Aim@3.19.3 Security Vulnerabilities and Issues — Aim@3.19.3 CVE List

Lucene search

AimstackAim3.19.3

3 matches found

CVE•added 2024/07/12 12:15 a.m.•45 views

CVE-2024-6396

A vulnerability in the _backup_run function in aimhubio/aim version 3.19.3 allows remote attackers to overwrite any file on the host server and exfiltrate arbitrary data. The vulnerability arises due to improper handling of the run_hash and repo.path parameters, which can be manipulated to create a...

9.8CVSS9.8AI score0.80159EPSS

CVE•added 2024/07/08 7:15 p.m.•39 views

CVE-2024-6227

A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections.

7.5CVSS7.4AI score0.00087EPSS

CVE•added 2024/07/29 7:15 p.m.•36 views

CVE-2024-6578

A stored cross-site scripting (XSS) vulnerability exists in aimhubio/aim version 3.19.3. The vulnerability arises from the improper neutralization of input during web page generation, specifically in the logs-tab for runs. The terminal output logs are displayed using the dangerouslySetInnerHTML fun...

7.2CVSS6.4AI score0.00082EPSS