Upstream information
Description
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently not rated by SUSE as it is not affecting the SUSE Enterprise products.
SUSE Bugzilla entry: 1220346 [NEW] No SUSE Security Announcements cross referenced.List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA libonnx-1.16.0-1.1 |
SUSE Timeline for this CVE
CVE page created: Fri Feb 23 21:00:11 2024CVE page last modified: Mon Apr 29 20:26:21 2024