CVE-2025-71004
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2026-01-28
Last updated on: 2026-02-03
Assigner: MITRE
Description
Description
A segmentation violation in the oneflow.logical_or component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oneflow | oneflow | 0.9.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-125 | The product reads data past the end, or before the beginning, of the intended buffer. |
| CWE-787 | The product writes data past the end, or before the beginning, of the intended buffer. |
| CWE-476 | The product dereferences a pointer that it expects to be valid but is NULL. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a segmentation violation in the oneflow.logical_or component of OneFlow version 0.9.0. It allows attackers to cause a Denial of Service (DoS) by providing crafted input that triggers the fault.
How can this vulnerability impact me? :
The vulnerability can impact you by causing a Denial of Service (DoS), which means the affected system or application using OneFlow v0.9.0 could crash or become unavailable when processing maliciously crafted input.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70