From de1b774b306ba1095892f38f53c8cead80917ba2 Mon Sep 17 00:00:00 2001 From: Henrique Cabral Date: Wed, 4 Mar 2026 11:49:00 -0300 Subject: [PATCH 1/3] New Vuln: OOB read in onxruntime --- input/new.json | 33 +++++++++++++++++++++------------ 1 file changed, 21 insertions(+), 12 deletions(-) diff --git a/input/new.json b/input/new.json index 87646b9a..83871fc3 100644 --- a/input/new.json +++ b/input/new.json @@ -1,15 +1,24 @@ { - "package_name": "", - "patch_versions": [], - "vulnerable_ranges": [], - "cwe": [], - "tldr": "", - "doest_this_affect_me": "", - "how_to_fix": "", - "vulnerable_to": "", + "package_name": "onnxruntime", + "patch_versions": [ + "1.24.2" + ], + "vulnerable_ranges": [ + [ + "0.1.0", + "1.24.1" + ] + ], + "cwe": [ + "CWE-125" + ], + "tldr": "Affected versions of this package contain an out-of-bounds read vulnerability in ONNX Runtime’s `ArrayFeatureExtractor` operator due to missing validation for negative index values. The implementation checks only the upper bound (`<= stride`) but fails to ensure the index is non-negative, allowing crafted inputs such as `y_data = [-10]` to access memory outside the intended array. An attacker able to supply or influence model inputs could exploit this flaw to read unintended heap memory regions during inference, potentially leaking sensitive data from the process memory.", + "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.", + "how_to_fix": "Upgrade the `onnxruntime` library to a patch version.", + "vulnerable_to": "Out-of-bound read", "related_cve_id": "", - "language": "", - "severity_class": "", - "aikido_score": 0, - "changelog": "" + "language": "PYTHON", + "severity_class": "MEDIUM", + "aikido_score": 53, + "changelog": "https://github.com/microsoft/onnxruntime/releases/tag/v1.24.2" } From 6631ae83e5c6d12014ff258cd60f7981772de38b Mon Sep 17 00:00:00 2001 From: Henrique Cabral Date: Wed, 4 Mar 2026 14:25:40 -0300 Subject: [PATCH 2/3] patch range --- input/new.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/input/new.json b/input/new.json index 83871fc3..2b699b47 100644 --- a/input/new.json +++ b/input/new.json @@ -5,7 +5,7 @@ ], "vulnerable_ranges": [ [ - "0.1.0", + "0.1.4", "1.24.1" ] ], From be741b41e47f33845a401ab5a54059b9ae532072 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" Date: Thu, 5 Mar 2026 08:55:31 +0000 Subject: [PATCH 3/3] Move new vulnerability to vulnerabilities/AIKIDO-2026-10289.json and reset new.json template --- input/new.json | 33 ++++++++++---------------- vulnerabilities/AIKIDO-2026-10289.json | 26 ++++++++++++++++++++ 2 files changed, 38 insertions(+), 21 deletions(-) create mode 100644 vulnerabilities/AIKIDO-2026-10289.json diff --git a/input/new.json b/input/new.json index 2b699b47..87646b9a 100644 --- a/input/new.json +++ b/input/new.json @@ -1,24 +1,15 @@ { - "package_name": "onnxruntime", - "patch_versions": [ - "1.24.2" - ], - "vulnerable_ranges": [ - [ - "0.1.4", - "1.24.1" - ] - ], - "cwe": [ - "CWE-125" - ], - "tldr": "Affected versions of this package contain an out-of-bounds read vulnerability in ONNX Runtime’s `ArrayFeatureExtractor` operator due to missing validation for negative index values. The implementation checks only the upper bound (`<= stride`) but fails to ensure the index is non-negative, allowing crafted inputs such as `y_data = [-10]` to access memory outside the intended array. An attacker able to supply or influence model inputs could exploit this flaw to read unintended heap memory regions during inference, potentially leaking sensitive data from the process memory.", - "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.", - "how_to_fix": "Upgrade the `onnxruntime` library to a patch version.", - "vulnerable_to": "Out-of-bound read", + "package_name": "", + "patch_versions": [], + "vulnerable_ranges": [], + "cwe": [], + "tldr": "", + "doest_this_affect_me": "", + "how_to_fix": "", + "vulnerable_to": "", "related_cve_id": "", - "language": "PYTHON", - "severity_class": "MEDIUM", - "aikido_score": 53, - "changelog": "https://github.com/microsoft/onnxruntime/releases/tag/v1.24.2" + "language": "", + "severity_class": "", + "aikido_score": 0, + "changelog": "" } diff --git a/vulnerabilities/AIKIDO-2026-10289.json b/vulnerabilities/AIKIDO-2026-10289.json new file mode 100644 index 00000000..f7c5a63a --- /dev/null +++ b/vulnerabilities/AIKIDO-2026-10289.json @@ -0,0 +1,26 @@ +{ + "package_name": "onnxruntime", + "patch_versions": [ + "1.24.2" + ], + "vulnerable_ranges": [ + [ + "0.1.4", + "1.24.1" + ] + ], + "cwe": [ + "CWE-125" + ], + "tldr": "Affected versions of this package contain an out-of-bounds read vulnerability in ONNX Runtime’s `ArrayFeatureExtractor` operator due to missing validation for negative index values. The implementation checks only the upper bound (`<= stride`) but fails to ensure the index is non-negative, allowing crafted inputs such as `y_data = [-10]` to access memory outside the intended array. An attacker able to supply or influence model inputs could exploit this flaw to read unintended heap memory regions during inference, potentially leaking sensitive data from the process memory.", + "doest_this_affect_me": "You are affected if you are using a version that falls within the vulnerable range.", + "how_to_fix": "Upgrade the `onnxruntime` library to a patch version.", + "vulnerable_to": "Out-of-bound read", + "related_cve_id": "", + "language": "PYTHON", + "severity_class": "MEDIUM", + "aikido_score": 53, + "changelog": "https://github.com/microsoft/onnxruntime/releases/tag/v1.24.2", + "last_modified": "2026-03-05", + "published": "2026-03-05" +}