PYSEC-2025-10

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/onnx/PYSEC-2025-10.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2025-10

Aliases

Published

2025-03-20T10:15:37Z

Modified

2025-03-26T19:57:31.967399Z

Severity

9.1 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVSS Calculator

Summary

[none]

Details

A vulnerability in the download_model function of the onnx/onnx framework, before and including version 1.16.1, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability can be exploited by an attacker to overwrite files in the user's directory, potentially leading to remote command execution.

References

https://huntr.com/bounties/a7a46cf6-1fa0-454b-988c-62d222e83f63

Affected packages

PyPI / onnx

Package

Name: onnx; View open source insights on deps.dev
Purl: pkg:pypi/onnx

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.16.2

Affected versions

0.*

0.1

0.2

0.2.1

1.*

1.0.0

1.0.1

1.1.0

1.1.1

1.1.2

1.2.1

1.2.2

1.2.3

1.3.0

1.4.0

1.4.1

1.5.0

1.6.0

1.7.0

1.8.0

1.8.1

1.9.0

1.10.0

1.10.1

1.10.2

1.11.0

1.12.0

1.13.0

1.13.1

1.14.0

1.14.1

1.15.0

1.16.0

1.16.1