VDB
GHSA-28jp-44vh-q42h
GHSA-28jp-44vh-q42h
PUBLISHED
CVSS 8.899999618530273 HIGH
Keras Directory Traversal Vulnerability
Risk Scores
CVSS 4.0
8.899999618530273
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| csaf_microsoft | 3.0 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-operator-bundle@sha256:e95f2b92c0277f6fb6e400d49a9ad5cb8426bcf9de439c859022b8da5f95fcc8_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-notebook-controller-rhel9@sha256:a957f2e1573fd7c9d891bef6769be3d9b23730f22d3831a7f03d68f0d8d7b00d_arm64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:0bd79a7eecc255d6d69acd0002c517652638cdf31a0014aa534bf8e3b233b667_arm64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-llama-stack-core-rhel9@sha256:4c1a2927b28a0b1321cb4e5a6f4259e504d08fb9d6cc88f5f26e6182096ba817_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-data-science-pipelines-argo-argoexec-rhel9@sha256:6bb341d0ebec1f7776283939f5b3eb9768a7d04b9bf817d6248c7df7e3fecee7_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-codeflare-operator-rhel9@sha256:8b3e0152680063828a54187feec06600de866db91ab219911b1c3ab50d8b1b7c_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-modelmesh-serving-controller-rhel9@sha256:5dbe115837a9e0746dd75a513076d333e0a237095aac74378624046efab142a2_amd64 | |
| csaf_microsoft | Azure Linux | |
| csaf_redhat | registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:83ff59578170935055e17ebcff3b55113605e29ad1247006a82cfbb618abac71_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-feature-server-rhel9@sha256:97ff0fe1d0c932e2de0efbcfa948f2e7dd4e2098fc5cd85422eeb3515d768d47_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-guardrails-detector-huggingface-runtime-rhel9@sha256:7f57af8a7f1af5b42f7417af0bb5b19f79cfc3f5291539b581f75fbc3cf3cbfe_ppc64le | |
| csaf_redhat | registry.redhat.io/rhoai/odh-model-registry-operator-rhel9@sha256:55bb59909d0cca3f3915cdcdafa1d907ad648bc8008e7c09aa6729012187fc4b_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-model-controller-rhel9@sha256:f43e263fe3aafc8db04394c9132ec7d7cc2b836fc690cd37b1a8892137ea8773_ppc64le | |
| csaf_redhat | registry.redhat.io/rhoai/odh-llm-d-routing-sidecar-rhel9@sha256:5aeec78b53c54c6ddfaff0a96bd922d7eea3a5887de631e49b2d139a5f3ca8f8_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-rhel9-operator@sha256:d1f81cf95c17289018227bbd9eb823a47d447bdcc06957fb7012797468ff0446_ppc64le | |
| csaf_redhat | registry.redhat.io/rhoai/odh-pipeline-runtime-tensorflow-cuda-py312-rhel9@sha256:1931d2ff282436ab32f8cb4bee1cfa6d5484fd9d62273be4ec3ae5c1f7f9dcb2_arm64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-llama-stack-k8s-operator-rhel9@sha256:cef17c2c8a514389233bf78cc19a1e9526ac4063097c12a45c611ae675094d25_amd64 | |
| csaf_redhat | registry.redhat.io/rhoai/odh-trustyai-service-operator-rhel9@sha256:ec289aae1c1440ece4c379f8988d900af2d117c03f20a5e0890f082dfd2fae89_ppc64le | |
| csaf_redhat | registry.redhat.io/rhoai/odh-mod-arch-model-registry-rhel9@sha256:d23c22695b4fa8cdc398b0fdf7ccfa57c6a10009783a3e1ab7355dd4fe644502_arm64 |
…and 236 more
Exploit Intelligence
- pnpm-workspace.yaml (github-poc)
- pnpm-workspace.yaml (github-poc)
- pnpm-workspace.yaml (github-poc)
- pnpm-workspace.yaml (github-poc)
- pnpm-workspace.yaml (github-poc)
- .trivyignore.yml (github-poc)
- .trivyignore.yml (github-poc)
- .trivyignore.yml (github-poc)
- .trivyignore.yml (github-poc)
- .trivyignore.yml (github-poc)
…and 50 more exploits
Timeline
- CVE Published
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 2, 2026 Security Advisory
- Mar 10, 2026 Security Advisory