8 matches found
Azure Linux 3.0 Security Update: pytorch (CVE-2024-27319)
The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27319 advisory. - Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the...
CVE-2024-27319 affecting package pytorch for versions less than 2.2.2-1
CVE-2024-27319 affecting package pytorch for versions less than 2.2.2-1. A patched version of the package is available...
CBL Mariner 2.0 Security Update: pytorch (CVE-2024-27319)
The version of pytorch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27319 advisory. - Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the...
CVE-2024-27319 affecting package pytorch for versions less than 2.0.0-4
CVE-2024-27319 affecting package pytorch for versions less than 2.0.0-4. A patched version of the package is available...
Fedora 39 : onnx (2024-270e3b5e9b)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-270e3b5e9b advisory. Security fix for CVE-2024-27318 and CVE-2024-27319 Tenable has extracted the preceding description block directly from the Fedora security advisory...
acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +154 more potentially affected by CVE-2024-27319 via onnx (>=0.2.0 <=1.15.0)
onnx PYPI version =0.2.0, =0.1.0, =0.0.0, =0.0.157, =1.3.0, =0.0.9, =0.2.19, =0.0.1, =0.1.0, =0.0.0, =1.0.45, =1.44.0, =1.55.0 and more Source cves: CVE-2024-27319 Source advisory: OSV:PYSEC-2024-223...
CVE-2024-27319
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNXASSERT and ONNXASSERTM functions have an off by one string copy...
CVE-2024-27319
CVE-2024-27319 affects the ONNX package: versions 1.15.0 and earlier are vulnerable due to an off-by-one string copy in ONNX_ASSERT/ONNX_ASSERTM, causing an out-of-bounds read. Connected advisories confirm the issue across multiple platforms and note remediation by upgrading ONNX (e.g., IBM’s adv...