Aim is an easy-to-use and high-performance open source experiment tracker from the U.S. A path traversal vulnerability exists in versions of Aim prior to 3.1.0, which can be exploited by an attacker to access arbitrary files and directories stored on the file system by manipulating references to files with dot-dot slash (. /) sequences and their variants, or by using absolute file paths, they can access arbitrary files and directories stored on the file system, including application source code or configuration and critical system files.