AZL-65661

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65661.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-65661

Upstream

CVE-2025-51480

Published

2025-07-22T16:15:30Z

Modified

2026-04-21T04:37:39.544128Z

Summary

CVE-2025-51480 affecting package pytorch 2.0.0-14

Details

Path Traversal vulnerability in onnx.externaldatahelper.saveexternaldata in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.

References

https://nvd.nist.gov/vuln/detail/CVE-2025-51480

Affected packages

Azure Linux:2 / pytorch

Package

Name: pytorch
Purl: pkg:rpm/azure-linux/pytorch

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

2.0.0-14

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-65661.json"