flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71008 via oneflow (=0.9.0)

oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71008 Source advisory: SNYK:PYTHON-ONEFLOW-15162558...

flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-71011 via oneflow (=0.9.0)

oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-71011 Source advisory: SNYK:PYTHON-ONEFLOW-15162560...

CVE-2025-65888

A dimension validation flaw in the flow.empty component of OneFlow 0.9.0 allows attackers to cause a Denial of Service DoS via a negative or excessively large dimension value...

CVE-2025-71006

A floating point exception FPE in the oneflow.reshape component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...

Improper Validation of Array Index

Overview Affected versions of this package are vulnerable to Improper Validation of Array Index via the indexadd function. An attacker can cause the application to crash or become unresponsive by submitting specially crafted input. Remediation There is no fixed version for oneflow. References -...

CVE-2025-71003

An input validation vulnerability in the flow.arange component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-71004

A segmentation violation in the oneflow.logicalor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-71006

A floating point exception FPE in the oneflow.reshape component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...

flowflops (>=0.0.1.post2211140919 <=0.0.1.post2211151211) potentially affected by CVE-2025-65886 via oneflow (=0.9.0)

oneflow PYPI version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on oneflow and may be impacted: - flowflops =0.0.1.post2211140919, =0.0.1.post2211151211 Source cves: CVE-2025-65886 Source advisory: SNYK:PYTHON-ONEFLOW-15162593...

CVE-2025-71007

An input validation vulnerability in the oneflow.indexadd component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-70999

A GPU device-ID validation flaw in the flow.cuda.getdevicecapability component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted device ID...

PT-2026-5215

Name of the Vulnerable Software and Affected Versions OneFlow version 0.9.0 Description A crafted input to the oneflow.reshape component can trigger a floating point exception FPE, leading to a Denial of Service DoS. Recommendations At the moment, there is no information about a newer version tha...

PT-2026-5148

A GPU device-ID validation flaw in the flow.cuda.get device capability component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted device ID...

CVE-2025-71001

A segmentation violation in the flow.columnstack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-71006

The CVE-2025-71006 entry concerns OneFlow v0.9.0, where a flaw in the oneflow.reshape component can trigger a floating point exception (FPE) and cause a Denial of Service (DoS) via a crafted input. Multiple connected sources (Red Hat, NVD, OSV, CVE listings, and vulnerability trackers) confirm th...

CVE-2025-71005

A floating point exception FPE in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...

EUVD-2025-206419

A floating point exception FPE in the oneflow.reshape component of OneFlow v0.9.0 allows attackers to cause a Denial of Service DoS via a crafted input...

CVE-2025-65888

A dimension validation flaw in the flow.empty component of OneFlow 0.9.0 allows attackers to cause a Denial of Service DoS via a negative or excessively large dimension value...

PT-2025-46198

Name of the Vulnerable Software and Affected Versions OneFlow version 0.9.0 Description A flaw exists in input validation within OneFlow version 0.9.0. This issue allows attackers to trigger a segmentation fault by adding a Python sequence to native code during broadcasting or type conversion. Th...

EUVD-2024-36198

Malicious code in bioql PyPI...