Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/03/22 11:43 a.m.10 views

CVE-2024-6851

In version 3.22.0 of aimhubio/aim, the LocalFileManager.cleanup function in the aim tracking server accepts a user-specified glob-pattern for deleting files. The function does not verify that the matched files are within the directory managed by LocalFileManager, allowing a maliciously crafted...

7.5CVSS7AI score0.00953EPSS
Exploits1References1
github
github
added 2025/03/20 12:32 p.m.11 views

Aim Path Traversal vulnerability

In version 3.22.0 of aimhubio/aim, the LocalFileManager.cleanup function in the aim tracking server accepts a user-specified glob-pattern for deleting files. The function does not verify that the matched files are within the directory managed by LocalFileManager, allowing a maliciously crafted...

7.5CVSS6.9AI score0.00953EPSS
Exploits1References4Affected Software1
nvd
nvd
added 2025/03/20 10:15 a.m.7 views

CVE-2024-6851

In version 3.22.0 of aimhubio/aim, the LocalFileManager.cleanup function in the aim tracking server accepts a user-specified glob-pattern for deleting files. The function does not verify that the matched files are within the directory managed by LocalFileManager, allowing a maliciously crafted...

7.5CVSS0.00953EPSS
Exploits1References1
cve
cve
added 2025/03/20 10:9 a.m.52 views

CVE-2024-6851

CVE-2024-6851 affects aimhubio/aim v3.22.0. The LocalFileManager._cleanup function accepts a user-supplied glob-pattern and does not verify that matched files stay within the directory managed by LocalFileManager, allowing a crafted glob-pattern to delete arbitrary files. Reported impact is arbit...

7.5CVSS7.5AI score0.00953EPSS
Exploits1References1Affected Software1
susecve
susecve
added 2023/02/15 6:10 a.m.2 views

SUSE CVE-2007-4782

PHP before 5.2.3 allows context-dependent attackers to cause a denial of service application crash via 1 a long string in the pattern parameter to the glob function; or 2 a long string in the string parameter to the fnmatch function, accompanied by a pattern parameter value with undefined...

5CVSS7.6AI score0.04696EPSS
Exploits1References7
Rows per page
Query Builder