PT-2022-20772 · Orchest · Orchest

Name of the Vulnerable Software and Affected Versions: orchest/orchest versions prior to 2022.05.0 Description: The issue allows absolute path traversal due to the unsafe use of the Flask send file function. Recommendations: For versions prior to 2022.05.0, update to version 2022.05.0 or later to...

orchest 路径遍历漏洞

orchest is an Orchest open source repository . Used to build data pipelines. A path traversal vulnerability exists in versions prior to orchest v2022.05.0, which stems from insecure use of the Flask sendfile function...