CVE-2022-25882

CVSS V2 None CVSS V3 None

Description

Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory, for example "../../../etc/passwd"

Overview

CVE ID
CVE-2022-25882

Assigner
report@snyk.io

Vulnerability Status
Analyzed

Published Version
2023-01-26T21:15:31

Last Modified Date
2023-02-02T18:20:23

Weakness Enumerations

CWE	URL
CWE-22	http://cwe.mitre.org/data/definitions/22.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:linuxfoundation:onnx::::::::	1	OR		1.13.0

References

Reference URL	Reference Tags
https://gist.github.com/jnovikov/02a9aff9bf2188033e77bd91ff062856
https://github.com/onnx/onnx/blob/96516aecd4c110b0ac57eba08ac236ebf7205728/onnx/checker.cc%23L129
https://github.com/onnx/onnx/commit/f369b0e859024095d721f1d1612da5a8fa38988d
https://github.com/onnx/onnx/issues/3991
https://github.com/onnx/onnx/pull/4400
https://security.snyk.io/vuln/SNYK-PYTHON-ONNX-2395479

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2022-25882
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25882

History

Created	Old Value	New Value	Data Type	Notes
2023-01-26 23:16:28				Added to TrackCVE
2023-01-27 15:14:42		2023-01-27T14:03:45	CVE Modified Date	updated
2023-01-27 15:14:42	Received	Awaiting Analysis	Vulnerability Status	updated
2023-01-31 19:13:18	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-02-02 19:14:20		2023-02-02T18:20:23	CVE Modified Date	updated
2023-02-02 19:14:20	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-02-02 19:14:21			Weakness Enumeration	new
2023-02-02 19:14:23			CPE Information	updated