PyPi: Aim

CVE-2024-10110

Safety vulnerability ID: 76298

This vulnerability was reviewed by experts

The information on this page was manually curated by our Cybersecurity Intelligence Team.

Created at Mar 20, 2025 Updated at Apr 02, 2025

Scan your Python projects for vulnerabilities →

Advisory

In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being blocked indefinitely. This results in a denial of service as the tracking server becomes unable to respond to other requests.

Affected package

aim

Latest version: 4.0.3

A super-easy way to record, search and compare AI experiments.

Affected versions

Fixed versions

Vulnerability changelog

This vulnerability has no description

Resources

https://github.com/advisories/GHSA-fx47-jpv9-7hxr
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-10110

Use this package?

Scan your Python project for dependency vulnerabilities in two minutes

Scan your application