aim icon indicating copy to clipboard operation
aim copied to clipboard

Published 20 hours ago • verified publisher icon aimhubio

Create SECURITY.md

Open superboy-zjc opened this issue 7 months ago • 2 comments
trafficstars

Hi aim team,

We are security researcher from Johns Hopkins University. Recently we identified a critical vulnerability in the aim which leads to remote code execution. we'd like to responsibly disclose the vulnerability via the github security page. Could you please merge this commit so we can have a private channel to submit report and further discuss it? Thanks!

superboy-zjc avatar Apr 11 '25 03:04 superboy-zjc

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Apr 11 '25 03:04 CLAassistant

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Apr 11 '25 03:04 CLAassistant

Hello @alberttorosyan @gorarakelyan

@superboy-zjc has published https://nvd.nist.gov/vuln/detail/CVE-2025-5321 - could this be validated and possibly a security policy be published as suggested by the author?

AlessandroPomponio avatar Jun 26 '25 11:06 AlessandroPomponio