2 matches found
erknextframegen (=0.0.1), modelcellsignaling (>=0.0.1 <=1.0.0) +1 more potentially affected by CVE-2024-24591 via clearml (>=0.17.4 <=1.10.4)
clearml PYPI version =0.17.4, =0.0.1, =0.2.19, =1.4.2 Source cves: CVE-2024-24591 Source advisory: OSV:GHSA-M95H-P4GG-WFW3...
CVE-2024-24591
Summary of CVE-2024-24591 : A path traversal vulnerability affects Allegro AI’s ClearML platform client SDK versions 1.4.0 through 1.14.1. The issue arises when handling uploaded datasets, allowing a malicious dataset to write local or remote files to arbitrary locations on an end user’s system u...