CNNVD-202601-4738 Information
Jan 28, 2026
cve
CNNVD ID
CNNVD-202601-4738
Related CVE
- CNNVD Published: 2026-01-28
Description (Chinese)
Oneflow是Oneflow开源的一个深度学习框架。 OneFlow 0.9.0版本存在安全漏洞,该漏洞源于flow.empty组件存在维度验证缺陷,可能导致通过负值或过大的维度值进行拒绝服务攻击。
Description (English)
OneFlow is an in-depth learning framework for OneFlow open source. OneFlow version 0.9.0 contains a security loophole, which stems from the dimension verification defects of the Flow.empty component, which may lead to a denial of service attack by negative or excessive dimensions.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Oneflow
Published
2026-01-28
Last Modified
2026-02-24
References
http://oneflow.com https://github.com/Daisy2ang https://github.com/Oneflow-Inc/oneflow https://github.com/Oneflow-Inc/oneflow/issues/10664
Patch
https://github.com/Oneflow-Inc/oneflow/releases
Share on: