onnx · threatengine.sh

CVE-2026-34447

< 1.21.0

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a

5.5MEDIUM

CVE-2026-34446

< 1.21.0

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, there is a

4.7MEDIUM

CVE-2026-34445

< 1.21.0

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, the Extern

8.6HIGH

CVE-2026-27489

< 1.21.0

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. Prior to version 1.21.0, a path tra

7.5HIGH

CVE-2026-28500

<= 1.20.1

Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. In versions up to and including 1.2

8.6HIGH

CVE-2025-51480

all versions

Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrar

8.8HIGH

CVE-2024-7776

<= 1.16.1

A vulnerability in the download_model function of the onnx/onnx framework, before and including version 1.16.1, allows for arbit

9.1CRITICAL

CVE-2024-5187

all versions

A vulnerability in the download_model_with_test_data function of the onnx/onnx framework, version 1.16.0, allows for arbitrary f

8.8HIGH

CVE-2024-27319

< 1.16.0

Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM

4.4MEDIUM

CVE-2024-27318

< 1.16.0

Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the t

7.5HIGH

CVE-2022-25882

< 1.13.0

Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto ca

7.5HIGH

linuxfoundation onnx