23 matches found
Open Neural Network Exchange 路径遍历漏洞
The Open Neural Network Exchange ONNX is an open ecosystem that enables AI developers to choose the right tools as their projects evolve. A security vulnerability exists in Open Neural Network Exchange version 1.13.0, which stems from the fact that the externaldata field of a tensor proto may poi...
CVE-2022-25882
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...
PT-2023-12827 · Onnx · Onnx
Name of the Vulnerable Software and Affected Versions: onnx versions prior to 1.13.0 Description: The issue allows Directory Traversal, where the external data field of the tensor proto can contain a path to a file outside the model's current directory or user-provided directory. For example, an...