Path Traversal Vulnerability in Keras by TensorFlow
CVE-2025-12638

8HIGH

Key Information:

Vendor: Keras-team
Status: Keras-team/keras
Vendor: CVE Published:; 28 November 2025

What is CVE-2025-12638?

Keras version 3.11.3 has a security flaw in its keras.utils.get_file() function related to path traversal during tar archive extraction. This vulnerability arises from the improper use of Python's tarfile.extractall() method, which does not implement a critical security filter. Although attempts are made to mitigate unsafe paths, a bug in symlink resolution may lead to files being written outside the intended cache directory. Such a scenario opens up avenues for unauthorized file writes, potentially compromising the system or allowing execution of malicious code.

Affected Version(s)

keras-team/keras <= unspecified

References

https://huntr.com/bounties/f94f5beb-54d8-4e6a-8bac-86d9ae...

CVSS V3.0

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 28, 2025
Vulnerability Reserved
Nov 3, 2025

CVE-2025-12638 Data

JSON

Keras-team

What is CVE-2025-12638?

Affected Version(s)

References

CVSS V3.0

Timeline