9 matches found
CVE-2022-31566
The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31566
The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31567
The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31566
The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31566
The DSAB-local/DSAB repository through 2019-02-18 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31567
The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
Path traversal
The DSABenchmark/DSAB repository through 2.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31567
CVE-2022-31567 affects the DSABenchmark/DSAB repository (versions up to 2.1). The root cause is unsafe use of Flask send_file, enabling absolute path traversal. Documented impact indicates potential partial confidentiality and low- to high-impact conditions (per CVSS metrics: CVSSv2 base score 6....
CVE-2022-31566
CVE-2022-31566 : The DSAB-local/DSAB repository (up to 2019-02-18) suffers an absolute path traversal due to unsafe usage of Flask send_file, enabling access to arbitrary files on the file system. The vulnerability is reflected across multiple feeds (NVD, Red Hat, CNVD, CVE lists) with impact des...