GHSA-xfhx-r7ww-5995: Duplicate Advisory: Google Keras Allocates Resources Without Limits or Throttling in the HDF5 weight loading component
(updated )
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-mgx6-5cf9-rr43. This link is maintained to preserve external references.
Original Description
Allocation of Resources Without Limits or Throttling in the HDF5 weight loading component in Google Keras 3.0.0 through 3.12.0 and 3.13.0 on all platforms allows a remote attacker to cause a Denial of Service (DoS) through memory exhaustion and a crash of the Python interpreter via a crafted .keras archive containing a valid model.weights.h5 file whose dataset declares an extremely large shape.
References
- github.com/advisories/GHSA-xfhx-r7ww-5995
- github.com/keras-team/keras
- github.com/keras-team/keras/commit/7360d4f0d764fbb1fa9c6408fe53da41974dd4f6
- github.com/keras-team/keras/commit/f704c887bf459b42769bfc8a9182f838009afddb
- github.com/keras-team/keras/pull/21880
- github.com/keras-team/keras/pull/22081
- nvd.nist.gov/vuln/detail/CVE-2026-0897
Code Behaviors & Features
Detect and mitigate GHSA-xfhx-r7ww-5995 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →