VYPR
High severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

Denial of Service in aimhubio/aim

CVE-2024-10110

Description

In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being blocked indefinitely. This results in a denial of service as the tracking server becomes unable to respond to other requests.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
aimPyPI
>= 3.15.0, <= 3.23.0

Affected products

2
  • ghsa-coords
    Range: >= 3.15.0, <= 3.23.0
  • aimhubio/aimhubio/aimv5
    Range: unspecified

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.