audio_aligner_app is a kaldi-based text alignment Web application open sourced by LongmaoTeamTf. audio_aligner_app 2020-01-10 and earlier versions contain a path traversal vulnerability that stems from Flaskβs send_file function failing to properly filter resources or file path, which can be exploited to access arbitrary files and directories stored on the file system.