Vulnerability Details CVE-2021-32471
Insufficient input validation in the Marvin Minsky 1967 implementation of the Universal Turing Machine allows program users to execute arbitrary code via crafted data. For example, a tape head may have an unexpected location after the processing of input composed of As and Bs (instead of 0s and 1s). NOTE: the discoverer states "this vulnerability has no real-world implications."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.054
EPSS Ranking 89.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
Products affected by CVE-2021-32471
-
cpe:2.3:a:mit:universal_turing_machine:-