CVE-2024-10110

Published: Mar 20, 2025
Updated: Jun 30, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-10110" target="_blank" rel="noopener"> CVE-2024-10110
GHSA: <a href="https://github.com/advisories/GHSA-fx47-jpv9-7hxr" target="_blank" rel="noopener"> GHSA-fx47-jpv9-7hxr
Severity: High
Exploit:

In version 3.23.0 of aimhubio/aim, the ScheduledStatusReporter object can be instantiated to run on the main thread of the tracking server, leading to the main thread being blocked indefinitely. This results in a denial of service as the tracking server becomes unable to respond to other requests.