Aggregates CVE and security vulnerability intelligence across all oneflow-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Common weakness patterns include vendor risk input validation, vendor risk buffer overflow, and vendor risk memory corruption, with potential vendor impact unexpected behavior across vendor surface production workloads use cases.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-36735 | OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating. | [email protected] | 5.3 | 0.35% | 2024-06-06 | 2026-06-17 |
| CVE-2024-36734 | Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the dim parameter. | [email protected] | 7.5 | 0.52% | 2024-06-06 | 2026-06-17 |
| CVE-2024-36732 | An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when an empty array is processed with oneflow.tensordot. | [email protected] | 7.5 | 0.52% | 2024-06-06 | 2026-06-17 |
| CVE-2024-36730 | Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting negative values into the oneflow.zeros/ones parameter. | [email protected] | 7.5 | 0.52% | 2024-06-06 | 2026-06-17 |
| CVE-2024-36745 | An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.index_select parameter. | [email protected] | 7.5 | 0.42% | 2024-06-06 | 2026-06-17 |
| CVE-2024-36743 | An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when an empty array is processed with oneflow.dot. | [email protected] | 7.5 | 0.42% | 2024-06-06 | 2026-06-17 |
| CVE-2024-36737 | Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.full parameter. | [email protected] | 7.5 | 0.52% | 2024-06-06 | 2026-06-17 |
| CVE-2024-36736 | An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation is performed. | [email protected] | 9.8 | 0.56% | 2024-06-06 | 2026-06-17 |
| CVE-2024-36742 | An issue in the oneflow.scatter_nd parameter OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when index parameter exceeds the range of shape. | [email protected] | 7.5 | 0.42% | 2024-06-06 | 2026-06-17 |