Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses

Filter by:

With package: python312Packages.tf2onnx

Found 2 matching suggestions

Untriaged

Permalink CVE-2024-27319

created 5 months, 2 weeks ago

Versions of the package onnx before and including 1.15.0 are …

Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.

References

Affected products

onnx

=<1.15.0

Matching in nixpkgs

pkgs.onnxruntime

Cross-platform, high performance scoring engine for ML models

nixos-unstable -
- nixpkgs-unstable 1.22.2

pkgs.python312Packages.onnx

Open Neural Network Exchange

nixos-unstable -
- nixpkgs-unstable 1.19.0

pkgs.python313Packages.onnx

Open Neural Network Exchange

nixos-unstable -
- nixpkgs-unstable 1.19.0

pkgs.python312Packages.tf2onnx

Convert TensorFlow, Keras, Tensorflow.js and Tflite models to ONNX

nixos-unstable -
- nixpkgs-unstable tf2onnx-1.16.1

pkgs.python312Packages.onnxslim

Toolkit to Help Optimize Onnx Model

nixos-unstable -
- nixpkgs-unstable 0.1.68

pkgs.python312Packages.skl2onnx

Convert scikit-learn models to ONNX

nixos-unstable -
- nixpkgs-unstable skl2onnx-1.19.1

pkgs.python313Packages.onnxslim

Toolkit to Help Optimize Onnx Model

nixos-unstable -
- nixpkgs-unstable 0.1.68

pkgs.python313Packages.skl2onnx

Convert scikit-learn models to ONNX

nixos-unstable -
- nixpkgs-unstable skl2onnx-1.19.1

pkgs.python312Packages.onnxmltools

ONNXMLTools enables conversion of models to ONNX

nixos-unstable -
- nixpkgs-unstable 1.14.0

pkgs.python312Packages.onnxruntime

Cross-platform, high performance scoring engine for ML models

nixos-unstable -
- nixpkgs-unstable 1.22.2

pkgs.python312Packages.paddle2onnx

ONNX Model Exporter for PaddlePaddle

nixos-unstable -
- nixpkgs-unstable paddle2onnx-2.0.1

pkgs.python313Packages.onnxmltools

ONNXMLTools enables conversion of models to ONNX

nixos-unstable -
- nixpkgs-unstable 1.14.0

pkgs.python313Packages.onnxruntime

Cross-platform, high performance scoring engine for ML models

nixos-unstable -
- nixpkgs-unstable 1.22.2

pkgs.python312Packages.onnxruntime-tools

Transformers Model Optimization Tool of ONNXRuntime

nixos-unstable -
- nixpkgs-unstable 1.7.0

pkgs.python313Packages.onnxruntime-tools

Transformers Model Optimization Tool of ONNXRuntime

nixos-unstable -
- nixpkgs-unstable 1.7.0

pkgs.python312Packages.onnxconverter-common

ONNX Converter and Optimization Tools

nixos-unstable -
- nixpkgs-unstable 0.16.0

pkgs.python312Packages.rapidocr-onnxruntime

Cross platform OCR Library based on OnnxRuntime

nixos-unstable -
- nixpkgs-unstable 1.4.4

pkgs.python313Packages.onnxconverter-common

ONNX Converter and Optimization Tools

nixos-unstable -
- nixpkgs-unstable 0.16.0

pkgs.python313Packages.rapidocr-onnxruntime

Cross platform OCR Library based on OnnxRuntime

nixos-unstable -
- nixpkgs-unstable 1.4.4

Package maintainers

@ck3d Christian Kögler <ck3d@gmx.de>
@puffnfresh Brian McKenna <brian@brianmckenna.org>
@acairncross Aiken Cairncross <acairncross@gmail.com>
@happysalada Raphael Megzari <raphael@megzari.com>
@ferrine Max Kochurov <justferres@yandex.ru>
@wrvsrx wrvsrx <wrvsrx@outlook.com>

Untriaged

Permalink CVE-2024-27318

created 5 months, 2 weeks ago

Versions of the package onnx before and including 1.15.0 are …

Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch added for CVE-2022-25882.

