7 matches found
CVE-2024-27318
CVE-2024-27318 affects the ONNX package: versions up to and including 1.15.0 are vulnerable to a Directory Traversal in the external_data field of the tensor proto, which can reference files outside the model directory or user-provided directory. The issue is described as a bypass of the patch fo...
CVE-2024-27319
CVE-2024-27319 affects the ONNX package: versions 1.15.0 and earlier are vulnerable due to an off-by-one string copy in ONNX_ASSERT/ONNX_ASSERTM, causing an out-of-bounds read. Connected advisories confirm the issue across multiple platforms and note remediation by upgrading ONNX (e.g., IBM’s adv...
CVE-2022-25882
CVE-2022-25882 affects onnx before 1.13.0, where the external_data field of the tensor proto can contain a path outside the model directory (example: ../../../etc/passwd), enabling directory traversal. This could impact confidentiality. Remediation: upgrade to onnx 1.13.0 or later. The provided d...
CVE-2026-34445
CVE-2026-34445 affects ONNX prior to version 1.21.0, where ExternalDataInfo used Python setattr() to load metadata directly from model files without validating keys, enabling a malicious model to overwrite internal object properties. Impact is mainly availability (HIGH) with confidentiality and i...
CVE-2026-27489
CVE-2026-27489: Open Neural Network Exchange (ONNX) prior to 1.21.0 suffers a path-traversal via symlink vulnerability that allows reading files outside the model or user directory. Affected product detail in IBM Watson Speech Services Cartridge (versions 4.0.0–5.3.1); fix is in 5.3.1 Patch 5 (5....
CVE-2026-34446
CVE-2026-34446 affects Open Neural Network Exchange (ONNX). The vulnerability is in onnx.load where hardlinks can bypass the path-traversal check, allowing an arbitrary file read. The issue is fixed in ONNX 1.21.0. Impact is described as arbitrary file read with LOCAL attack vector and MEDIUM bas...
CVE-2026-34447
Onnx ONNX prior to version 1.21.0 has a symlink traversal vulnerability in external data loading that can read files outside the model directory. Affected component: ONNX data loading logic. Root cause: symlink traversal allowing access to restricted files. Impact: potential confidentiality breac...