CVE-2024-27319

Published February 23rd, 2024

View on NVD ↗

CVSS v3

4.4

MEDIUM

CVSS v2

N/A

Affected

PROJECT

Description

Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.

onnx/onnx

Open standard for machine learning interoperability

GitHub

21K