aim 3.29.0.dev20250330 vulnerabilities

Known vulnerabilities in the aim package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
H Denial of Service (DoS) aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service (DoS) due to the `ScheduledStatusReporter` object being instantiated to run on the main thread of the tracking server. An attacker can block the main thread indefinitely, rendering the tracking server unresponsive to other requests. How to fix Denial of Service (DoS)? There is no fixed version for `aim`.	[0,)
H Denial of Service (DoS) aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service (DoS) due to missing timeouts in some of the methods. How to fix Denial of Service (DoS)? There is no fixed version for `aim`.	[0,)
H External Control of File Name or Path aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to External Control of File Name or Path via the `restore_run_backup` function. An attacker can write arbitrary data to arbitrary locations on the host server by controlling `repo.path` and `run_hash` to bypass directory existence checks and extract files to unintended locations, potentially overwriting critical files. How to fix External Control of File Name or Path? There is no fixed version for `aim`.	[0,)
M Relative Path Traversal aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Relative Path Traversal through the `runs/delete-batch` endpoint. An attacker can delete arbitrary files or directories, potentially causing denial of service or data loss when handling user-specified run-names. How to fix Relative Path Traversal? There is no fixed version for `aim`.	[0,)
H Synchronous Access of Remote Resource without Timeout aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout by using the option for connecting to an external filesystem via the `sshfs-client`. An attacker can cause the server to become unresponsive by initiating a connection to an unresponsive socket. How to fix Synchronous Access of Remote Resource without Timeout? There is no fixed version for `aim`.	[0,)
H Directory Traversal aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Directory Traversal via the `LocalFileManager._cleanup` function, by crafting a malicious glob-pattern that is not verified to be within the directory managed by LocalFileManager. How to fix Directory Traversal? There is no fixed version for `aim`.	[0,)
H Denial of Service (DoS) aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service (DoS) by sending a large number of requests to retrieve tracked metrics simultaneously. This excessive load results in uncontrolled resource consumption due to the server's inability to limit the number of metrics requested per call and its single-threaded nature. How to fix Denial of Service (DoS)? There is no fixed version for `aim`.	[0,)
H Access Control Bypass aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Access Control Bypass due to the use of an outdated `safer_getattr` function from RestrictedPython which fails to block the `str.format_map` method. An attacker can leak server-side secrets or execute arbitrary code by exploiting the ability of `str.format_map` to read arbitrary attributes of Python objects, thus accessing sensitive variables such as `os.environ`. Note: This is only exploitable if an attacker can write files to a known location on the Aim server. How to fix Access Control Bypass? There is no fixed version for `aim`.	[3.0.0,)
H Directory Traversal aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Directory Traversal in the `LockManager.release_locks()` function. An attacker can delete arbitrary files on the filesystem by passing an absolute path to the target file as the the `run_hash` parameter. How to fix Directory Traversal? There is no fixed version for `aim`.	[0,)
H Denial of Service (DoS) aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Denial of Service (DoS) through the tracking server. An attacker can cause the server to become unresponsive to other requests by sending very large images that exceed the maximum size for websocket messages. How to fix Denial of Service (DoS)? There is no fixed version for `aim`.	[0,)
H Excessive Data Query Operations in a Large Data Table aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Excessive Data Query Operations in a Large Data Table through the tracking and simultaneous querying of a large number of `Text` objects via the web API. An attacker can cause the Aim web server to become unresponsive to other requests for an extended period while processing and returning these objects, effectively leading to a complete denial of service by exploiting this behavior repeatedly. How to fix Excessive Data Query Operations in a Large Data Table? There is no fixed version for `aim`.	[0,)
M Cross-site Scripting (XSS) aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to its us of `dangerouslySetInnerHTML` in the textbox component of the web UI. An attacker can inject scripts which will be executed when a user accesses the text explorer feature. How to fix Cross-site Scripting (XSS)? There is no fixed version for `aim`.	[0,)
M Cross-site Scripting (XSS) aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the `dangerouslySetInnerHTML` function. An attacker can exploit this vulnerability by injecting malicious scripts into the logs, which will be executed when a user views the logs-tab. How to fix Cross-site Scripting (XSS)? There is no fixed version for `aim`.	[0,)
C Arbitrary File Write via Archive Extraction aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction through the manipulation of file paths. An attacker could remotely overwrite any file on the host server and to exfiltrate any data from the host server. This can be abused to cause denial of service by overwriting critical system files, loss of private data, and remote code execution by downloading private ssh-keys. Note: Having full control over these zip files leads to two vulnerabilities: The first is being able to overwrite any existing file on the system(e.g. the contents of the file is not "useful" to the attacker, but it can nevertheless be used to cause denial of service by overwriting critical system files). The second vulnerability is achieved by using the built-in `sshfs-client` of the project to mount an external directory, and write the zip file to that. This is an intended feature of the project, being a way of getting files off of the vulnerable system. How to fix Arbitrary File Write via Archive Extraction? There is no fixed version for `aim`.	[0,)
H Resource Exhaustion aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Resource Exhaustion due to the misconfiguration of the remote tracking server. This can lead to an endless loop of connections that prevents it from handling other legitimate requests. How to fix Resource Exhaustion? There is no fixed version for `aim`.	[0,)
C Improper Control of Generation of Code ('Code Injection') aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') due to improper restriction of user access to the `RunView` object. An attacker can execute arbitrary commands on the server, potentially leading to full system compromise by exploiting the `query` parameter in the `/api/runs/search/run/` endpoint. How to fix Improper Control of Generation of Code ('Code Injection')? There is no fixed version for `aim`.	[3.0.0,)
H Cross-Site Request Forgery (CSRF) aim is a super-easy way to record, search and compare AI experiments. Affected versions of this package are vulnerable to Cross-Site Request Forgery (CSRF) due to the lack of CSRF and CORS protection in the aim dashboard. An attacker can exploit this by tricking a user into executing a malicious script that sends unauthorized requests to the aim server, leading to potential data loss and unauthorized data manipulation. How to fix Cross-Site Request Forgery (CSRF)? There is no fixed version for `aim`.	[0,)

