Bounties
Partners
Community
Info
onnx / onnx
Project repository
Open standard for machine learning interoperability
Submit a report
FIRST INTERACTION
WITHIN
N/A DAYS
REVIEW
WITHIN
39 DAYS
FIX
WITHIN
N/A DAYS
Exploit ONNX Net Drawer via doc_string injection
May 20th 2025
meme-dm
•
pending
Arbitary File Overwrite in save_external_data
Apr 16th 2025
michealkeines
•
pending
File Creation Vulnerability with Potential Race Condition
Apr 14th 2025
hope4real
•
pending
Lack of Error Handling for Malformed Input in ONNX Model/Node Check
Apr 11th 2025
tugar2003
•
pending
Arbitrary File Overwrite in onnx/backend/test/runner/download_model in onnx/onnx
Oct 9th 2024
arashimu
•
High
•
$750
High
•
$750
•
CVE-2024-7776
CVE-2024-7776
RCE via Documentation Updates
Jun 17th 2024
redyetidev
•
informative
Critical
Arbitrary File Overwrite in download_model_with_test_data
May 23rd 2024
sunrisexu
•
High
•
$750
High
•
$750
•
CVE-2024-5187
CVE-2024-5187
[https://github.com/onnx/onnx] Source repository compromise via GitHub actions w...
Feb 13th 2024
arunstar
•
informative
Critical
CRITICAL
$1500
HIGH
$750
MEDIUM
$125
LOW
$20
