225 matches found
GHSA-Q56X-G2FJ-4RJ6 ONNX: TOCTOU arbitrary file read/write in save_external_dat
Summary The saveexternaldata method seems to include multiple issues introducing a local TOCTOU vulnerability, an arbitrary file read/write on any system. It potentially includes a path validation bypass on Windows systems. Regarding the TOCTOU, an attacker seems to be able to overwrite victim's...
Directory Traversal
Overview copier is an A library for rendering project templates. Affected versions of this package are vulnerable to Directory Traversal via the externaldata paths. If a user runs Copier on an untrusted template, an attacker can access and expose the contents of arbitrary local files by supplying...
GHSA-HGJQ-P8CR-GG4H Copier `_external_data` allows path traversal and absolute-path local file read without unsafe mode
Summary Copier's externaldata feature allows a template to load YAML files using template-controlled paths. The documentation describes these values as relative paths from the subproject destination, so relative paths themselves appear to be part of the intended feature model. However, the curren...
Copier `_external_data` allows path traversal and absolute-path local file read without unsafe mode
Summary Copier's externaldata feature allows a template to load YAML files using template-controlled paths. The documentation describes these values as relative paths from the subproject destination, so relative paths themselves appear to be part of the intended feature model. However, the curren...
UNIX Symbolic Link (Symlink) Following
Overview onnx is an Open Neural Network Exchange Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink Following in the resolveexternaldatalocation function. An attacker can access arbitrary files outside the intended directory by supplying a symlink within the model...
EUVD-2026-17989
ONNX: External Data Symlink Traversal...
GHSA-P433-9WV8-28XJ ONNX: External Data Symlink Traversal
Summary - Issue: Symlink traversal in external data loading allows reading files outside the model directory. - Affected code: onnx/onnx/checker.cc: resolveexternaldatalocation used via Python onnx.externaldatahelper.loadexternaldataformodel. - Impact: Arbitrary file read confidentiality breach...
ONNX: External Data Symlink Traversal
Summary - Issue: Symlink traversal in external data loading allows reading files outside the model directory. - Affected code: onnx/onnx/checker.cc: resolveexternaldatalocation used via Python onnx.externaldatahelper.loadexternaldataformodel. - Impact: Arbitrary file read confidentiality breach...
EUVD-2026-17985
ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings...
GHSA-538C-55JV-C5G9 ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.
Summary The ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. The problem? It didn’t check if the "keys" in the file were valid. Because it blindly trusted the file, an attacker could craft a...
Open WebUI has Broken Access Control in Tool Valves
Summary Broken Access Control in Tool Valves Open WebUI supports function calling through "Tools". Function calling allows an LLM to reliably connect to external tools and interact with external APIs. Exemplary use-cases include connecting to an internal knowledge base, retrieving emails from an...
CVE-2026-34445
A flaw was found in Open Neural Network Exchange ONNX. An attacker could exploit a vulnerability in how ONNX processes model metadata, specifically within the ExternalDataInfo class. By crafting a malicious ONNX model, an attacker could overwrite internal object properties, leading to a denial of...
CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...
CVE-2026-34447
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a symlink traversal vulnerability in external data loading allows reading files outside the model directory. This issue has been patched in version 1.21.0...
PYSEC-2026-104
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a symlink traversal vulnerability in external data loading allows reading files outside the model directory. This issue has been patched in version 1.21.0...
DEBIAN-CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...
DEBIAN-CVE-2026-34447
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a symlink traversal vulnerability in external data loading allows reading files outside the model directory. This issue has been patched in version 1.21.0...
PYSEC-2026-104
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a symlink traversal vulnerability in external data loading allows reading files outside the model directory. This issue has been patched in version 1.21.0...
UBUNTU-CVE-2026-34445
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, the ExternalDataInfo class in ONNX was using Python’s setattr function to load metadata like file paths or data lengths directly from an ONNX model file. It didn’t check if the...
UBUNTU-CVE-2026-34447
Open Neural Network Exchange ONNX is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a symlink traversal vulnerability in external data loading allows reading files outside the model directory. This issue has been patched in version 1.21.0...