Description

A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service (DoS) attack. The issue arises when a large number of tracked metrics are retrieved simultaneously from the Aim web API, causing the web server to become unresponsive. The root cause is the lack of a limit on the number of metrics that can be requested per call, combined with the server's single-threaded nature, leading to excessive resource consumption and blocking of the server.

INFO

Published Date :

2025-03-20T10:10:10.394Z

Last Modified :

2025-10-15T12:49:31.683Z

Source :

@huntr_ai
AFFECTED PRODUCTS

The following products are affected by CVE-2024-12778 vulnerability.

Vendors Products
Aimstack
  • Aim
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-12778.

URL Resource
https://huntr.com/bounties/892a9eee-0251-4e57-94a4-dad2e7f32715 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact