Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8de8d9a6 by Salvatore Bonaccorso at 2025-11-28T21:18:19+01:00
Add CVE-2025-12638/keras
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,7 +9,9 @@ CVE-2025-51733 (Cross-Site Request Forgery (CSRF) vulnerability
in HCL Technolog
CVE-2025-13683 (Exposure of credentials in unintended requests in Devolutions
Server, ...)
NOT-FOR-US: Devolutions
CVE-2025-12638 (Keras version 3.11.3 is affected by a path traversal
vulnerability in ...)
- TODO: check
+ - keras <removed>
+ NOTE: https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9aee103f4
+ NOTE: Fixed by:
https://github.com/keras-team/keras/commit/47fcb397ee4caffd5a75efd1fa3067559594e951
(v3.12.0)
CVE-2025-12183 (Out-of-bounds memory operations in org.lz4:lz4-java 1.8.0 and
earlier ...)
NOT-FOR-US: Sonatype
CVE-2025-12143 (Stack-based Buffer Overflow vulnerability in ABB Terra AC
wallbox.This ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8de8d9a6425ea3b278ac7ddb133e1e3c859934f2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8de8d9a6425ea3b278ac7ddb133e1e3c859934f2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
