Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.
History

Wed, 22 Jan 2025 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Fedoraproject
Fedoraproject fedora
Linuxfoundation
Linuxfoundation onnx
CPEs cpe:2.3:a:linuxfoundation:onnx:*:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*
Vendors & Products Fedoraproject
Fedoraproject fedora
Linuxfoundation
Linuxfoundation onnx

cve-icon MITRE

Status: PUBLISHED

Assigner: HiddenLayer

Published: 2024-02-23T17:39:52.870Z

Updated: 2024-08-02T00:34:51.009Z

Reserved: 2024-02-23T16:59:23.010Z

Link: CVE-2024-27319

cve-icon Vulnrichment

Updated: 2024-08-02T00:34:51.009Z

cve-icon NVD

Status : Analyzed

Published: 2024-02-23T18:15:50.960

Modified: 2025-01-22T14:26:49.917

Link: CVE-2024-27319

cve-icon Redhat

No data.