CVE-2024-27319

CVE-2024-27319

Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.

GHSA-h8wv-9h96-m4hr

Onnx Out-of-bounds Read vulnerability