aim ScheduledStatusReporter Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in aimhubio/aim version 3.23.0. The issue arises when the ScheduledStatusReporter object is instantiated to run on the main thread of the tracking server. This can lead to the main thread being blocked indefinitely, causing the tracking server to become unresponsive to other requests.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the tracking server to block responses to other requests indefinitely.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

aim ScheduledStatusReporter Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating