Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Arbitrary File/Directory Deletion in aimhubio/aim
Vulnerability Description
A vulnerability in the `runs/delete-batch` endpoint of aimhubio/aim version 3.19.3 allows for arbitrary file or directory deletion through path traversal. The endpoint does not mitigate path traversal when handling user-specified run-names, which are used to specify log/metadata files for deletion. This can be exploited to delete arbitrary files or directories, potentially causing denial of service or data loss.
CVSS Information
N/A
Vulnerability Type
相对路径遍历
Vulnerability Title
Aim 安全漏洞
Vulnerability Description
Aim是美国Aim开源的一个易于使用和高性能的开源实验跟踪器。 Aim 3.19.3版本存在安全漏洞,该漏洞源于runs/delete-batch端点未缓解路径遍历,可能导致任意文件或目录删除。
CVSS Information
N/A
Vulnerability Type
N/A