CVE-2022-31538

2022-07-1100:57:30

mitre

www.cve.org

9.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

62.1%

JSON

The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.

References

github.com/github/securitylab/issues/669#issuecomment-1117265726