CVE-2024-8061

Source
https://cve.org/CVERecord?id=CVE-2024-8061
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8061.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2024-8061
Aliases
Published
2025-03-20T10:10:09.524Z
Modified
2026-07-15T01:49:05.217982280Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Denial of Service in aimhubio/aim
Details

In version 3.23.0 of aimhubio/aim, certain methods that request data from external servers do not have set timeouts, causing the server to wait indefinitely for a response. This can lead to a denial of service, as the tracking server does not respond to other requests while waiting. The issue arises in the client used by the aim tracking server to communicate with external resources, specifically in the _run_read_instructions method and similar calls without timeouts.

Database specific
{
    "cwe_ids": [
        "CWE-1088"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/8xxx/CVE-2024-8061.json",
    "cna_assigner": "@huntr_ai"
}
References

Affected packages

Git / github.com/aimhubio/aim

Affected ranges

Type
GIT
Repo
https://github.com/aimhubio/aim
Events
Database specific
{
    "cpe": "cpe:2.3:a:aimstack:aim:3.23.0:*:*:*:*:python:*:*",
    "extracted_events": [
        {
            "introduced": "3.23.0"
        },
        {
            "last_affected": "3.23.0"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

3.*
3.23.0
v3.*
v3.23.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-8061.json"