CVE-2024-52524
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-52524
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-52524.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-52524
- Aliases
- Published
- 2024-11-14T18:15:26Z
- Modified
- 2024-11-18T22:49:53.910983Z
- Summary
- [none]
- Details
-
Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution (ReDoS) vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation times, potentially leading to denial of service. Giskard versions prior to 2.15.5 are affected.
- References
Affected packages
Git / github.com/giskard-ai/giskard
Affected ranges
- Type
- GIT
- Repo
- https://github.com/giskard-ai/giskard
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
Other
hub
python-client-1.*
python-client-1.8.0
python-client-v1.*
python-client-v1.9.1
v0.*
v0.1.1
v0.2.0
v1.*
v1.0.0
v1.1.0
v1.2.0
v1.3.0
v1.3.1
v1.3.2
v1.4.0
v1.5.0
v1.8.0
v2.*
v2.0.0
v2.0.0b10
v2.0.0b11
v2.0.0b12
v2.0.0b14
v2.0.0b15
v2.0.0b16
v2.0.0b17
v2.0.0b18
v2.0.0b19
v2.0.0b20
v2.0.0b23
v2.0.0b24
v2.0.0b25
v2.0.0b26
v2.0.0b27
v2.0.0b28
v2.0.0b29
v2.0.0b30
v2.0.0b31
v2.0.0b32
v2.0.0b33
v2.0.0b34
v2.0.0b4
v2.0.0b9
v2.0.1
v2.0.2
v2.0.3
v2.0.4
v2.0.5
v2.0.6
v2.0.7
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.10.0
v2.11.0
v2.12.0
v2.13.0
v2.14.0
v2.14.1
v2.14.2
v2.14.3
v2.14.4
v2.14.5
v2.14.6
v2.15.0
v2.15.1
v2.15.2
v2.15.3
v2.15.4
v2.2.0
v2.3.0
v2.3.1
v2.3.2
v2.4.0
v2.5.0
v2.5.1
v2.5.2
v2.5.3
v2.6.0
v2.7.0
v2.7.1
v2.7.2
v2.7.3
v2.7.4
v2.7.5
v2.7.6
v2.7.7
v2.8.0
v2.9.0
v2.9.1