CVE Catalog

CVE-2025-71001

MediumCVSS 6.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.30%

22th percentile - higher than 22% of all known CVEs

Summary

A segmentation violation in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Risk Assessment

An attacker can remotely crash the system, leading to service disruption and potential financial losses.

Recommendation

It is recommended to immediately update OneFlow to the latest version that includes a fix for this vulnerability, or apply temporary mitigations restricting access to the component.

Original NVD description (English source)

A segmentation violation in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS