Nixpkgs security tracker
8.6 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Network (N)
- Attack Complexity (AC): Low (L)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Changed (C)
- Confidentiality (C): High (H)
- Integrity (I): None (N)
- Availability (A): None (N)
- Modified Attack Vector (MAV): Network (N)
- Modified Attack Complexity (MAC): Low (L)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Changed (C)
- Modified Integrity (MI): None (N)
- Modified Availability (MA): None (N)
by @LeSuisse Activity log
- Created suggestion
-
@LeSuisse
ignored
47 packages
- onnxruntime
- sherpa-onnx
- pkgsRocm.onnxruntime
- pkgsRocm.sherpa-onnx
- python312Packages.onnx
- python312Packages.tf2onnx
- python313Packages.onnx-ir
- python313Packages.tf2onnx
- python314Packages.onnx-ir
- python312Packages.onnxslim
- python312Packages.skl2onnx
- python313Packages.onnx-asr
- python313Packages.onnxslim
- python313Packages.skl2onnx
- python314Packages.onnx-asr
- python314Packages.onnxslim
- python314Packages.skl2onnx
- python313Packages.onnxscript
- python314Packages.onnxscript
- python312Packages.onnxmltools
- python312Packages.onnxruntime
- python312Packages.paddle2onnx
- python313Packages.onnxmltools
- python313Packages.onnxruntime
- python313Packages.sherpa-onnx
- python314Packages.onnxmltools
- python314Packages.onnxruntime
- python314Packages.sherpa-onnx
- python313Packages.optimum-onnx
- python314Packages.optimum-onnx
- pkgsRocm.python3Packages.onnx-ir
- pkgsRocm.python3Packages.tf2onnx
- pkgsRocm.python3Packages.onnx-asr
- pkgsRocm.python3Packages.onnxscript
- python312Packages.onnxruntime-tools
- python313Packages.onnxruntime-tools
- python314Packages.onnxruntime-tools
- pkgsRocm.python3Packages.onnxruntime
- pkgsRocm.python3Packages.sherpa-onnx
- pkgsRocm.python3Packages.optimum-onnx
- python312Packages.onnxconverter-common
- python312Packages.rapidocr-onnxruntime
- python313Packages.onnxconverter-common
- python313Packages.rapidocr-onnxruntime
- python314Packages.onnxconverter-common
- python314Packages.rapidocr-onnxruntime
- pkgsRocm.python3Packages.rapidocr-onnxruntime
- @LeSuisse restored package python312Packages.onnx
- @LeSuisse accepted
- @LeSuisse published on GitHub
ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack
Open Neural Network Exchange (ONNX) is an open standard for machine learning interoperability. In versions up to and including 1.20.1, a security control bypass exists in onnx.hub.load() due to improper logic in the repository trust verification mechanism. While the function is designed to warn users when loading models from non-official sources, the use of the silent=True parameter completely suppresses all security warnings and confirmation prompts. This vulnerability transforms a standard model-loading function into a vector for Zero-Interaction Supply-Chain Attacks. When chained with file-system vulnerabilities, an attacker can silently exfiltrate sensitive files (SSH keys, cloud credentials) from the victim's machine the moment the model is loaded. As of time of publication, no known patched versions are available.
