CVE-2022-31540

The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31540

CVE-2022-31540 affects the kumardeepak/hin-eng-preprocessing repository, wherein an unsafe use of Flask’s send_file through 2019-07-16 enables absolute path traversal. The issue is documented across multiple sources (NVD, Red Hat, CVE lists) with CVSS metrics indicating a high impact on confident...

CVE-2022-31538

The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31537

The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31534

The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31533

The CVE-2022-31533 entry concerns the decentraminds/umbral repository up to 2020-01-15, where an absolute path traversal vulnerability arises from an unsafe use of Flask’s send_file. The connected Red Hat CVE entry, NVD/NIST record, and CNNVD/CVE lists corroborate that the issue is tied to path t...

CVE-2022-31532

The dankolbman/travelblahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31532

CVE-2022-31532 describes an absolute path traversal in the project travel_blahg (repository by dankolbman) caused by unsafe usage of Flask’s send_file. Affected: the project up to 2016-01-16. Implication: unauthorized access to file paths may be possible via crafted requests. CVSS data from NVD i...

CVE-2022-31530

The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31527

The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31526

The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31525

The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31524

The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31524

CVE-2022-31524 affects the PureStorage-OpenConnect/swagger repository up to version 1.1.5. The root cause is the unsafe use of Flask’s send_file, enabling absolute path traversal. Public references (including Red Hat) confirm the same description. The provided documents do not specify an official...

CVE-2022-31523

The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31522

The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31518

The CVE-2022-31518 entry concerns the JustAnotherSoftwareDeveloper/Python-Recipe-Database repository. A path traversal flaw exists through 2021-03-31 caused by using Flask’s send_file unsafely. This leads to an absolute path traversal vulnerability in the application, enabling access to files out...

CVE-2022-31517

The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31516

The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31514

CVE-2022-31514 affects the Caoyongqi912/Fan_Platform repository on GitHub up to 2021-04-20, where an absolute path traversal flaw exists due to unsafe use of Flask’s send_file. The vulnerability targets the backend of Fan_Platform, a UI automation platform, by failing to filter file paths, enabli...