Search CVE reports


Toggle filters

11 – 12 of 12 results


CVE-2024-5187

Medium priority
Vulnerable

A vulnerability in the `download_model_with_test_data` function of the onnx/onnx framework, version 1.16.0, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This...

1 affected package

onnx

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
onnx Not affected Vulnerable Not affected Not in release
Show less packages

CVE-2022-25882

Medium priority
Vulnerable

Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory,...

1 affected package

onnx

Package 26.04 LTS 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
onnx Not affected Not affected Vulnerable Not in release Not in release
Show less packages