3 matches found
CVE-2024-2195
A critical Remote Code Execution RCE vulnerability was identified in the aimhubio/aim project, specifically within the /api/runs/search/run/ endpoint, affecting versions = 3.0.0. The vulnerability resides in the runsearchapi function of the aim/web/api/runs/views.py file, where improper restricti...
CVE-2024-2195 Remote Code Execution in aimhubio/aim
A critical Remote Code Execution RCE vulnerability was identified in the aimhubio/aim project, specifically within the /api/runs/search/run/ endpoint, affecting versions = 3.0.0. The vulnerability resides in the runsearchapi function of the aim/web/api/runs/views.py file, where improper restricti...
CVE-2024-2195
CVE-2024-2195 affects aimhubio/aim (versions â„ 3.0.0). The issue is in the REST endpoint â/api/runs/search/run/â where the run_search_api in aim/web/api/runs/views.py fails to properly restrict access to the RunView object, allowing arbitrary code execution via the query parameter. Impact is high...