CVE Catalog
CVE-2025-71001
MediumCVSS 6.5Exploitation Probability (EPSS)
Low risk0.30%
22th percentile - higher than 22% of all known CVEs
Summary
A segmentation violation in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.
Risk Assessment
An attacker can remotely crash the system, leading to service disruption and potential financial losses.
Recommendation
It is recommended to immediately update OneFlow to the latest version that includes a fix for this vulnerability, or apply temporary mitigations restricting access to the component.
Original NVD description (English source)
A segmentation violation in the flow.column_stack component of OneFlow v0.9.0 allows attackers to cause a Denial of Service (DoS) via a crafted input.

