5 matches found
EUVD-2022-53041
Malicious code in bioql PyPI...
CVE-2022-31587
The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31587
The yuriyouzhou/KG-fashion-chatbot repository through 2018-05-22 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31587
CVE-2022-31587 affects the yuriyouzhou/KG-fashion-chatbot repository (up to 2018-05-22). The issue is an absolute path traversal caused by unsafe use of Flask’s send_file, enabling access to unintended files. CVSS data in the provided sources indicate a high impact on confidentiality and a signif...
KG-fashion-chatbot 路径遍历漏洞
KG-fashion-chatbot is a multi-modal chatbot for online shopping assistant by youzhou individual developer. KG-fashion-chatbot has a security vulnerability in versions 2018-05-22 and earlier, which stems from an unsafe use of Flask's sendfile function that allows absolute path traversal...