CVE-2022-31527

The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

flask-file-server path traversal vulnerability

flask-file-server is a file server with a front-end for browsing, uploading, and streaming files from Wildog Personal Developer. flask-file-server 2020-02-20 and earlier versions are vulnerable to a path traversal vulnerability that stems from a failure of Flask's sendfile function to properly...

CVE-2022-31527

The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31527

The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

Path traversal

The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31527

The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

CVE-2022-31527

The CVE-2022-31527 issue affects the Wildog/flask-file-server project up to 2020-02-20, where unsafe use of Flask's send_file allows absolute path traversal. This can enable an attacker to view arbitrary files or directories on the host. Public sources assign CVSS scores (e.g., 6.4/3.1 9.3), but ...