CVE-2024-27318: 
Python vulnerability analysis and mitigation

CVE-2024-27318 affects versions of the ONNX package before and including 1.15.0. The vulnerability is a Directory Traversal issue where the external_data field of the tensor proto can have a path to a file outside the model's current directory or user-provided directory. This vulnerability represents a bypass of the patch previously implemented for CVE-2022-25882 (NVD).

The vulnerability is classified as CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) and has received a CVSS v3.1 base score of 7.5 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. The issue specifically occurs in the handling of external data paths in the tensor proto, where the path validation can be bypassed to access files outside the intended directory structure (NVD).

The vulnerability allows attackers to access files outside the intended model directory through directory traversal, potentially leading to unauthorized access to sensitive files on the system. The CVSS score indicates high impact on confidentiality but no direct impact on integrity or availability (NVD).

Users should upgrade to ONNX versions after 1.15.0 which contain the fix for this vulnerability. For Fedora users, updates have been released for both Fedora 39 (onnx-1.14.0-9.fc39) and Fedora 40 (onnx-1.14.1-2.fc40) that include patches for this vulnerability (Fedora 39, Fedora 40).