Medium severity5.3NVD Advisory· Published Mar 20, 2025· Updated Jun 17, 2026
CVE-2024-6483
CVE-2024-6483
Description
A vulnerability in the runs/delete-batch endpoint of aimhubio/aim version 3.19.3 allows for arbitrary file or directory deletion through path traversal. The endpoint does not mitigate path traversal when handling user-specified run-names, which are used to specify log/metadata files for deletion. This can be exploited to delete arbitrary files or directories, potentially causing denial of service or data loss.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
aimPyPI | <= 3.19.3 | — |
Affected products
2- aimhubio/aimhubio/aimv5Range: unspecified
Patches
Vulnerability mechanics
References
3- huntr.com/bounties/dc45d480-e579-4af4-8603-c52ecfd5e363nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-p6x3-v6g3-7557ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2024-6483ghsaADVISORY
News mentions
0No linked articles in our index yet.