Primary

Context

OneFlow Floating Point Exception Vulnerability in Reshape Component Leading to Denial of Service

Vulnerability

A floating point exception vulnerability has been identified in OneFlow version 0.9.0, specifically within the reshape component. This vulnerability allows attackers to cause a denial of service by sending a crafted input that triggers the exception.

Impact

Exploitation of this vulnerability causes a floating point exception, leading to a denial of service condition where the application crashes or becomes unresponsive.

Reproduction

The vulnerability can be reproduced by importing the OneFlow library and creating a tensor with a sample array. Calling the reshape method on this tensor with a zero dimension triggers the floating point exception, causing the application to crash.

Added: Jan 28, 2026, 9:29 PM

Updated: Jan 28, 2026, 9:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.6

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.6

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OneFlow Floating Point Exception Vulnerability in Reshape Component Leading to Denial of Service

Vulnerability

Impact

Reproduction

Affected Products

OneFlow

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating