external data

The tag 'external data' on WindowsForum.com covers a critical path traversal vulnerability in ONNX 1.17.0's external data handler. The flaw, tracked as CVE 2025, allows crafted external_data.location values to escape the intended storage directory and overwrite arbitrary files. This poses high-severity risks to systems parsing untrusted ONNX model artifacts. Discussions focus on the technical details of the vulnerability, its impact on integrity and availability, and mitigation steps. The tag is relevant for developers, security researchers, and IT professionals working with ONNX or machine learning model exchange who need to understand and address this security issue.