Описание
Aim Vulnerable to Denial of Service (DoS)
In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being blocked indefinitely. This results in a denial of service as the tracking server becomes unable to respond to other requests.
Пакеты
Наименование
aim
pip
Затронутые версииВерсия исправления
>= 3.15.0, <= 3.23.0
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
11 месяцев назад
In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being blocked indefinitely. This results in a denial of service as the tracking server becomes unable to respond to other requests.