Skip to content

Commit 28231cf

Browse files
bhanutejagkBhanu Teja Goshikonda
bhanutejagk
and
Bhanu Teja Goshikonda
authored
Allowlist Keras 3.10.0 CVE-2025-8747 vulnerability for TensorFlow 2.19 (#5180)
training containers to fix ECR Enhanced Scan test failures. Co-authored-by: Bhanu Teja Goshikonda <[email protected]>
1 parent 62a579a commit 28231cf

File tree

2 files changed

+54
-0
lines changed

2 files changed

+54
-0
lines changed

tensorflow/training/docker/2.19/py3/Dockerfile.sagemaker.cpu.os_scan_allowlist.json

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,5 +129,32 @@
129129
"title": "CVE-2024-37890 - ws, ws",
130130
"reason_to_ignore": "N/A"
131131
}
132+
],
133+
"keras": [
134+
{
135+
"description": "A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.",
136+
"vulnerability_id": "CVE-2025-8747",
137+
"name": "CVE-2025-8747",
138+
"package_name": "keras",
139+
"package_details": {
140+
"file_path": "/usr/local/lib/python3.12/site-packages/keras-3.10.0.dist-info/METADATA",
141+
"name": "keras",
142+
"package_manager": "PYTHON",
143+
"version": "3.10.0",
144+
"release": null
145+
},
146+
"remediation": { "recommendation": { "text": "None Provided" } },
147+
"cvss_v3_score": 7.8,
148+
"cvss_v30_score": 0.0,
149+
"cvss_v31_score": 7.8,
150+
"cvss_v2_score": 0.0,
151+
"cvss_v3_severity": "HIGH",
152+
"source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8747",
153+
"source": "NVD",
154+
"severity": "HIGH",
155+
"status": "ACTIVE",
156+
"title": "CVE-2025-8747 - keras",
157+
"reason_to_ignore": "N/A"
158+
}
132159
]
133160
}

tensorflow/training/docker/2.19/py3/cu125/Dockerfile.sagemaker.gpu.os_scan_allowlist.json

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -129,5 +129,32 @@
129129
"title": "CVE-2024-37890 - ws, ws",
130130
"reason_to_ignore": "N/A"
131131
}
132+
],
133+
"keras": [
134+
{
135+
"description": "A safe mode bypass vulnerability in the `Model.load_model` method in Keras versions 3.0.0 through 3.10.0 allows an attacker to achieve arbitrary code execution by convincing a user to load a specially crafted `.keras` model archive.",
136+
"vulnerability_id": "CVE-2025-8747",
137+
"name": "CVE-2025-8747",
138+
"package_name": "keras",
139+
"package_details": {
140+
"file_path": "/usr/local/lib/python3.12/site-packages/keras-3.10.0.dist-info/METADATA",
141+
"name": "keras",
142+
"package_manager": "PYTHON",
143+
"version": "3.10.0",
144+
"release": null
145+
},
146+
"remediation": { "recommendation": { "text": "None Provided" } },
147+
"cvss_v3_score": 7.8,
148+
"cvss_v30_score": 0.0,
149+
"cvss_v31_score": 7.8,
150+
"cvss_v2_score": 0.0,
151+
"cvss_v3_severity": "HIGH",
152+
"source_url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8747",
153+
"source": "NVD",
154+
"severity": "HIGH",
155+
"status": "ACTIVE",
156+
"title": "CVE-2025-8747 - keras",
157+
"reason_to_ignore": "N/A"
158+
}
132159
]
133160
}

0 commit comments

Comments
 (0)