We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-51480



Description

Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0 allows attackers to overwrite arbitrary files by supplying crafted external_data.location paths containing traversal sequences, bypassing intended directory restrictions.

Reserved 2025-06-16 | Published 2025-07-22 | Updated 2025-07-22 | Assigner mitre

References

github.com/onnx/onnx

github.com/onnx/onnx/pull/6959

github.com/advisories/GHSA-6rq9-53c3-f7vj

github.com/onnx/onnx/pull/7040

www.gecko.security/blog/cve-2025-51480

cve.org (CVE-2025-51480)

nvd.nist.gov (CVE-2025-51480)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-51480

Support options

Helpdesk Chat, Email, Knowledgebase