Source: onnx Version: 1.20.0-4 Severity: important Tags: security upstream X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi, The following vulnerability was published for onnx. CVE-2026-28500[0]: | Open Neural Network Exchange (ONNX) is an open standard for machine | learning interoperability. In versions up to and including 1.20.1, a | security control bypass exists in onnx.hub.load() due to improper | logic in the repository trust verification mechanism. While the | function is designed to warn users when loading models from non- | official sources, the use of the silent=True parameter completely | suppresses all security warnings and confirmation prompts. This | vulnerability transforms a standard model-loading function into a | vector for Zero-Interaction Supply-Chain Attacks. When chained with | file-system vulnerabilities, an attacker can silently exfiltrate | sensitive files (SSH keys, cloud credentials) from the victim's | machine the moment the model is loaded. As of time of publication, | no known patched versions are available. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2026-28500 https://www.cve.org/CVERecord?id=CVE-2026-28500 [1] https://github.com/onnx/onnx/security/advisories/GHSA-hqmj-h5c6-369m Please adjust the affected versions in the BTS as needed. Regards, Salvatore
