CVE-2024-12777
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-12777
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-12777.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-12777
- Aliases
- Published
- 2025-03-20T10:15:30Z
- Modified
- 2025-09-19T14:51:55.585454Z
- Summary
- [none]
- Details
-
A vulnerability in aimhubio/aim version 3.25.0 allows for a denial of service through the misuse of the sshfs-client. The tracking server, which is single-threaded, can be made unresponsive by requesting it to connect to an unresponsive socket via sshfs. The lack of an additional timeout setting in the sshfs-client causes the server to hang for a significant amount of time, preventing it from responding to other requests.
- References
Affected packages
Git / github.com/aimhubio/aim
Affected ranges
- Type
- GIT
- Repo
- https://github.com/aimhubio/aim
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
Other
pre-launch
v0.*
v0.1.0
v0.1.1
v0.2.0
v0.2.1
v0.2.2
v0.2.3
v0.2.4
v0.2.5
v0.2.6
v0.2.7
v0.2.8
v1.*
v1.0.0
v1.0.2
v1.1.0
v1.1.1
v1.2.7rc1
v2.*
v2.1.6
v2.2.0
v2.2.1
v2.3.0
v2.4.0
v2.5.0
v2.6.0
v2.7.0
v3.*
v3.0.0
v3.0.0-beta5
v3.0.0-beta6
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.1.0
v3.1.1
v3.10.0
v3.10.1
v3.10.2
v3.10.3
v3.11.0
v3.11.1
v3.11.2
v3.12.0
v3.12.1
v3.12.2
v3.13.0
v3.13.1
v3.13.2
v3.13.3
v3.13.4
v3.14.0
v3.14.1
v3.14.2
v3.14.3
v3.14.4
v3.15.0
v3.15.1
v3.15.2
v3.16.0
v3.16.1
v3.16.2
v3.17.0
v3.17.1
v3.17.2
v3.17.3
v3.17.4
v3.17.5
v3.18.1
v3.19.0
v3.19.1
v3.19.2
v3.19.3
v3.2.0
v3.2.1
v3.2.2
v3.20.1
v3.21.0
v3.22.0
v3.23.0
v3.24.0
v3.25.0
v3.3.0
v3.3.1
v3.3.2
v3.3.3
v3.3.4
v3.3.5
v3.4.0
v3.4.1
v3.5.0
v3.5.1
v3.5.2
v3.5.3
v3.5.4
v3.6.0
v3.6.1
v3.6.2
v3.6.3
v3.7.0
v3.7.1
v3.7.2
v3.7.3
v3.7.4
v3.7.5
v3.8.0
v3.8.1
v3.9.0
v3.9.1
v3.9.2
v3.9.3
v3.9.4