HIGH PyPI
GHSA-3r9x-f23j-gc73 · CVE-2026-27489 onnx Vulnerable to Path Traversal via Symlink
수정: 2026. 4. 6.
package
PyPI / onnx
pkg:pypi/onnx
HIGH 8.6 PyPI
GHSA-538c-55jv-c5g9 · CVE-2026-34445 ONNX: Malicious ONNX models can crash servers by exploiting unprotected object settings.
수정: 2026. 4. 4.
CRITICAL 9.1 PyPI
PYSEC-2026-103 · CVE-2026-28500, GHSA-hqmj-h5c6-369m 수정: 2026. 5. 20.
MEDIUM 5.5 PyPI
PYSEC-2026-104 · CVE-2026-34447, GHSA-p433-9wv8-28xj 수정: 2026. 5. 20.
HIGH 8.8 PyPI
GHSA-6rq9-53c3-f7vj · CVE-2024-5187, CVE-2025-51480 onnx allows Arbitrary File Overwrite in download_model_with_test_data
수정: 2026. 6. 6.
MEDIUM 4.7 PyPI
GHSA-cmw6-hcpp-c6jp · CVE-2026-34446 ONNX: Arbitrary File Read via ExternalData Hardlink Bypass in ONNX load
수정: 2026. 4. 4.
HIGH 7.5 PyPI
GHSA-ffxj-547x-5j7c · CVE-2022-25882, PYSEC-2023-38 Directory Traversal in onnx
수정: 2025. 4. 1.
HIGH 8.1 PyPI
GHSA-h36j-8vv3-cj52 · CVE-2024-7776, PYSEC-2025-10 Open Neural Network Exchange (ONNX) Path Traversal Vulnerability
수정: 2025. 3. 27.
MEDIUM 4.4 PyPI
GHSA-h8wv-9h96-m4hr · CVE-2024-27319, PYSEC-2024-223 Onnx Out-of-bounds Read vulnerability
수정: 2026. 2. 4.
HIGH 8.6 PyPI
GHSA-hqmj-h5c6-369m · CVE-2026-28500, PYSEC-2026-103 ONNX Untrusted Model Repository Warnings Suppressed by silent=True in onnx.hub.load() — Silent Supply-Chain Attack
수정: 2026. 6. 8.
MEDIUM 5.5 PyPI
GHSA-p433-9wv8-28xj · CVE-2026-34447, PYSEC-2026-104 ONNX: External Data Symlink Traversal
수정: 2026. 6. 8.
HIGH 7.1 PyPI
GHSA-q56x-g2fj-4rj6 ONNX: TOCTOU arbitrary file read/write in save_external_dat
수정: 2026. 6. 8.
HIGH 7.5 PyPI
GHSA-whh8-fjgc-qp73 · CVE-2024-27318, PYSEC-2024-222 Onnx Directory Traversal vulnerability
수정: 2026. 2. 4.
— PyPI
PYSEC-2023-38 · CVE-2022-25882, GHSA-ffxj-547x-5j7c 수정: 2023. 11. 8.
HIGH 7.5 PyPI
PYSEC-2024-222 · CVE-2024-27318, GHSA-whh8-fjgc-qp73 수정: 2025. 1. 22.
CRITICAL 9.1 PyPI
PYSEC-2024-223 · CVE-2024-27319, GHSA-h8wv-9h96-m4hr 수정: 2025. 1. 22.
CRITICAL 9.1 PyPI
PYSEC-2025-10 · CVE-2024-7776, GHSA-h36j-8vv3-cj52 수정: 2025. 3. 26.
HIGH 8.8 PyPI
PYSEC-2025-148 · CVE-2024-5187, CVE-2025-51480 수정: 2026. 5. 21.