Skip to content

Instantly share code, notes, and snippets.

View Redmept1on's full-sized avatar
🤒
Out sick

Redempt1onzzZZ Redmept1on

🤒
Out sick
  • Institute of Software Chinese Academy of Sciences
View GitHub Profile
[CVE ID]
CVE-2024-36730
[Affected Component]
OneFlow API: oneflow.new_ones
[VERSION]
v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting negative values into the oneflow.zeros/ones parameter.
[CVE ID]
CVE-2024-36732
[PRODUCT]
Oneflow v0.9.1
[VERSION]
Oneflow v0.9.1
[PROBLEM TYPE]
CWE-20: Improper Input Validation
[DESCRIPTION]
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when an empty array is processed with oneflow.tensordot.
[CVE ID]
CVE-2024-36734
[Affected Component]
OneFlow v0.9.1
[VERSION]
OneFlow v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the dim parameter.
[CVE ID]
CVE-2024-36735
[Affected Component]
OneFlow v0.9.1
[VERSION]
OneFlow v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
OneFlow-Inc. Oneflow v0.9.1 does not display an error or warning when the oneflow.eye parameter is floating.
[CVE ID]
CVE-2024-36736
[Affected Component]
OneFlow v0.9.1
[VERSION]
OneFlow v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
An issue in the oneflow.permute component of OneFlow-Inc. Oneflow v0.9.1 causes an incorrect calculation when the same dimension operation is performed.
[CVE ID]
CVE-2024-36737
[Affected Component]
OneFlow v0.9.1
[VERSION]
OneFlow v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
Improper input validation in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.full parameter.
[CVE ID]
CVE-2024-36740
[Affected Component]
OneFlow v0.9.1
[VERSION]
OneFlow v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when index as a negative number exceeds the range of size.
[CVE ID]
CVE-2024-36742
[Affected Component]
OneFlow v0.9.1
[VERSION]
OneFlow v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
An issue in the oneflow.scatter_nd parameter OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when index parameter exceeds the range of shape.
[CVE ID]
CVE-2024-36743
[Affected Component]
OneFlow v0.9.1
[VERSION]
OneFlow v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) when an empty array is processed with oneflow.dot.
[CVE ID]
CVE-2024-36745
[Affected Component]
OneFlow v0.9.1
[VERSION]
OneFlow v0.9.1
[VulnerabilityType Other]
CWE-20: Improper Input Validation
[DESCRIPTION]
An issue in OneFlow-Inc. Oneflow v0.9.1 allows attackers to cause a Denial of Service (DoS) via inputting a negative value into the oneflow.index_select parameter.