Vulnerabilities > Aimstack
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-20 | CVE-2024-8101 | Unspecified vulnerability in Aimstack AIM 3.23.0 A stored cross-site scripting (XSS) vulnerability exists in the Text Explorer component of aimhubio/aim version 3.23.0. | 6.1 |
| 2025-03-20 | CVE-2024-8769 | Path Traversal vulnerability in Aimstack AIM A vulnerability in the `LockManager.release_locks` function in aimhubio/aim (commit bb76afe) allows for arbitrary file deletion through relative path traversal. | 9.1 |
| 2025-03-20 | CVE-2025-0189 | Resource Exhaustion vulnerability in Aimstack AIM 3.25.0 In version 3.25.0 of aimhubio/aim, the tracking server is vulnerable to a denial of service attack. | 7.5 |
| 2025-03-20 | CVE-2025-0190 | Excessive Data Query Operations in a Large Data Table vulnerability in Aimstack AIM 3.25.0 In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. | 7.5 |
| 2024-09-14 | CVE-2024-8863 | Cross-site Scripting vulnerability in Aimstack AIM A vulnerability, which was classified as problematic, was found in aimhubio aim up to 3.24. | 5.4 |
| 2024-07-29 | CVE-2024-6578 | Unspecified vulnerability in Aimstack AIM 3.19.3 A stored cross-site scripting (XSS) vulnerability exists in aimhubio/aim version 3.19.3. | 5.4 |
| 2024-07-08 | CVE-2024-6227 | Unspecified vulnerability in Aimstack AIM 3.19.3 A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause an infinite loop by configuring the remote tracking server to point at itself. | 7.5 |
| 2021-11-23 | CVE-2021-43775 | Unspecified vulnerability in Aimstack AIM Aim is an open-source, self-hosted machine learning experiment tracking tool. | 8.6 |