361 matches found
PYSEC-2026-436 SatyaLab opendiamond 10.1.1 vulnerable to path traversal because Flask send_file function used unsafely
The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely. A patch is available on the master branch of the repository...
PYSEC-2026-541 Tooxie Shiva 0.10.0 allows absolute path traversal because Flask send_file function used unsafely
The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31575
The duducosmos/livropython repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31548
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31584
The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31531
The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31540
The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31522
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31577
The longmaoteamtf/audioalignerapp repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31586
The unizar-30226-2019-06/ChangePop-Back repository through 2019-06-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31551
The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31560
The uncleYiba/phototag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31573
The chainer/chainerrl-visualizer repository through 0.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31537
The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31506
The cmusatyalab/opendiamond repository through 10.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31528
The bonn-activity-maps/bamannotationtool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31582
The shaolo1/VideoServer repository through 2019-09-21 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31546
The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31520
The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31511
The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...