Vulnerability

Vulnerable Version

Denial of Service (DoS)

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Denial of Service (DoS) due to the ScheduledStatusReporter object being instantiated to run on the main thread of the tracking server. An attacker can block the main thread indefinitely, rendering the tracking server unresponsive to other requests.

How to fix Denial of Service (DoS)?

There is no fixed version for aim.

[0,)

Denial of Service (DoS)

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Denial of Service (DoS) due to missing timeouts in some of the methods.

How to fix Denial of Service (DoS)?

There is no fixed version for aim.

[0,)

External Control of File Name or Path

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to External Control of File Name or Path via the restore_run_backup function. An attacker can write arbitrary data to arbitrary locations on the host server by controlling repo.path and run_hash to bypass directory existence checks and extract files to unintended locations, potentially overwriting critical files.

How to fix External Control of File Name or Path?

There is no fixed version for aim.

[0,)

Relative Path Traversal

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Relative Path Traversal through the runs/delete-batch endpoint. An attacker can delete arbitrary files or directories, potentially causing denial of service or data loss when handling user-specified run-names.

How to fix Relative Path Traversal?

There is no fixed version for aim.

[0,)

Synchronous Access of Remote Resource without Timeout

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Synchronous Access of Remote Resource without Timeout by using the option for connecting to an external filesystem via the sshfs-client. An attacker can cause the server to become unresponsive by initiating a connection to an unresponsive socket.

How to fix Synchronous Access of Remote Resource without Timeout?

There is no fixed version for aim.

[0,)

Directory Traversal

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Directory Traversal via the LocalFileManager._cleanup function, by crafting a malicious glob-pattern that is not verified to be within the directory managed by LocalFileManager.

How to fix Directory Traversal?

There is no fixed version for aim.

[0,)

Denial of Service (DoS)

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Denial of Service (DoS) by sending a large number of requests to retrieve tracked metrics simultaneously. This excessive load results in uncontrolled resource consumption due to the server's inability to limit the number of metrics requested per call and its single-threaded nature.

