15 matches found
Azure Linux 3.0 Security Update: pytorch (CVE-2024-27318)
The version of pytorch installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27318 advisory. - Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the...
Path Traversal
onnx is vulnerable to Path Traversal. The vulnerability is due to a flaw in the handling of the externaldata field of the tensor proto, allowing paths to files outside the model's current directory or user-provided directory...
SUSE CVE-2022-25882
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...
CVE-2024-27318
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...
AZL-35146 CVE-2024-27318 affecting package pytorch for versions less than 2.2.2-1
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...
PYSEC-2024-222
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...
Directory traversal
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...
CVE-2024-27318
CVE-2024-27318 affects the ONNX package: versions up to and including 1.15.0 are vulnerable to a Directory Traversal in the external_data field of the tensor proto, which can reference files outside the model directory or user-provided directory. The issue is described as a bypass of the patch fo...
Directory Traversal
onnx is vulnerable to Directory Traversal. The vulnerability exists in the checktensor function of checker.cc as the externaldata field of the tensor proto may have an unvalidated path to a file which is outside the current model directory or a user-provided directory...
GHSA-FFXJ-547X-5J7C Directory Traversal in onnx
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...
CVE-2022-25882
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...
AZL-25854 CVE-2022-25882 affecting package pytorch for versions less than 2.0.0-1
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...
Directory traversal
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...
Open Neural Network Exchange 路径遍历漏洞
The Open Neural Network Exchange ONNX is an open ecosystem that enables AI developers to choose the right tools as their projects evolve. A security vulnerability exists in Open Neural Network Exchange version 1.13.0, which stems from the fact that the externaldata field of a tensor proto may poi...
CVE-2022-25882
Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"...