VYPR
High severityNVD Advisory· Published Mar 20, 2025· Updated Mar 20, 2025

Denial of Service in aimhubio/aim

CVE-2025-0190

Description

In version 3.25.0 of aimhubio/aim, a denial of service vulnerability exists. By tracking a large number of Text objects and then querying them simultaneously through the web API, the Aim web server becomes unresponsive to other requests for an extended period while processing and returning these objects. This vulnerability can be exploited repeatedly, leading to a complete denial of service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
aimPyPI
<= 3.25.0

Affected products

2
  • ghsa-coords
    Range: <= 3.25.0
  • aimhubio/aimhubio/aimv5
    Range: unspecified

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.