clearml is vulnerable to Relative Path Traversal
24
Low Risk
Affected versions of this package are vulnerable to relative path traversal when extracting .zip archives in StorageManager._extract_to_cache(), which calls ZipFile.extractall() without validating archive member paths. An attacker who can supply a malicious zip archive—via dataset downloads, artifact downloads, model downloads, or offline session imports—can write arbitrary files outside the intended extraction directory. This may lead to remote code execution through cron job injection, SSH key overwrite, or web shell deployment. The fix introduces extract_zip_archive() with path traversal validation before extraction.
You are affected if you use ClearML to download datasets, artifacts, or models from untrusted sources, import offline sessions from zip archives, and are running a version within the vulnerable range.
clearml is vulnerable to Relative Path Traversal in versions 1.0.0 - 2.1.5.
Upgrade the clearml library to version 2.1.6 or later.
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.

SOC 2Compliant
ISO 27001Compliant