Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2024-5187

Good to know:

icon

Date: June 6, 2024

A vulnerability in the `download_model_with_test_data` function of the onnx/onnx framework, version 1.16.0, allows for arbitrary file overwrite due to inadequate prevention of path traversal attacks in malicious tar files. This vulnerability enables attackers to overwrite any file on the system, potentially leading to remote code execution, deletion of system, personal, or application files, thus impacting the integrity and availability of the system. The issue arises from the function's handling of tar file extraction without performing security checks on the paths within the tar file, as demonstrated by the ability to overwrite the `/home/kali/.ssh/authorized_keys` file by specifying an absolute path in the malicious tar file.

Language: Python

Severity Score

Related Resources (8)

https://nvd.nist.gov/vuln/detail/CVE-2024-5187
https://github.com/onnx/onnx/commit/1b70f9b673259360b6a2339c4bd97db9ea6e552f
https://huntr.com/bounties/50235ebd-3410-4ada-b064-1a648e11237e
https://github.com/onnx/onnx/commit/3fc3845edb048df559aa2a839e39e95503a0ee34
https://github.com/onnx/onnx
https://github.com/onnx/onnx/pull/6145
https://github.com/onnx/onnx/issues/6215
https://www.mend.io/vulnerability-database/CVE-2024-5187

Severity Score

Weakness Type (CWE)

Path Traversal

CWE-22

Top Fix

icon

Upgrade Version

Upgrade to version onnx - 1.16.2

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): HIGH
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us