Vulnerabilities in onnx
10 resultsCVE-2024-7776HIGHArbitrary File Overwrite in onnx/onnxEPSS 1.4%CVE-2024-27318HIGHVersions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor protEPSS 1.2%CVE-2024-5187HIGHArbitrary File Overwrite in download_model_with_test_data in onnx/onnxEPSS 1.2%CVE-2024-27319MEDIUMVersions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions EPSS 0.6%CVE-2026-27489HIGHONNX: Path Traversal via SymlinkEPSS 0.5%CVE-2026-34445HIGHONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.EPSS 0.3%CVE-2026-28500HIGHONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain AttackEPSS 0.3%CVE-2026-34447MEDIUMONNX: External Data Symlink TraversalEPSS 0.2%CVE-2026-34446MEDIUMONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX loadEPSS 0.2%CVE-2026-11329LOWonnx onnx-mlir Placeholder Node Cache backend.py generate_hash_key weak hashEPSS 0.1%