References
-
https://github.com/onnx/onnx/security/advisories/GHSA-hqmj-h5c6-369m x_refsource_CONFIRM
Ignored references (1)
Affected products
- ==<= 1.20.1
Matching in nixpkgs
pkgs.onnx
Open Neural Network Exchange
pkgs.python312Packages.onnx
None
pkgs.python313Packages.onnx
Open Neural Network Exchange
pkgs.python314Packages.onnx
Open Neural Network Exchange
Ignored packages (46)
pkgs.onnxruntime
Cross-platform, high performance scoring engine for ML models
pkgs.sherpa-onnx
Speech-to-text, text-to-speech, and speaker recognition using next-gen Kaldi with onnxruntime
pkgs.pkgsRocm.onnxruntime
Cross-platform, high performance scoring engine for ML models
pkgs.pkgsRocm.sherpa-onnx
Speech-to-text, text-to-speech, and speaker recognition using next-gen Kaldi with onnxruntime
pkgs.python312Packages.tf2onnx
None
pkgs.python313Packages.onnx-ir
Efficient in-memory representation for ONNX, in Python
pkgs.python313Packages.tf2onnx
Convert TensorFlow, Keras, Tensorflow.js and Tflite models to ONNX
-
nixos-unstable tf2onnx-1.16.1
- nixpkgs-unstable tf2onnx-1.16.1
- nixos-unstable-small tf2onnx-1.16.1
pkgs.python314Packages.onnx-ir
Efficient in-memory representation for ONNX, in Python
pkgs.python312Packages.onnxslim
None
pkgs.python312Packages.skl2onnx
None
pkgs.python313Packages.onnx-asr
Lightweight Automatic Speech Recognition using ONNX models
pkgs.python313Packages.onnxslim
Toolkit to Help Optimize Onnx Model
pkgs.python313Packages.skl2onnx
Convert scikit-learn models to ONNX
-
nixos-unstable skl2onnx-1.19.1
- nixpkgs-unstable skl2onnx-1.19.1
- nixos-unstable-small skl2onnx-1.19.1
pkgs.python314Packages.onnx-asr
Lightweight Automatic Speech Recognition using ONNX models
pkgs.python314Packages.onnxslim
Toolkit to Help Optimize Onnx Model
pkgs.python314Packages.skl2onnx
Convert scikit-learn models to ONNX
-
nixos-unstable skl2onnx-1.19.1
- nixpkgs-unstable skl2onnx-1.19.1
- nixos-unstable-small skl2onnx-1.19.1
pkgs.python313Packages.onnxscript
Naturally author ONNX functions and models using a subset of Python
pkgs.python314Packages.onnxscript
Naturally author ONNX functions and models using a subset of Python
pkgs.python312Packages.onnxmltools
None
pkgs.python312Packages.onnxruntime
None
pkgs.python312Packages.paddle2onnx
None
pkgs.python313Packages.onnxmltools
ONNXMLTools enables conversion of models to ONNX
pkgs.python313Packages.onnxruntime
Cross-platform, high performance scoring engine for ML models
pkgs.python313Packages.sherpa-onnx
Python bindings for sherpa-onnx speech recognition
pkgs.python314Packages.onnxmltools
ONNXMLTools enables conversion of models to ONNX
pkgs.python314Packages.onnxruntime
Cross-platform, high performance scoring engine for ML models
pkgs.python314Packages.sherpa-onnx
Python bindings for sherpa-onnx speech recognition
pkgs.python313Packages.optimum-onnx
Export your model to ONNX and run inference with ONNX Runtime
pkgs.python314Packages.optimum-onnx
Export your model to ONNX and run inference with ONNX Runtime
pkgs.pkgsRocm.python3Packages.onnx-ir
Efficient in-memory representation for ONNX, in Python
pkgs.pkgsRocm.python3Packages.tf2onnx
Convert TensorFlow, Keras, Tensorflow.js and Tflite models to ONNX
-
nixos-unstable tf2onnx-1.16.1
- nixpkgs-unstable tf2onnx-1.16.1
- nixos-unstable-small tf2onnx-1.16.1
pkgs.pkgsRocm.python3Packages.onnx-asr
Lightweight Automatic Speech Recognition using ONNX models
pkgs.pkgsRocm.python3Packages.onnxscript
Naturally author ONNX functions and models using a subset of Python
pkgs.python312Packages.onnxruntime-tools
None
pkgs.python313Packages.onnxruntime-tools
Transformers Model Optimization Tool of ONNXRuntime
pkgs.python314Packages.onnxruntime-tools
Transformers Model Optimization Tool of ONNXRuntime
pkgs.pkgsRocm.python3Packages.onnxruntime
Cross-platform, high performance scoring engine for ML models
pkgs.pkgsRocm.python3Packages.sherpa-onnx
Python bindings for sherpa-onnx speech recognition
pkgs.pkgsRocm.python3Packages.optimum-onnx
Export your model to ONNX and run inference with ONNX Runtime
pkgs.python312Packages.onnxconverter-common
None
pkgs.python312Packages.rapidocr-onnxruntime
None
pkgs.python313Packages.onnxconverter-common
ONNX Converter and Optimization Tools
pkgs.python313Packages.rapidocr-onnxruntime
Cross platform OCR Library based on OnnxRuntime
pkgs.python314Packages.onnxconverter-common
ONNX Converter and Optimization Tools
pkgs.python314Packages.rapidocr-onnxruntime
Cross platform OCR Library based on OnnxRuntime
pkgs.pkgsRocm.python3Packages.rapidocr-onnxruntime
Cross platform OCR Library based on OnnxRuntime
Package maintainers
-
@ConnorBaker Connor Baker <ConnorBaker01@gmail.com>
-
@acairncross Aiken Cairncross <acairncross@gmail.com>