aimhubio aim WebSocket Denial-of-Service Vulnerability

Vulnerability

A denial-of-service vulnerability has been identified in version 3.25.0 of aimhubio/aim. The tracking server improperly manages the maximum size for WebSocket messages, allowing excessively large images to be tracked. This mismanagement causes the server to become unresponsive to other requests while it processes the large image, creating a denial-of-service condition.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing the server to become unresponsive to requests while processing large WebSocket messages.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

8.7

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

aimhubio aim WebSocket Denial-of-Service Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating