{"data":{"id":"8b0eeae7-4aed-4667-a97a-637b3282c8c1","title":"CVE-2021-43775: Aim is an open-source, self-hosted machine learning experiment tracking tool. Versions of Aim prior to 3.1.0 are vulnera","summary":"Aim is an open-source tool for tracking machine learning experiments. Versions before 3.1.0 have a path traversal vulnerability (a type of attack where special sequences like '../' are used to access files outside the intended directory), which could allow attackers to read sensitive files like source code, configuration files, or system files on the server.","solution":"Upgrade to Aim v3.1.0, where the vulnerability is resolved.","labels":["security"],"sourceUrl":"https://nvd.nist.gov/vuln/detail/CVE-2021-43775","publishedAt":"2021-11-23T21:15:20.347Z","cveId":"CVE-2021-43775","cweIds":["CWE-22","CWE-22"],"cvssScore":"8.6","cvssSeverity":"high","severity":"high","attackType":["other"],"issueType":"vulnerability","affectedPackages":null,"affectedVendors":[],"affectedVendorsRaw":["Aim"],"classifierModel":"claude-haiku-4-5-20251001","classifierPromptVersion":"v3","cvssVector":null,"attackVector":null,"attackComplexity":null,"privilegesRequired":null,"userInteraction":null,"exploitMaturity":"unknown","epssScore":0.00447,"patchAvailable":null,"disclosureDate":null,"capecIds":["CAPEC-126"],"crossRefCount":0,"attackSophistication":"trivial","impactType":["confidentiality","integrity"],"aiComponentTargeted":"framework","llmSpecific":false,"classifierConfidence":0.85,"researchCategory":null,"atlasIds":null}}