4 matches found
CVE-2024-34075
kurwov is a fast, dependency-free library for creating Markov Chains. An unsafe sanitization of dataset contents on the MarkovDatagetNext method used in Markovgenerate and Markovchoose allows a maliciously crafted string on the dataset to throw and stop the function from running properly. If a...
CVE-2024-34075
creationtimestamp| type| source ---|---|--- 2024-05-03 20:30:38+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-hfrv-h3q8-9jpr...
CVE-2024-34075
kurwov is a fast, dependency-free library for creating Markov Chains. An unsafe sanitization of dataset contents on the MarkovDatagetNext method used in Markovgenerate and Markovchoose allows a maliciously crafted string on the dataset to throw and stop the function from running properly. If a...
CVE-2024-34075
CVE-2024-34075 (kurwov) affects the Markov chain library kurwov. A flaw in the unsafe sanitization in MarkovData#getNext (used by Markov#generate and Markov#choose) lets a crafted dataset string bypass sanitization when it contains the forbidden substring "proto " followed by a space, by manipula...