CNNVD-202601-4917 Information

CNNVD ID

CNNVD-202601-4917

Related CVE

CVE-2025-71009

• CNNVD Published: 2026-01-29

Description (Chinese)

Oneflow是Oneflow开源的一个深度学习框架。 OneFlow 0.9.0版本存在安全漏洞，该漏洞源于flow.scatter/flow.scatter_add组件输入验证不足，可能导致拒绝服务攻击。

Description (English)

OneFlow is an in-depth learning framework for OneFlow open source. OneFlow version 0.9.0 contains a security loophole, which stems from inadequate input validation of the Flow.scatter/Flow.scatter add component, which may lead to a denial of service attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Oneflow

Published

2026-01-29

Last Modified

2026-02-24

References

https://github.com/Daisy2ang https://github.com/Oneflow-Inc/oneflow/issues/10649

Patch

https://github.com/Oneflow-Inc/oneflow/releases