7 matches found
CVE-2022-31565
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31565
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31565
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
Path traversal
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
CVE-2022-31565
CVE-2022-31565 concerns absolute path traversal in the yogson/syrabond repository (up to 2020-05-25) caused by unsafe use of Flask’s send_file. Red Hat, NVD and CVE records corroborate the same issue across multiple feeds. The vulnerability stems from how send_file is invoked, enabling an attacke...
CVE-2022-31565
The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...
syrabond 路径遍历漏洞
syrabond is an MQTT-based smart home system. A security vulnerability exists in syrabond version 2020-05-25 and earlier, which stems from an incorrect call to Flask's sendfile function that results in absolute path traversal...