737 matches found
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
Improper Validation of Specified Quantity in Input
Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the flow.Tensor.newempty, flow.Tensor.newones, and flow.Tensor.newzeros functions. An attacker can cause the application to crash or become unresponsive by providing specially crafte...
CVE-2025-71000
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
Oneflow security vulnerabilities
Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability. This vulnerability stems from insufficient input validation for the flow.Tensor.newempty, flow.Tensor.newones, and flow.Tensor.newzeros components, which could lead ...
CVE-2025-71011
CVE-2025-71011 affects OneFlow v0.9.0: input validation flaw in flow.Tensor.new_empty, flow.Tensor.new_ones, and flow.Tensor.new_zeros can trigger a Denial of Service via crafted input. Multiple connected sources corroborate the issue but do not provide a public fix version. Exploitation is indic...
PT-2026-5302
Name of the Vulnerable Software and Affected Versions OneFlow version 0.9.0 Description An input validation issue exists in the flow.Tensor.new empty/flow.Tensor.new ones/flow.Tensor.new zeros component. This can lead to a Denial of Service DoS condition through a crafted input. Recommendations A...
EUVD-2025-206541
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71000
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the tensor shape process. An attacker can cause the application to crash or become unresponsive by supplying specially crafted tensor shapes. Remediation There is no fixed version for oneflow. References - GitHub...