Lucene search
K

6 matches found

NVD
NVD
added 9 hours ago4 views

CVE-2026-8387

A vulnerability in allegroai/clearml versions up to and including 1.16.5 allows for relative path traversal when extracting .zip archives using the ZipFile.extractall method in StorageManager.extracttocache. This issue arises due to the lack of path traversal validation, enabling an attacker to...

2.4CVSS
Exploits0References2
Snyk
Snyk
added 2025/10/05 12:30 p.m.3 views

Directory Traversal

Overview clearml is a ClearML - Auto-Magical Experiment Manager, Version Control, and MLOps for AI Affected versions of this package are vulnerable to Directory Traversal via the safeextract function. An attacker can write arbitrary files outside the intended directory by exploiting improper...

6.8CVSS7.7AI score0.00269EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/10/05 12:0 a.m.5 views

PT-2025-40805

Name of the Vulnerable Software and Affected Versions allegroai/clearml version v2.0.1 Description A flaw exists in the handling of symbolic and hard links within the safe extract function, leading to a path traversal issue. This can result in arbitrary file writes outside the intended directory...

5.8CVSS6.5AI score0.00269EPSS
Exploits0References7
GithubExploit
GithubExploit
added 2024/07/21 4:16 a.m.133 views

Exploit for Deserialization of Untrusted Data in Clear Clearml

Clearml-CVE-2024-24590 CVE-2024-24590 is a vulnerability that...

8.8CVSS8.2AI score0.02452EPSS
Exploits9
vulnersOsv
vulnersOsv
added 2024/02/06 12:30 a.m.2 views

erknextframegen (=0.0.1), modelcellsignaling (>=0.0.1 <=1.0.0) +1 more potentially affected by CVE-2024-24595 via clearml (>=0.17.4 <=1.10.4)

clearml PYPI version =0.17.4, =0.0.1, =0.2.19, =1.4.2 Source cves: CVE-2024-24595 Source advisory: OSV:GHSA-GVQV-H7HH-6FCC...

7.1CVSS7AI score0.00255EPSS
Exploits0
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.6 views

Allegro Path Traversal Vulnerability

Allegro is an open source cross-platform library from Allegro that focuses on video game and multimedia programming. A path traversal vulnerability exists in Allegro AI ClearML version 1.4.0 and later. An attacker can exploit this vulnerability to write a local or remote file to an arbitrary...

8.8CVSS6.8AI score0.00798EPSS
Exploits1References2
Rows per page
Query Builder