8 matches found
CVE-2024-8769
A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...
ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-8769 via aim (>=3.17.4 <=4.0.3)
aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-8769 Source advisory: SNYK:PYTHON-AIM-9510955...
CVE-2024-8769
creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:45+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmhukgwu2v 2025-03-20 12:48:32+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114194835791960229...
CVE-2024-8769
A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...
CVE-2024-8769 Arbitrary File Deletion via Relative Path Traversal in aimhubio/aim
A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...
CVE-2024-8769 Arbitrary File Deletion via Relative Path Traversal in aimhubio/aim
A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...
CVE-2024-8769 Arbitrary File Deletion via Relative Path Traversal in aimhubio/aim
A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...
CVE-2024-8769
CVE-2024-8769 affects aimhubio/aim where the LockManager.release_locks function concatenates a user-controlled run_hash into a path, enabling relative path traversal that can delete arbitrary files. The flaw is exposed through Repo._close_run() via the tracking server instruction API, potentially...