22 matches found
CVE-2025-8917 Path Traversal Leading to Remote Code Execution in allegroai/clearml
A vulnerability in allegroai/clearml version v2.0.1 allows for path traversal due to improper handling of symbolic and hard links in the safeextract function. This flaw can lead to arbitrary file writes outside the intended directory, potentially resulting in remote code execution if critical fil...
clearml 安全漏洞
clearml is a large model pipeline tool for allegroai individual developers. A security vulnerability exists in clearml version v2.0.1, which stems from improper handling of symbolic links and hard links by the safeextract function, which could lead to arbitrary file writes and remote code executi...