisory

This advisory has been withdrawn because it is a duplicate of GHSA-c9rc-mg46-23w3. This link is maintained to preserve external references.

Original Description

A safe mode bypass vulnerability in the Model.load_model method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted .keras model archive.

References

github.com/advisories/GHSA-pwq7-2gvj-vg9v
github.com/keras-team/keras
github.com/keras-team/keras/commit/713172ab56b864e59e2aa79b1a51b0e728bba858
github.com/keras-team/keras/pull/21429
jfrog.com/blog/keras-safe_mode-bypass-vulnerability
nvd.nist.gov/vuln/detail/CVE-2025-8747

Code Behaviors & Features

Detect and mitigate GHSA-pwq7-2gvj-vg9v with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →