keras@2.2.1 vulnerabilities

Multi-backend Keras.

Direct Vulnerabilities

Known vulnerabilities in the keras package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • C
Code Injection

keras is a Keras is a high-level neural networks API for Python..

Affected versions of this package are vulnerable to Code Injection due to improper user input sanitization through the Lambda layer, allowing a developer to add arbitrary Python code to a model in the form of a lambda function. An attacker could use this feature to trojanize a popular model, save it, and redistribute it, tainting the supply chain of dependent AI/ML applications. In addition, exploiting this vulnerability allows arbitrary code to be executed with the same permissions as the application.

Note

If running pre-2.13 applications in a sandbox, ensure no assets of value are in scope of the running application to minimize the potential for data exfiltration.

How to fix Code Injection?

Upgrade keras to version 2.13.1rc0 or higher.

[,2.13.1rc0)
  • H
Deserialization of Untrusted Data

keras is a Keras is a high-level neural networks API for Python..

Affected versions of this package are vulnerable to Deserialization of Untrusted Data. Loading keras models via yaml could allow arbitrary code execution via unsafe deserialization.

How to fix Deserialization of Untrusted Data?

Upgrade keras to version 2.6.0rc3 or higher.

[,2.6.0rc3)