Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 12:47 p.m.9 views

CVE-2024-8238

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

8.1CVSS7.3AI score0.00702EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.7 views

dsipts (>=1.1.5 <=1.1.19), llm-toys (=0.1.1) +2 more potentially affected by CVE-2024-8238 via aim (>=3.17.4 <=3.20.1)

aim PYPI version =3.17.4, =1.1.5, =0.0.20, =0.1.0, =0.5.6 Source cves: CVE-2024-8238 Source advisory: OSV:GHSA-R229-5WGF-F28G...

8.1CVSS6.2AI score0.00702EPSS
Exploits1
NVD
NVD
added 2025/03/20 10:15 a.m.6 views

CVE-2024-8238

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

8.1CVSS0.00702EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/20 10:11 a.m.4 views

CVE-2024-8238 Unrestricted Code Execution in aimhubio/aim

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

5.9CVSS6AI score0.00702EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.10 views

CVE-2024-8238 Unrestricted Code Execution in aimhubio/aim

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

5.9CVSS0.00702EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:11 a.m.5 views

CVE-2024-8238 Unrestricted Code Execution in aimhubio/aim

In version 3.22.0 of aimhubio/aim, the AimQL query language uses an outdated version of the safergetattr function from RestrictedPython. This version does not protect against the str.formatmap method, allowing an attacker to leak server-side secrets or potentially gain unrestricted code execution...

5.9CVSS6.5AI score0.00702EPSS
Exploits1References3
Rows per page
Query Builder