2 matches found
CVE-2022-31577
The longmaoteamtf/audioalignerapp repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31577
The CVE-2022-31577 entry concerns an absolute path traversal in the longmaoteamtf/audio_aligner_app repository (up to 2020-01-10). The vulnerability arises from unsafe use of Flask’s send_file, which can fail to filter resources or file paths, allowing attackers to access arbitrary files and dire...