6 matches found
CVE-2022-31522
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31522
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31522
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31522
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31522
The CVE-2022-31522 entry concerns the NotVinay/karaokey project (up to 2019-12-11) where an unsafe use of Flask send_file enables absolute path traversal. The vulnerability description in multiple connected sources confirms the flaw stems from improper file handling, allowing an attacker to trave...
Karaokey 路径遍历漏洞
Karaokey is a vocal remover by Vinay Patel personal developer. It can automatically separate vocals and instruments. A security vulnerability exists in Karaokey version 2019-12-11 and prior versions, which stems from an incorrect call to Flask's sendfile function resulting in absolute path...