CVE-2025-5321 | aimhubio aim up to 3.29.1 run_view Object /aim/storage/query.py RestrictedPythonQuery sandbox

Inserito da Angelo Barbosa | Mag 29, 2025 | CVE

A vulnerability classified as critical was found in aimhubio aim up to 3.29.1. This vulnerability affects the function RestrictedPythonQuery of the file /aim/storage/query.py of the component run_view Object Handler. The manipulation of the argument Query leads to sandbox issue.

This vulnerability was named CVE-2025-5321. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-5321 | aimhubio aim up to 3.29.1 run_view Object /aim/storage/query.py RestrictedPythonQuery sandbox

Post correlati

CVE-2025-4455 | Patch My PC Home Updater up to 5.1.3.0 System.IO uncontrolled search path

CVE-2024-40960 | Linux Kernel up to 6.9.6 rt6_probe null pointer dereference

CVE-2024-55888 | scidsg hushline up to 0.3.4 ui layer (GHSA-m592-g8qv-hrqx)

CVE-2024-40347 | Hyland Alfresco 23.2.1-r96 htmlid cross site scripting