exploitDog

CVE-2024-10110

Опубликовано: 20 мар. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being blocked indefinitely. This results in a denial of service as the tracking server becomes unable to respond to other requests.

Ссылки

https://huntr.com/bounties/5ea6cf56-7b4c-4dce-9b6c-3e910fbb1ae4
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:aimstack:aim:3.23.0:*:*:*:*:python:*:*

EPSS

Процентиль: 35%

0.00142

Низкий

7.5 High

CVSS3

Дефекты

CWE-400

Связанные уязвимости

GHSA-fx47-jpv9-7hxr

CVSS3: 7.5

github

11 месяцев назад

Aim Vulnerable to Denial of Service (DoS)

EPSS

Процентиль: 35%

0.00142

Низкий

7.5 High

CVSS3

Дефекты

CWE-400