CVE-2024-27318Path Traversal in Onnx

CWE-22Path Traversal6 documents5 sources
Severity
7.5HIGHNVD
EPSS
0.4%
top 38.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Linuxfoundation OnnxOnnxFedoraproject Fedora
Timeline
PublishedFeb 23

Description

Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages3 packages

PyPIonnx/onnx< 66b7fb630903fdcf3e83b6b6d56d82e904264a20+2
NVDlinuxfoundation/onnx< 1.16.0
CVEListV5onnx/onnx1.15.0

Also affects: Fedora 39, 40

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

4
CVEList
CVE-2024-27318: Versions of the package onnx before and including 12024-02-23
OSV
CVE-2024-27318: Versions of the package onnx before and including 12024-02-23
GHSA
Onnx Directory Traversal vulnerability2024-02-23
OSV
Onnx Directory Traversal vulnerability2024-02-23

📋Vendor Advisories

1
Microsoft
Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model cur2024-02-13
CVE-2024-27318 — Path Traversal in Linuxfoundation Onnx | cvebase