Lucene search
+L

361 matches found

OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-436 SatyaLab opendiamond 10.1.1 vulnerable to path traversal because Flask send_file function used unsafely

The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely. A patch is available on the master branch of the repository...

9.3CVSS7.3AI score0.01398EPSS
Exploits1References7
OSV
OSV
added 2026/06/29 11:50 a.m.7 views

PYSEC-2026-541 Tooxie Shiva 0.10.0 allows absolute path traversal because Flask send_file function used unsafely

The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7.3AI score0.0118EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:49 a.m.10 views

CVE-2022-31575

The duducosmos/livropython repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01293EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.11 views

CVE-2022-31548

The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.18 views

CVE-2022-31584

The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01293EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.8 views

CVE-2022-31531

The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.22 views

CVE-2022-31540

The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.16 views

CVE-2022-31522

The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.7 views

CVE-2022-31577

The longmaoteamtf/audioalignerapp repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01174EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.7 views

CVE-2022-31586

The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.13 views

CVE-2022-31551

The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.7 views

CVE-2022-31560

The uncleYiba/phototag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01156EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.5 views

CVE-2022-31573

The chainer/chainerrl-visualizer repository through 0.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS6.9AI score0.01293EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.9 views

CVE-2022-31537

The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.7 views

CVE-2022-31506

The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS6.9AI score0.01398EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.9 views

CVE-2022-31528

The bonn-activity-maps/bamannotationtool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.8 views

CVE-2022-31582

The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01293EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.9 views

CVE-2022-31546

The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.10 views

CVE-2022-31520

The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:47 a.m.5 views

CVE-2022-31511

The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS7AI score0.01242EPSS
Exploits1References1
Rows per page
Query Builder