8 matches found
Azure Linux 3.0 Security Update: pytorch (CVE-2024-7776)
The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7776 advisory. - A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16....
CVE-2024-7776 affecting package pytorch for versions less than 2.2.2-5
CVE-2024-7776 affecting package pytorch for versions less than 2.2.2-5. A patched version of the package is available...
acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +184 more potentially affected by CVE-2024-7776 via onnx (>=0.2.0 <=1.16.2)
onnx PYPI version =0.2.0, =0.1.0, =0.0.0, =0.0.157, =1.3.0, =0.3.1, =1.3.0, =0.0.9, =0.2.19, =0.0.1, =0.1.0, =0.1.4 - autodistill-yolonas =0.1.1 and more Source cves: CVE-2024-7776 Source advisory: OSV:GHSA-H36J-8VV3-CJ52...
acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +183 more potentially affected by CVE-2024-7776 via onnx (>=1.10.1 <=1.16.2)
onnx PYPI version =1.10.1, =0.1.0, =0.0.0, =0.0.157, =1.3.0, =0.3.1, =1.3.0, =0.0.9, =0.2.19, =0.0.1, =0.1.0, =0.1.4 - autodistill-yolonas =0.1.1 and more Source cves: CVE-2024-7776 Source advisory: SNYK:PYTHON-ONNX-9510927...
CVE-2024-7776
A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files i...
acetone-nnet (>=0.1.0 <=0.4.0.dev1), acuity (=6.18.0) +173 more potentially affected by CVE-2024-7776 via onnx (>=0.2.0 <=1.16.1)
onnx PYPI version =0.2.0, =0.1.0, =0.0.0, =0.0.157, =1.3.0, =0.3.1, =1.3.0, =0.0.9, =0.2.19, =0.0.1, =0.1.0, =0.1.4 - autodistill-yolonas =0.1.1 and more Source cves: CVE-2024-7776 Source advisory: OSV:PYSEC-2025-10...
CVE-2024-7776 Arbitrary File Overwrite in onnx/onnx
A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files i...
CVE-2024-7776 Arbitrary File Overwrite in onnx/onnx
A vulnerability in the downloadmodel function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files i...