VYPR

npm package

kurwov

pkg:npm/kurwov

Vulnerabilities (1)

  • CVE-2024-34075MedMay 3, 2024
    affected >= 3.1.0, < 3.2.5fixed 3.2.5

    kurwov is a fast, dependency-free library for creating Markov Chains. An unsafe sanitization of dataset contents on the `MarkovData#getNext` method used in `Markov#generate` and `Markov#choose` allows a maliciously crafted string on the dataset to throw and stop the function from