CVE-2025-8917

A vulnerability in allegroai/clearml version v2.0.1 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical fil...

EUVD-2025-32454

A vulnerability in allegroai/clearml version v2.0.1 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical fil...

CVE-2025-8917

A vulnerability in allegroai/clearml version v2.0.1 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical fil...

CVE-2025-8917

A vulnerability in allegroai/clearml version v2.0.1 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical fil...

CVE-2025-8917 Path Traversal Leading to Remote Code Execution in allegroai/clearml

A vulnerability in allegroai/clearml version v2.0.1 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical fil...

CVE-2025-8917 Path Traversal Leading to Remote Code Execution in allegroai/clearml

A vulnerability in allegroai/clearml version v2.0.1 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical fil...

CVE-2025-8917

Path traversal vulnerability in allegroai/clearml v2.0.1 due to unsafe handling of symbolic and hard links in safe_extract. This can lead to arbitrary file writes outside the target directory and potentially remote code execution if critical files are overwritten. Remediation per multiple sources...

EUVD-2023-58990

Malicious code in bioql PyPI...

CVE-2023-6778

Cross-site Scripting XSS - Stored in GitHub repository allegroai/clearml-server prior to 1.13.0...

CVE-2023-6778

CVE-2023-6778 affects ClearML Server (allegroai/clearml-server). It is a stored XSS vulnerability in versions prior to 1.13.0, enabling attackers to inject scripts via the affected web interface. The root cause is untrusted user input stored and rendered, leading to potential data exposure or ses...