Lucene search

[email protected]NVD:CVE-2024-36745

HistoryJun 06, 2024 - 6:15 p.m.

CVE-2024-36745

2024-06-0618:15:16

[email protected]

web.nvd.nist.gov

oneflow-inc

denial of service

input parameter

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

JSON

An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.index_select parameter.

Affected configurations

Nvd

Node

oneflowoneflowMatch0.9.1

VendorProductVersionCPE
oneflowoneflow0.9.1cpe:2.3:a:oneflow:oneflow:0.9.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oneflow	oneflow	0.9.1	cpe:2.3:a:oneflow:oneflow:0.9.1:::::::*

References

gist.github.com/Redmept1on/42caad5576101cdd93deb6470d979952

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

JSON

Related for NVD:CVE-2024-36745

vulnrichment1 cvelist1 cve1