CVE-2025-71003
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-28
Last updated on: 2026-02-03
Assigner: MITRE
Description
Description
An input validation vulnerability in the flow.arange() component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oneflow | oneflow | 0.9.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an input validation flaw in the flow.arange() component of OneFlow version 0.9.0. It allows attackers to provide specially crafted input that can cause the application to crash or become unavailable, resulting in a Denial of Service (DoS).
How can this vulnerability impact me? :
The impact of this vulnerability is that an attacker can cause a Denial of Service (DoS) by exploiting the input validation flaw, potentially making the affected OneFlow application or service unavailable to legitimate users.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70