References

Affected products

onnx

=<1.15.0

Matching in nixpkgs

pkgs.onnxruntime

Cross-platform, high performance scoring engine for ML models

nixos-unstable -
- nixpkgs-unstable 1.22.2

pkgs.python312Packages.onnx

Open Neural Network Exchange

nixos-unstable -
- nixpkgs-unstable 1.19.0

pkgs.python313Packages.onnx

Open Neural Network Exchange

nixos-unstable -
- nixpkgs-unstable 1.19.0

pkgs.python312Packages.tf2onnx

Convert TensorFlow, Keras, Tensorflow.js and Tflite models to ONNX

nixos-unstable -
- nixpkgs-unstable tf2onnx-1.16.1

pkgs.python312Packages.onnxslim

Toolkit to Help Optimize Onnx Model

nixos-unstable -
- nixpkgs-unstable 0.1.68

pkgs.python312Packages.skl2onnx

Convert scikit-learn models to ONNX

nixos-unstable -
- nixpkgs-unstable skl2onnx-1.19.1

pkgs.python313Packages.onnxslim

Toolkit to Help Optimize Onnx Model

nixos-unstable -
- nixpkgs-unstable 0.1.68

pkgs.python313Packages.skl2onnx

Convert scikit-learn models to ONNX

nixos-unstable -
- nixpkgs-unstable skl2onnx-1.19.1

pkgs.python312Packages.onnxmltools

ONNXMLTools enables conversion of models to ONNX

nixos-unstable -
- nixpkgs-unstable 1.14.0

pkgs.python312Packages.onnxruntime

Cross-platform, high performance scoring engine for ML models

nixos-unstable -
- nixpkgs-unstable 1.22.2

pkgs.python312Packages.paddle2onnx

ONNX Model Exporter for PaddlePaddle

nixos-unstable -
- nixpkgs-unstable paddle2onnx-2.0.1

pkgs.python313Packages.onnxmltools

ONNXMLTools enables conversion of models to ONNX

nixos-unstable -
- nixpkgs-unstable 1.14.0

pkgs.python313Packages.onnxruntime

Cross-platform, high performance scoring engine for ML models

nixos-unstable -
- nixpkgs-unstable 1.22.2

pkgs.python312Packages.onnxruntime-tools

Transformers Model Optimization Tool of ONNXRuntime

nixos-unstable -
- nixpkgs-unstable 1.7.0

pkgs.python313Packages.onnxruntime-tools

Transformers Model Optimization Tool of ONNXRuntime

nixos-unstable -
- nixpkgs-unstable 1.7.0

pkgs.python312Packages.onnxconverter-common

ONNX Converter and Optimization Tools

nixos-unstable -
- nixpkgs-unstable 0.16.0

pkgs.python312Packages.rapidocr-onnxruntime

Cross platform OCR Library based on OnnxRuntime

nixos-unstable -
- nixpkgs-unstable 1.4.4

pkgs.python313Packages.onnxconverter-common

ONNX Converter and Optimization Tools

nixos-unstable -
- nixpkgs-unstable 0.16.0

pkgs.python313Packages.rapidocr-onnxruntime

Cross platform OCR Library based on OnnxRuntime

nixos-unstable -
- nixpkgs-unstable 1.4.4

Package maintainers

@ck3d Christian Kögler <ck3d@gmx.de>
@puffnfresh Brian McKenna <brian@brianmckenna.org>
@acairncross Aiken Cairncross <acairncross@gmail.com>
@happysalada Raphael Megzari <raphael@megzari.com>
@ferrine Max Kochurov <justferres@yandex.ru>
@wrvsrx wrvsrx <wrvsrx@outlook.com>

1