4 matches found
CVE-2022-31548
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31548
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31548
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31548
CVE-2022-31548 affects the nrlakin/homepage repository up to 2017-03-06. The root cause is unsafe use of Flaskās send_file, enabling absolute path traversal. This leads to potential unauthorized access to files outside the intended directory, as described across Red Hat and CVE/NVD records. Publi...