751 matches found
CVE-2025-71011
CVE-2025-71011 affects OneFlow v0.9.0: input validation flaw in flow.Tensor.new_empty, flow.Tensor.new_ones, and flow.Tensor.new_zeros can trigger a Denial of Service via crafted input. Multiple connected sources corroborate the issue but do not provide a public fix version. Exploitation is indic...
PT-2026-5302
Name of the Vulnerable Software and Affected Versions OneFlow version 0.9.0 Description An input validation issue exists in the flow.Tensor.new empty/flow.Tensor.new ones/flow.Tensor.new zeros component. This can lead to a Denial of Service DoS condition through a crafted input. Recommendations A...
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
Oneflow security vulnerabilities
Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability. This vulnerability stems from insufficient input validation for the flow.Tensor.newempty, flow.Tensor.newones, and flow.Tensor.newzeros components, which could lead ...
CVE-2025-71011
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
EUVD-2025-206541
An input validation vulnerability in the flow.Tensor.newempty/flow.Tensor.newones/flow.Tensor.newzeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-71000
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read via the tensor shape process. An attacker can cause the application to crash or become unresponsive by supplying specially crafted tensor shapes. Remediation There is no fixed version for oneflow. References - GitHub...
Division by zero
Overview Affected versions of this package are vulnerable to Division by zero in the flow.floordivide function. An attacker can cause the application to crash or become unresponsive by providing a specially crafted input tensor containing a zero value. Remediation There is no fixed version for...
EUVD-2025-206483
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
EUVD-2025-206470
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...
Oneflow security vulnerabilities
Oneflow is an open-source deep learning framework developed by Oneflow. Version 0.9.0 of Oneflow contains a security vulnerability, which stems from a shape mismatch issue. This vulnerability could lead to denial-of-service attacks using specially crafted tensor shapes...
CVE-2025-65887
A division-by-zero vulnerability in the flow.floordivide component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input tensor with zero...
CVE-2025-65886
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via supplying crafted tensor shapes...