{"data":{"id":"2cc979a6-5b93-45b1-b2c3-9cd524c48b55","title":"GHSA-h668-6x6g-f8r5: tract: Arbitrary file read via unsanitized ONNX external_data `location` (path traversal) on model load in tract-onnx","summary":"The tract-onnx library (a Rust crate for running neural network models) has a vulnerability where it loads external data files referenced in ONNX models without checking the file paths. A malicious model can use absolute paths (like `/etc/passwd`) or directory traversal sequences (like `../../../../etc/passwd`) in the `location` field to trick tract into reading arbitrary files on the system and exposing their contents in the model's output. This is a path-traversal vulnerability (a type of attack where an attacker manipulates file paths to access files outside the intended directory).","solution":"Reject absolute `location` values and any `..` components, then canonicalize (convert to a standard absolute path form) and verify the resolved path stays within the model directory, mirroring the fix applied in the `onnx` reference library version 1.22.0.","labels":["security"],"sourceUrl":"https://github.com/advisories/GHSA-h668-6x6g-f8r5","publishedAt":"2026-06-19T14:45:43.000Z","cveId":"CVE-2026-55832","cweIds":null,"cvssScore":null,"cvssSeverity":"medium","severity":"medium","attackType":["data_extraction"],"issueType":"vulnerability","affectedPackages":["tract-onnx@>= 0.23.0, < 0.23.2 (fixed: 0.23.2)","tract-onnx@>= 0.22.0, < 0.22.3 (fixed: 0.22.3)","tract-onnx@< 0.21.17 (fixed: 0.21.17)"],"affectedVendors":["HuggingFace"],"affectedVendorsRaw":["tract","tract-onnx"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0,"patchAvailable":true,"disclosureDate":"2026-06-19T14:45:43.000Z","capecIds":null,"crossRefCount":0,"attackSophistication":"moderate","impactType":["confidentiality"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}