How to fix Denial of Service (DoS)?

There is no fixed version for aim.

[0,)

Access Control Bypass

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Access Control Bypass due to the use of an outdated safer_getattr function from RestrictedPython which fails to block the str.format_map method. An attacker can leak server-side secrets or execute arbitrary code by exploiting the ability of str.format_map to read arbitrary attributes of Python objects, thus accessing sensitive variables such as os.environ.

Note: This is only exploitable if an attacker can write files to a known location on the Aim server.

How to fix Access Control Bypass?

There is no fixed version for aim.

[3.0.0,)

Directory Traversal

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Directory Traversal in the LockManager.release_locks() function. An attacker can delete arbitrary files on the filesystem by passing an absolute path to the target file as the the run_hash parameter.

How to fix Directory Traversal?

There is no fixed version for aim.

[0,)

Denial of Service (DoS)

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Denial of Service (DoS) through the tracking server. An attacker can cause the server to become unresponsive to other requests by sending very large images that exceed the maximum size for websocket messages.

How to fix Denial of Service (DoS)?

There is no fixed version for aim.

[0,)

Excessive Data Query Operations in a Large Data Table

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Excessive Data Query Operations in a Large Data Table through the tracking and simultaneous querying of a large number of Text objects via the web API. An attacker can cause the Aim web server to become unresponsive to other requests for an extended period while processing and returning these objects, effectively leading to a complete denial of service by exploiting this behavior repeatedly.

How to fix Excessive Data Query Operations in a Large Data Table?

There is no fixed version for aim.

[0,)

Cross-site Scripting (XSS)

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to its us of dangerouslySetInnerHTML in the textbox component of the web UI. An attacker can inject scripts which will be executed when a user accesses the text explorer feature.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for aim.

[0,)

Cross-site Scripting (XSS)

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the dangerouslySetInnerHTML function. An attacker can exploit this vulnerability by injecting malicious scripts into the logs, which will be executed when a user views the logs-tab.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for aim.

[0,)

Arbitrary File Write via Archive Extraction

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction through the manipulation of file paths. An attacker could remotely overwrite any file on the host server and to exfiltrate any data from the host server. This can be abused to cause denial of service by overwriting critical system files, loss of private data, and remote code execution by downloading private ssh-keys.

Note:

Having full control over these zip files leads to two vulnerabilities:

The first is being able to overwrite any existing file on the system(e.g. the contents of the file is not "useful" to the attacker, but it can nevertheless be used to cause denial of service by overwriting critical system files).

The second vulnerability is achieved by using the built-in sshfs-client of the project to mount an external directory, and write the zip file to that. This is an intended feature of the project, being a way of getting files off of the vulnerable system.

How to fix Arbitrary File Write via Archive Extraction?

There is no fixed version for aim.

[0,)

Resource Exhaustion

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Resource Exhaustion due to the misconfiguration of the remote tracking server. This can lead to an endless loop of connections that prevents it from handling other legitimate requests.

How to fix Resource Exhaustion?

There is no fixed version for aim.

[0,)

Improper Control of Generation of Code ('Code Injection')

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Improper Control of Generation of Code ('Code Injection') due to improper restriction of user access to the RunView object. An attacker can execute arbitrary commands on the server, potentially leading to full system compromise by exploiting the query parameter in the /api/runs/search/run/ endpoint.

How to fix Improper Control of Generation of Code ('Code Injection')?

There is no fixed version for aim.

[3.0.0,)

Cross-Site Request Forgery (CSRF)

aim is a super-easy way to record, search and compare AI experiments.

Affected versions of this package are vulnerable to Cross-Site Request Forgery (CSRF) due to the lack of CSRF and CORS protection in the aim dashboard. An attacker can exploit this by tricking a user into executing a malicious script that sends unauthorized requests to the aim server, leading to potential data loss and unauthorized data manipulation.

How to fix Cross-Site Request Forgery (CSRF)?

There is no fixed version for aim.

[0,)

aim@3.29.0.dev20250330 vulnerabilities

A super-easy way to record, search and compare AI experiments.

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities

How to fix?