19 matches found
PYSEC-2026-436 SatyaLab opendiamond 10.1.1 vulnerable to path traversal because Flask send_file function used unsafely
The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely. A patch is available on the master branch of the repository...
CVE-2022-31575
The duducosmos/livropython repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31578
The piaoyunsoft/btlnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31584
The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31586
The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31586
The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31552
The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31552
The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31563
The whmacmac/vprj repository through 2022-04-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31575
The duducosmos/livropython repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31557
The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31544
The meerstein/rbtm repository through 1.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31542
The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31536
The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31530
The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31540
The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31514
The Caoyongqi912/FanPlatform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31511
The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
PYSEC-2022-225
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...