Nixpkgs security tracker
4.4 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): NONE
- Availability impact (A): LOW
Versions of the package onnx before and including 1.15.0 are …
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.
References
Affected products
- =<1.15.0
Matching in nixpkgs
pkgs.onnxruntime
Cross-platform, high performance scoring engine for ML models
pkgs.python311Packages.onnx
Open Neural Network Exchange
pkgs.python312Packages.onnx
Open Neural Network Exchange
pkgs.python311Packages.skl2onnx
Convert scikit-learn models to ONNX
-
nixos-unstable skl2onnx-1.17.0
- nixpkgs-unstable skl2onnx-1.17.0
- nixos-unstable-small skl2onnx-1.17.0
pkgs.python312Packages.skl2onnx
Convert scikit-learn models to ONNX
-
nixos-unstable skl2onnx-1.17.0
- nixpkgs-unstable skl2onnx-1.17.0
- nixos-unstable-small skl2onnx-1.17.0
pkgs.python311Packages.onnxmltools
ONNXMLTools enables conversion of models to ONNX
pkgs.python311Packages.onnxruntime
Cross-platform, high performance scoring engine for ML models
pkgs.python312Packages.onnxmltools
ONNXMLTools enables conversion of models to ONNX
pkgs.python312Packages.onnxruntime
Cross-platform, high performance scoring engine for ML models
pkgs.python311Packages.onnxruntime-tools
Transformers Model Optimization Tool of ONNXRuntime
pkgs.python312Packages.onnxruntime-tools
Transformers Model Optimization Tool of ONNXRuntime
pkgs.python311Packages.onnxconverter-common
ONNX Converter and Optimization Tools
pkgs.python311Packages.rapidocr-onnxruntime
Cross platform OCR Library based on OnnxRuntime
pkgs.python312Packages.onnxconverter-common
ONNX Converter and Optimization Tools
pkgs.python312Packages.rapidocr-onnxruntime
Cross platform OCR Library based on OnnxRuntime
Package maintainers
-
@ck3d Christian Kögler <ck3d@gmx.de>
-
@puffnfresh Brian McKenna <brian@brianmckenna.org>
-
@cbourjau Christian Bourjau <christianb@posteo.de>
-
@acairncross Aiken Cairncross <acairncross@gmail.com>
-
@happysalada Raphael Megzari <raphael@megzari.com>
-
@pluiedev Leah Amelia Chen <hi@pluie.me>