Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: python312Packages.onnxslim

Found 3 matching suggestions

Untriaged
Permalink CVE-2013-4412
created 2 weeks, 3 days ago
slim has NULL pointer dereference when using crypt() method from …

slim has NULL pointer dereference when using crypt() method from glibc 2.17

References

Affected products

slim
  • ==< 1.3.6

Matching in nixpkgs

pkgs.slimserver

Lyrion Music Server (formerly Logitech Media Server) is open-source server software which controls a wide range of Squeezebox audio players

Package maintainers

Untriaged
Permalink CVE-2024-27319
created 5 months, 2 weeks ago
Versions of the package onnx before and including 1.15.0 are …

Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.

References

Affected products

onnx
  • =<1.15.0

Matching in nixpkgs

pkgs.onnxruntime

Cross-platform, high performance scoring engine for ML models

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2024-27318
created 5 months, 2 weeks ago
Versions of the package onnx before and including 1.15.0 are …

Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882.

References

Affected products

onnx
  • =<1.15.0

Matching in nixpkgs

pkgs.onnxruntime

Cross-platform, high performance scoring engine for ML models

  • nixos-unstable -

Package maintainers