CVE-2025-12060

Name of the Vulnerable Software and Affected Versions Keras (affected versions not specified)

Description The keras.utils.get file API in Keras is susceptible to a path traversal issue when the extract=True option is used with tar archives. The utility employs Python’s tarfile.extractall function without utilizing the filter="data" feature. An attacker can create a malicious tar archive with specially crafted symlinks. Extracting this archive allows the attacker to write arbitrary files to locations outside the intended destination folder on the filesystem. This issue stems from a weakness in the underlying Python tarfile functionality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.