Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/03/22 11:19 a.m.13 views

CVE-2024-8769

A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...

9.1CVSS6.9AI score0.00849EPSS
Exploits1References1
vulnersOsv
vulnersOsv
added 2025/03/20 12:32 p.m.6 views

ado-sfttrainer (>=1.0.1 <=1.8.0), aim-mlflow (>=0.1.0 <=0.2.1) +27 more potentially affected by CVE-2024-8769 via aim (>=3.17.4 <=4.0.3)

aim PYPI version =3.17.4, =1.0.1, =0.1.0, =0.1.0, =0.0.1, =4.46.1, =0.0.1, =0.0.3, =0.0.1, =1.1.5, =0.1.1, =0.22.0, =0.0.1, =0.0.1, =2.0.1, =2.0.7 and more Source cves: CVE-2024-8769 Source advisory: SNYK:PYTHON-AIM-9510955...

9.1CVSS7.7AI score0.00849EPSS
Exploits1
Circl
Circl
added 2025/03/20 11:40 a.m.9 views

CVE-2024-8769

creationtimestamp| type| source ---|---|--- 2025-03-20 11:40:45+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lksmhukgwu2v 2025-03-20 12:48:32+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114194835791960229...

9.1CVSS9.2AI score0.00849EPSS
Exploits1References2
NVD
NVD
added 2025/03/20 10:15 a.m.20 views

CVE-2024-8769

A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...

9.1CVSS0.00849EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/20 10:11 a.m.14 views

CVE-2024-8769 Arbitrary File Deletion via Relative Path Traversal in aimhubio/aim

A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...

9.1CVSS0.00849EPSS
Exploits1References1
OSV
OSV
added 2025/03/20 10:11 a.m.12 views

CVE-2024-8769 Arbitrary File Deletion via Relative Path Traversal in aimhubio/aim

A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...

9.1CVSS7.3AI score0.00849EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/03/20 10:11 a.m.8 views

CVE-2024-8769 Arbitrary File Deletion via Relative Path Traversal in aimhubio/aim

A vulnerability in the LockManager.releaselocks function in aimhubio/aim commit bb76afe allows for arbitrary file deletion through relative path traversal. The runhash parameter, which is user-controllable, is concatenated without normalization as part of a path used to specify file deletion. Thi...

9.1CVSS9.2AI score0.00849EPSS
Exploits1References1
CVE
CVE
added 2025/03/20 10:11 a.m.91 views

CVE-2024-8769

CVE-2024-8769 affects aimhubio/aim where the LockManager.release_locks function concatenates a user-controlled run_hash into a path, enabling relative path traversal that can delete arbitrary files. The flaw is exposed through Repo._close_run() via the tracking server instruction API, potentially...

9.1CVSS9.2AI score0.00849EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder