CVE 8.9 HIGH

Keras keras.utils.get_file Utility Path Traversal Vulnerability_CVE-2025-12060

October 30, 2025 invoker category_cve
8.9 / 10
HIGH
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

The keras.utils.get_file API in Keras, when used with the extract=True option for tar archives, is vulnerable to a path traversal attack. The utility uses Python's tarfile.extractall function without the filter="data" feature. A remote attacker can craft a malicious tar archive containing special symlinks, which, when extracted, allows them to write arbitrary files to any location on the filesystem outside of the intended destination folder. This vulnerability is linked to the underlying Python tarfile weakness, identified as CVE-2025-4517.Β Note that upgrading Python to one of the versions that fix CVE-2025-4517 (e.g. Python 3.13.4) is not enough. One additionally needs to upgrade Keras to a version with the fix (Keras 3.12).

AI Analysis

Keras keras.utils.get_file utility is vulnerable to a path traversal attack, allowing a remote attacker to write arbitrary files to any location on the filesystem

Basic Information

ID CVE-2025-12060
Source Google
Published Oct 30, 2025 at 17:10
Modified Oct 30, 2025 at 17:40

Affected Product

Vendor Keras
Product Keras
Version 3.0.0
Affected Versions Keras Keras 3.0.0

CWE Classification

CWE-22

AI Assessment

AI Score 8.9 / 10
AI Severity High
Vendor Keras Team
Product Keras
Version 3.0.0

References

πŸ’­ Join the Security Discussion

πŸ”’ Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.