CNNVD-202601-4662 Information

CNNVD ID

CNNVD-202601-4662

Related CVE

CVE-2025-71003

• CNNVD Published: 2026-01-28

Description (Chinese)

Oneflow是Oneflow开源的一个深度学习框架。 OneFlow v0.9.0版本存在安全漏洞，该漏洞源于flow.arange组件输入验证不足，可能导致拒绝服务攻击。

Description (English)

OneFlow is an in-depth learning framework for OneFlow open source. OneFlow v0.9.0 has a security loophole, which stems from inadequate input verification of the Flow.arange component, which may lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Oneflow

Published

2026-01-28

Last Modified

2026-02-24

References

https://github.com/Daisy2ang https://github.com/Oneflow-Inc/oneflow/issues/10656