CVE-2025-8917 | allegroai clearml up to 2.0.1 Symbolic Link safe_extract path traversal

A vulnerability identified as critical has been detected in allegroai clearml up to 2.0.1. This affects the function safe_extract of the component Symbolic Link Handler. The manipulation leads to path traversal.

This vulnerability is listed as CVE-2025-8917. The attack must be carried out locally. There is no available exploit.

You should upgrade the affected component.VulDB Recent EntriesRead More