12 matches found
EUVD-2024-0124
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-25882
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which...
CVE-2022-25882
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...
GHSA-WHH8-FJGC-QP73 Onnx Directory Traversal vulnerability
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...
Onnx Directory Traversal vulnerability
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...
PYSEC-2024-222
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...
PYSEC-2024-222
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...
CBL Mariner 2.0 Security Update: pytorch (CVE-2022-25882)
The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-25882 advisory. - Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field ...
CVE-2022-25882 affecting package pytorch for versions less than 2.0.0-1
CVE-2022-25882 affecting package pytorch for versions less than 2.0.0-1. An upgraded version of the package is available that resolves this issue...
acuity (=6.18.0), acuitypro (=6.18.0) +81 more potentially affected by CVE-2022-25882 via onnx (>=0.2.0 <=1.12.0)
onnx PYPI version =0.2.0, =0.0.0, =0.0.157, =1.44.0, =1.44.0, =1.44.0, =1.44.0, =1.44.0, =1.44.0, =1.44.0, =0.5.8, =0.1.0, =0.3.0 and more Source cves: CVE-2022-25882 Source advisory: OSV:GHSA-FFXJ-547X-5J7C...
CVE-2022-25882
CVE-2022-25882 affects onnx before 1.13.0, where the external_data field of the tensor proto can contain a path outside the model directory (example: ../../../etc/passwd), enabling directory traversal. This could impact confidentiality. Remediation: upgrade to onnx 1.13.0 or later. The provided d...
CVE-2022-25882
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...