CNNVD-202601-4908 Information
Jan 29, 2026
cve
CNNVD ID
CNNVD-202601-4908
Related CVE
- CNNVD Published: 2026-01-29
Description (Chinese)
Oneflow是Oneflow开源的一个深度学习框架。 Oneflow 0.9.0版本存在安全漏洞,该漏洞源于flow.Tensor.new_empty/flow.Tensor.new_ones/flow.Tensor.new_zeros组件输入验证不足,可能导致拒绝服务攻击。
Description (English)
OneFlow is an in-depth learning framework for OneFlow open source. Oneflow version 0.9.0 contains a security loophole that originates from inadequate input verification of the Flow.Tensor.new empty/flow.Tensor.new ones/flow.Tensor.new zeros component, which may lead to a denial of service attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Oneflow
Published
2026-01-29
Last Modified
2026-02-24
References
https://github.com/Daisy2ang https://github.com/Oneflow-Inc/oneflow/issues/10648
Patch
https://github.com/Oneflow-Inc/oneflow/releases
Share on: