3 matches found
CVE-2022-31508
The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31508
The idayrus/evoting repository before 2022-05-08 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31508
CVE-2022-31508 affects the idayrus/evoting repository prior to 2022-05-08. The vulnerability arises from unsafe use of Flaskās send_file, enabling absolute path traversal that could allow access to arbitrary files/directories on the file system. NVD CVSSv3.1 base score 9.3 (CRITICAL) with network...