Oneflow
by Oneflow Inc
Source repositories
CVEs (18)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-71009 | 0.00 | — | 0.00 | Jan 29, 2026 | An input validation vulnerability in the flow.scatter/flow.scatter_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted indices. | ||
| CVE-2025-71011 | 0.00 | — | 0.00 | Jan 29, 2026 | An input validation vulnerability in the flow.Tensor.new_empty/flow.Tensor.new_ones/flow.Tensor.new_zeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-71008 | 0.00 | — | 0.00 | Jan 29, 2026 | A segmentation violation in the oneflow._oneflow_internal.autograd.Function.FunctionCtx.mark_non_differentiable component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-65891 | 0.00 | — | 0.00 | Jan 28, 2026 | A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice (DoS) by invoking flow.cuda.get_device_properties() with an invalid or negative device index. | ||
| CVE-2025-71007 | 0.00 | — | 0.00 | Jan 28, 2026 | An input validation vulnerability in the oneflow.index_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-71000 | 0.00 | — | 0.00 | Jan 28, 2026 | An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-71006 | 0.00 | — | 0.00 | Jan 28, 2026 | A floating point exception (FPE) in the oneflow.reshape component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-65890 | 0.00 | — | 0.00 | Jan 28, 2026 | A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) by calling flow.cuda.synchronize() with an invalid or out-of-range GPU device index. | ||
| CVE-2025-65886 | 0.00 | — | 0.00 | Jan 28, 2026 | A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted tensor shapes. | ||
| CVE-2025-65887 | 0.00 | — | 0.00 | Jan 28, 2026 | A division-by-zero vulnerability in the flow.floor_divide() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input tensor with zero. | ||
| CVE-2025-71004 | 0.00 | — | 0.00 | Jan 28, 2026 | A segmentation violation in the oneflow.logical_or component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-71003 | 0.00 | — | 0.00 | Jan 28, 2026 | An input validation vulnerability in the flow.arange() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-65888 | 0.00 | — | 0.00 | Jan 28, 2026 | A dimension validation flaw in the flow.empty() component of OneFlow 0.9.0 allows attackers to cause a Denial of Service (DoS) via a negative or excessively large dimension value. | ||
| CVE-2025-71005 | 0.00 | — | 0.00 | Jan 28, 2026 | A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-71002 | 0.00 | — | 0.00 | Jan 28, 2026 | A floating-point exception (FPE) in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-65889 | 0.00 | — | 0.00 | Jan 28, 2026 | A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||
| CVE-2025-70999 | 0.00 | — | 0.00 | Jan 28, 2026 | A GPU device-ID validation flaw in the flow.cuda.get_device_capability() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted device ID. | ||
| CVE-2025-71001 | 0.00 | — | 0.00 | Jan 28, 2026 | A segmentation violation in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input. |
- CVE-2025-71009Jan 29, 2026risk 0.00cvss —epss 0.00
An input validation vulnerability in the flow.scatter/flow.scatter_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted indices.
- CVE-2025-71011Jan 29, 2026risk 0.00cvss —epss 0.00
An input validation vulnerability in the flow.Tensor.new_empty/flow.Tensor.new_ones/flow.Tensor.new_zeros component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-71008Jan 29, 2026risk 0.00cvss —epss 0.00
A segmentation violation in the oneflow._oneflow_internal.autograd.Function.FunctionCtx.mark_non_differentiable component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-65891Jan 28, 2026risk 0.00cvss —epss 0.00
A GPU device-ID validation flaw in OneFlow v0.9.0 allows attackers to trigger a Denial of Dervice (DoS) by invoking flow.cuda.get_device_properties() with an invalid or negative device index.
- CVE-2025-71007Jan 28, 2026risk 0.00cvss —epss 0.00
An input validation vulnerability in the oneflow.index_add component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-71000Jan 28, 2026risk 0.00cvss —epss 0.00
An issue in the flow.cuda.BoolTensor component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-71006Jan 28, 2026risk 0.00cvss —epss 0.00
A floating point exception (FPE) in the oneflow.reshape component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-65890Jan 28, 2026risk 0.00cvss —epss 0.00
A device-ID validation flaw in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) by calling flow.cuda.synchronize() with an invalid or out-of-range GPU device index.
- CVE-2025-65886Jan 28, 2026risk 0.00cvss —epss 0.00
A shape mismatch vulnerability in OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted tensor shapes.
- CVE-2025-65887Jan 28, 2026risk 0.00cvss —epss 0.00
A division-by-zero vulnerability in the flow.floor_divide() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input tensor with zero.
- CVE-2025-71004Jan 28, 2026risk 0.00cvss —epss 0.00
A segmentation violation in the oneflow.logical_or component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-71003Jan 28, 2026risk 0.00cvss —epss 0.00
An input validation vulnerability in the flow.arange() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-65888Jan 28, 2026risk 0.00cvss —epss 0.00
A dimension validation flaw in the flow.empty() component of OneFlow 0.9.0 allows attackers to cause a Denial of Service (DoS) via a negative or excessively large dimension value.
- CVE-2025-71005Jan 28, 2026risk 0.00cvss —epss 0.00
A floating point exception (FPE) in the oneflow.view component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-71002Jan 28, 2026risk 0.00cvss —epss 0.00
A floating-point exception (FPE) in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-65889Jan 28, 2026risk 0.00cvss —epss 0.00
A type validation flaw in the flow.dstack() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
- CVE-2025-70999Jan 28, 2026risk 0.00cvss —epss 0.00
A GPU device-ID validation flaw in the flow.cuda.get_device_capability() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted device ID.
- CVE-2025-71001Jan 28, 2026risk 0.00cvss —epss 0.00
A segmentation violation in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.