aaryanbhujang

1 exploit Active since Apr 2024
CVE-2024-3660 NOMISEC CRITICAL WORKING POC
Keras < 2.13.1 - Arbitrary Code Injection via Model Loading
A arbitrary code injection vulnerability in TensorFlow's Keras framework (<2.13) allows attackers to execute arbitrary code with the same permissions as the application using a model that allow arbitrary code irrespective of the application.
4 stars
CVSS 9.8