9 matches found
CVE-2022-31507
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
EUVD-2022-0110
Malicious code in bioql PyPI...
GHSA-7488-6X3R-23W5 Ganga allows absolute path traversal
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
Ganga allows absolute path traversal
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
Path Traversal
ganga is vulnerable to path traversal. The vulnerability exists due to a lack of sanitization of the Flask sendfile function allowing an attacker to traverse through the directory via the abspath variable...
CVE-2022-31507
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31507
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
PYSEC-2022-225
The ganga-devs/ganga repository before 8.5.10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
ganga 路径遍历漏洞
ganga is an easy-to-use job definition and management front-end open-sourced by Ganga developers. A security vulnerability exists in ganga versions prior to 8.5.10, which stems from an incorrect call to Flask's sendfile function that results in absolute path traversal...