Lucene search

CVE-2024-5187 Arbitrary File Overwrite in download_model_with_test_data in onnx/onnx

🗓️ 06 Jun 2024 18:19:45Reported by @huntr_aiType

Arbitrary File Overwrite in onnx framework v1.16.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 18
Tenable Nessus	Fedora 40 : onnx (2024-d9c7181a19)	11 Jul 202400:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2024-5187	6 Mar 202500:00	–	nessus
NVD	CVE-2024-5187	6 Jun 202419:16	–	nvd
Debian CVE	CVE-2024-5187	6 Jun 202419:16	–	debiancve
Fedora	[SECURITY] Fedora 40 Update: onnx-1.14.1-3.fc40	11 Jul 202401:15	–	fedora
OSV	GHSA-6RQ9-53C3-F7VJ onnx allows Arbitrary File Overwrite in download_model_with_test_data	6 Jun 202421:30	–	osv
OSV	CVE-2024-5187	6 Jun 202419:16	–	osv
OSV	UBUNTU-CVE-2024-5187	6 Jun 202419:16	–	osv
Github Security Blog	onnx allows Arbitrary File Overwrite in download_model_with_test_data	6 Jun 202421:30	–	github
Vulnrichment	CVE-2024-5187 Arbitrary File Overwrite in download_model_with_test_data in onnx/onnx	6 Jun 202418:45	–	vulnrichment

[
  {
    "vendor": "onnx",
    "product": "onnx/onnx",
    "versions": [
      {
        "version": "unspecified",
        "status": "affected",
        "versionType": "custom",
        "lessThanOrEqual": "latest"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.com/bounties/50235ebd-3410-4ada-b064-1a648e11237e

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Jun 2024 18:45Current

CVSS38.8

EPSS0.00716

CWE-22