Intel

AIKIDO-2026-845192

clearml is vulnerable to Relative Path Traversal

Relative Path TraversalCVE-2026-8387 Published Jul 2, 2026

24

Low Risk

This Affects:

Pythonclearml
1.0.0 - 2.1.5
Fixed in 2.1.6
Are you affected? Scan for Free

TL;DR

Affected versions of this package are vulnerable to relative path traversal when extracting .zip archives in StorageManager._extract_to_cache(), which calls ZipFile.extractall() without validating archive member paths. An attacker who can supply a malicious zip archive—via dataset downloads, artifact downloads, model downloads, or offline session imports—can write arbitrary files outside the intended extraction directory. This may lead to remote code execution through cron job injection, SSH key overwrite, or web shell deployment. The fix introduces extract_zip_archive() with path traversal validation before extraction.

Who does this affect?

You are affected if you use ClearML to download datasets, artifacts, or models from untrusted sources, import offline sessions from zip archives, and are running a version within the vulnerable range.

Background info

clearml is vulnerable to Relative Path Traversal in versions 1.0.0 - 2.1.5.

How to fix this

Upgrade the clearml library to version 2.1.6 or later.