CVE-2024-21799: Path traversal for some Intel(R) Extension for Transformers software before version 1.5 may allow an authenticated user
Summary
CVE-2024-21799 is a path traversal vulnerability (a bug where an attacker can access files outside intended directories) in Intel Extension for Transformers software versions before 1.5 that allows authenticated users (those with login access) to escalate their privileges through local access. The vulnerability has a CVSS score (severity rating) of 6.9, rated as medium severity.
Solution / Mitigation
Update Intel Extension for Transformers to version 1.5 or later.
Vulnerability Details
7.1(high)
EPSS: 0.1%
Classification
Affected Vendors
Related Issues
CVE-2022-21727: Tensorflow is an Open Source Machine Learning Framework. The implementation of shape inference for `Dequantize` is vulne
CVE-2026-22252: LibreChat is a ChatGPT clone with additional features. Prior to v0.8.2-rc2, LibreChat's MCP stdio transport accepts arbi
Original source: https://nvd.nist.gov/vuln/detail/CVE-2024-21799
First tracked: February 15, 2026 at 08:46 PM
Classified by LLM (prompt v3) · confidence: 85%