| Bug | bullseye | Description |
|---|
| CVE-2025-49655 | vulnerable (no DSA, ignored) | Deserialization of untrusted data can occur in versions of the Keras f ... |
| CVE-2025-12060 | vulnerable (no DSA, postponed) | The keras.utils.get_file API in Keras, when used with the extract=True ... |
| CVE-2025-12058 | vulnerable (no DSA, ignored) | The Keras.Model.load_model method, including when executed with the in ... |
| CVE-2025-9906 | vulnerable (no DSA, postponed) | The Keras Model.load_modelmethod can be exploited to achieve arbitrary ... |
| CVE-2024-55459 | vulnerable (no DSA, postponed) | An issue in keras 3.7.0 allows attackers to write arbitrary files to t ... |
| CVE-2024-3660 | vulnerable (no DSA, postponed) | A arbitrary code injection vulnerability in TensorFlow's Keras framewo ... |