Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.
Metrics
Affected Vendors & Products
References
History
Wed, 22 Jan 2025 14:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fedoraproject
Fedoraproject fedora Linuxfoundation Linuxfoundation onnx |
|
CPEs | cpe:2.3:a:linuxfoundation:onnx:*:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:* |
|
Vendors & Products |
Fedoraproject
Fedoraproject fedora Linuxfoundation Linuxfoundation onnx |

Status: PUBLISHED
Assigner: HiddenLayer
Published: 2024-02-23T17:39:52.870Z
Updated: 2024-08-02T00:34:51.009Z
Reserved: 2024-02-23T16:59:23.010Z
Link: CVE-2024-27319

Updated: 2024-08-02T00:34:51.009Z

Status : Analyzed
Published: 2024-02-23T18:15:50.960
Modified: 2025-01-22T14:26:49.917
Link: CVE-2024-27319

No data.