Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Denial of Service in aimhubio/aim
Vulnerability Description
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service (DoS) attack. The issue arises when a large number of tracked metrics are retrieved simultaneously from the Aim web API, causing the web server to become unresponsive. The root cause is the lack of a limit on the number of metrics that can be requested per call, combined with the server's single-threaded nature, leading to excessive resource consumption and blocking of the server.
CVSS Information
N/A
Vulnerability Type
不加限制或调节的资源分配
Vulnerability Title
Aim 资源管理错误漏洞
Vulnerability Description
Aim是美国Aim开源的一个易于使用和高性能的开源实验跟踪器。 Aim 3.25.0版本存在资源管理错误漏洞,该漏洞源于未限制请求的指标数量,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A