CVE-2022-31532
CVE-2022-31532 describes an absolute path traversal in the project travel_blahg (repository by dankolbman) caused by unsafe usage of Flaskās send_file. Affected: the project up to 2016-01-16. Implication: unauthorized access to file paths may be possible via crafted requests. CVSS data from NVD i...