Medium severityNVD Advisory· Published Nov 14, 2024· Updated Apr 15, 2026

CVE-2024-52524

Description

Giskard is an evaluation and testing framework for AI systems. A Remote Code Execution (ReDoS) vulnerability was discovered in Giskard component by the GitHub Security Lab team. When processing datasets with specific text patterns with Giskard detectors, this vulnerability could trigger exponential regex evaluation times, potentially leading to denial of service. Giskard versions prior to 2.15.5 are affected.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
giskardPyPI	< 2.15.5	2.15.5

Patches

e82d30989a7b

https://github.com/giskard-ai/giskardvia osv

48ce81f5c626

https://github.com/giskard-ai/giskard-ossvia osv

48ce81f5c626

https://github.com/giskard-ai/giskardvia osv

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.002
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000