pkg:PyPI/aim

All known vulnerabilities

• CRITICAL9.8CVE-2024-2195Aim Web API vulnerable to Remote Code Execution
  >= 3.0.0, <= 3.25.0
• CRITICAL9.1CVE-2024-8769Aim path traversal in LockManager.release_locks
  >= 3.15.0, <= 3.27.0
• CRITICAL9.1CVE-2024-6829Aim External Control of File Name or Path vulnerability
  from 0, <= 3.19.3
• HIGH8.8CVE-2024-2196Aim Cross-Site Request Forgery vulnerability allows user to delete runs and perform other operations
  from 0, <= 3.17.5
• HIGH8.6CVE-2021-43775Arbitrary file reading vulnerability in Aim
  from 0, < 3.1.0
• HIGH8.6CVE-2021-43775Arbitrary file reading vulnerability in Aim
  from 0, < 3.1.0
• HIGH7.5CVE-2025-0189Aim Uncontrolled Resource Consumption vulnerability
  from 0, <= 3.25.0
• HIGH7.5CVE-2025-0190Aim Excessive Data Query Operations in a Large Data Table vulnerability
  from 0, <= 3.25.0
• HIGH7.5CVE-2024-8061Aim allows denial of service due to no timeouts for some tracking server endpoints
  from 0, <= 3.23.0
• HIGH7.5CVE-2024-6851Aim Path Traversal vulnerability
  from 0, <= 3.22.0
• HIGH7.5CVE-2024-12778Aim Uncontrolled Resource Consumption vulnerability
  from 0, <= 3.25.0
• HIGH7.5CVE-2024-10110Aim Vulnerable to Denial of Service (DoS)
  >= 3.15.0, <= 3.23.0
• HIGH7.5CVE-2024-6227Aim denial of service vulnerability
  from 0, <= 3.19.3
• HIGH7.4CVE-2024-7760Aim vulnerable to Cross-Site Request Forgery
  from 0, <= 3.22.0
• MEDIUM6.3CVE-2025-5321Aim Vulnerable to Sandbox Escape Leading to Remote Code Execution
  from 0, <= 3.29.1
• MEDIUM6.1CVE-2024-6578Aim Stored Cross-site Scripting Vulnerability
  from 0, <= 3.19.3
• MEDIUM5.9CVE-2024-8238Aim Improper Access Control
  >= 3.0.0, <= 3.22.0
• MEDIUM5.9CVE-2024-12777Aim vulnerable to Synchronous Access of Remote Resource without Timeout
  from 0, <= 3.25.0
• MEDIUM5.3CVE-2024-6483Aim Relative Path Traversal vulnerability
  from 0, <= 3.19.3
• LOW3.5CVE-2024-8863Aim Stored XSS through TEXT EXPLORER
  from 0, <= 3.24.0
• —CVE-2025-51464Aim vulnerable to Cross-site Scripting
  from 0, <= 3.30.0.dev20250611