CVE-2026-34447 vulnerabilities

Vulnerabilities for packages: py3-onnx...

acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +368 more potentially affected by CVE-2026-34447 via onnx (>=1.10.1 <=1.20.1)

onnx PYPI version =1.10.1, =0.1.0, =0.1.0, =0.0.0, =0.0.157, =0.1.0, =0.1.8, =1.7.0, =1.3.0, =0.10.0, =0.11.2 - amf-fast-inference =0.0.3 - anomavision =3.0.10 and more Source cves: CVE-2026-34447 Source advisory: SNYK:PYTHON-ONNX-15873763...

acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +369 more potentially affected by CVE-2026-34447 via onnx (>=0.2.0 <=1.20.1)

onnx PYPI version =0.2.0, =0.1.0, =0.1.0, =0.0.0, =0.0.157, =0.1.0, =0.1.8, =1.7.0, =1.3.0, =0.10.0, =0.11.2 - amf-fast-inference =0.0.3 - anomavision =3.0.10 and more Source cves: CVE-2026-34447 Source advisory: OSV:GHSA-P433-9WV8-28XJ...

acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +369 more potentially affected by CVE-2026-34447 via onnx (>=0.2.0 <=1.20.1)

onnx PYPI version =0.2.0, =0.1.0, =0.1.0, =0.0.0, =0.0.157, =0.1.0, =0.1.8, =1.7.0, =1.3.0, =0.10.0, =0.11.2 - amf-fast-inference =0.0.3 - anomavision =3.0.10 and more Source cves: CVE-2026-34447 Source advisory: OSV:PYSEC-2026-104...

CVE-2026-34447 ONNX: External Data Symlink Traversal

Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a symlink traversal vulnerability in external data loading allows reading files outside the model directory. This issue has been patched in version 1.21.0...

CVE-2026-34447

creationtimestamp| type| source ---|---|--- 2026-03-31 15:58:44+00:00| published-proof-of-concept| https://github.com/onnx/onnx/security/advisories/GHSA-p433-9wv8-28xj...

Ubuntu: Security Advisory (USN-8108-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-34447

creationtimestamp| type| source ---|---|--- 2026-03-11 12:40:07+00:00| seen| https://gist.github.com/alon710/ce76b071b63d3394753200cdb4380331...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to multiple vulnerabilities due to the Bouncy Castle package

Summary Bouncy Castle is used by DataStage on Cloud Pak for Data as part of cryptography functionality. Vulnerability Details CVEID:CVE-2024-34447 DESCRIPTION: An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 ships with BC Java 1.78, BC Java LTS 2.73....

Security Bulletin: IBM Datapower Operations Dashboard could allow DNS poisoning CVE-2023-0833

Summary Bouncy Castle is used by the IBM Datapower Operations Dashboard implementation of secure data transmission and storage Vulnerability Details CVEID:CVE-2024-34447 DESCRIPTION: An issue was discovered in the Bouncy Castle Crypto Package For Java before BC TLS Java 1.0.19 ships with BC Java...

CVE-2023-34447

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on pages/UI.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...

CVE-2022-34447

creationtimestamp| type| source ---|---|--- 2025-03-26 15:26:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8866...

Security Bulletin: IBM Cloud Pak for Network Automation 2.7.5 addresses multiple security vulnerabilities.

Summary IBM Cloud Pak for Network Automation 2.7.5 addresses multiple security vulnerabilities. Vulnerability Details CVEID:CVE-2024-32879 DESCRIPTION: Python Social Auth Django could allow a remote authenticated attacker to bypass security restrictions, caused by improper handling of case...

Security Bulletin: Apache James and Bouncy Castle vulnerabilities in Apache Solr and Logstash shipped with IBM Operations Analytics - Log Analysis (CVE-2023-33202,CVE-2024-21742,CVE-2024-29857,CVE-2024-30172,CVE-2024-34447)

Summary There are potential denial of service and bypass security restrictions vulnerabilities in Apache James Mime4J and Bouncy Castle Crypto Package, which are used by Apache Solr and Logstash in IBM Operations Analytics - Log Analysis Vulnerability Details CVEID:CVE-2024-34447 DESCRIPTION: The...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Bouncy Castle Crypto Package For Java [CVE-2024-34447]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in Bouncy Castle Crypto Package For Java, caused by a flaw when endpoint identification is enabled in the BCJSSE and an SSL socket is created without an explicit hostname...

Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 3.8.5 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...

Important: Red Hat Security Advisory: Red Hat AMQ Broker 7.12.1 release and security update

Red Hat AMQ Broker 7.12.1 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Medium: bouncycastle

Issue Overview: An issue was discovered in Bouncy Castle Java Cryptography APIs before ... NOTE: https://github.com/bcgit/bc-java/issues/1635 NOTE: https://www.bouncycastle.org/latestreleases.html DEBIANBUG: 1070655 CVE-2024-29857 An issue was discovered in Bouncy Castle Java Cryptography APIs...

Medium: bouncycastle

Issue Overview: An issue was discovered in Bouncy Castle Java Cryptography APIs before ... NOTE: https://github.com/bcgit/bc-java/issues/1635 NOTE: https://www.bouncycastle.org/latestreleases.html DEBIANBUG: 1070655 CVE-2024-29857 An issue was discovered in Bouncy Castle Java Cryptography APIs...

aero.m-click:mcpdf (>=0.2.5 <=0.2.10), ai.aitia:arrowhead-application-library-java-spring (>=4.4.0.0 <=4.6.0.0) +21419 more potentially affected by CVE-2024-34447 via org.bouncycastle:bcprov-jdk15on (>=1.61 <=1.70)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.61, =0.2.5, =4.4.0.0, =0.1.12, =0.1.2, =0.28.0, =0.4.0, =0.4.0, =0.2.8, =22.3.0, =22.3.0, =22.3.0, =22.3.0, =22.3.0, =24.9.8 and more Source cves: CVE-2024-34447 Source advisory: OSV:GHSA-4H8F-2WVX-GG5W...