CVE-2025-63397
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-10
Last updated on: 2025-12-31
Assigner: MITRE
Description
Description
Improper input validation in OneFlow v0.9.0 allows attackers to cause a segmentation fault via adding a Python sequence to the native code during broadcasting/type conversion.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oneflow | oneflow | 0.9.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in OneFlow v0.9.0 is due to improper input validation. It allows attackers to cause a segmentation fault by adding a Python sequence to the native code during broadcasting or type conversion.
How can this vulnerability impact me? :
The vulnerability can cause a segmentation fault, which may lead to application crashes or denial of service when processing certain inputs.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70