3 matches found
CVE-2022-31587
The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31587
The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31587
CVE-2022-31587 affects the yuriyouzhou/KG-fashion-chatbot repository (up to 2018-05-22). The issue is an absolute path traversal caused by unsafe use of Flaskās send_file, enabling access to unintended files. CVSS data in the provided sources indicate a high impact on confidentiality and a signif...