admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

Second attempt to add CVE-2021-43775 for GHSA-8phj-f9w2-cjcc

Browse Source
This commit is contained in:
Shelby J. Cunningham 2021-11-24 10:05:09 -05:00
parent 5f003fecfa
commit 6e678ee9f1
No known key found for this signature in database
GPG Key ID: 0781D7D998EB82AA
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
2021/43xxx/CVE-2021-43775.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with \u201cdot-dot-slash (../)\u201d sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. The vulnerability issue is resolved in Aim v3.1.0."
"value": "Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnerable to a path traversal attack. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on file system including application source code or configuration and critical system files. The vulnerability issue is resolved in Aim v3.1.0."
}
]
},