Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
•added 2026/01/09 10:48 a.m.•9 views

CVE-2022-31504

The ChangeWeDer/BaiduWenkuSpiderflaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01398EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
•added 2023/05/12 1:37 p.m.•41 views

Security Bulletin: Multiple Vulnerabilities in Multicloud Management Security Services

Summary Multiple vulnerabilities were fixed in IBM Cloud Pak for Multicloud Management Security Services Vulnerability Details CVEID:CVE-2022-31512 DESCRIPTION: flask-mvc could allow a remote attacker to traverse directories on the system, caused by the Flask sendfile function being used unsafely...

9.3CVSS7.7AI score0.01398EPSS
Exploits4Affected Software1
OSV
OSV
•added 2022/07/11 1:15 a.m.•5 views

CVE-2022-31504

The ChangeWeDer/BaiduWenkuSpiderflaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.8AI score0.01398EPSS
Exploits1References2
CVE
CVE
•added 2022/07/11 12:53 a.m.•66 views

CVE-2022-31504

CVE-2022-31504 concerns the ChangeWeDer/BaiduWenkuSpider_flaskWeb repository, with a path traversal vulnerability caused by using Flask’s send_file unsafely. The issue exists in versions prior to 2021-11-29 and can enable an attacker to perform absolute path traversal to view arbitrary files on t...

9.3CVSS9.3AI score0.01398EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder