2 matches found
CVE-2021-43775 Arbitrary file reading vulnerability in Aim
Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with “dot-dot-slash ../” sequences and its variations or by using absolute file paths, it may be...
CVE-2021-43775
CVE-2021-43775 affects the Aim open‑source, self‑hosted machine learning experiment tracker. Public records describe a path traversal vulnerability in versions prior to 3.1.0, exploitable by manipulating references to files using dot-dot-slash sequences or absolute paths to access arbitrary files...