Blog Home
Safe-mode_Thumbnail

Is TensorFlow Keras “Safe Mode” Actually Safe? Bypassing safe_mode Mitigation to Achieve Arbitrary Code Execution
March 12, 2025

Update: This issue was discovered and disclosed independently to Keras by JFrog’s research team and Peng Zhou. Machine learning frameworks often rely on serialization and deserialization mechanisms to store and load models. However, improper code isolation and executable components in the models can lead to severe security risks. The structure of the Keras v3 ML Model …

Read More
Contextual Analysis for Python, Java, and JavaScript with JFrog Frogbot

Contextual Analysis for Python, Java, and JavaScript Projects with JFrog Frogbot
September 08, 2023

When scanning packages, CVE (Common Vulnerabilities and Exposures) scanners can find thousands of vulnerabilities. This leaves developers with the painstaking task of sifting through long lists of vulnerabilities to identify the relevance of each, only to find that many vulnerabilities don’t affect their artifacts at all. Vulnerability Contextual Analysis uses the artifact context to eliminate …

Read More

Xray: New Year, New Security Features
February 16, 2022

As part of our ongoing efforts to offer you the most comprehensive and advanced SDLC protection capabilities, JFrog continues to boost the capabilities of our JFrog Xray security and compliance product. In this blog, we offer an overview of recent Xray improvements, all aimed at helping you fortify your software, reduce risk, scale security, streamline …

Read More

Popular Tags