CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

NVD•added 2022/07/11 1:15 a.m.•8 views

CVE-2022-31565

The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS0.00465EPSS

Exploits0References1

ATTACKERKB•added 2022/07/11 1:15 a.m.•1 views

CVE-2022-31565

The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.3AI score0.00465EPSS

Exploits0References2

OSV•added 2022/07/11 1:15 a.m.•1 views

CVE-2022-31565

The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

9.3CVSS5.8AI score

Exploits0References1

Prion•added 2022/07/11 1:15 a.m.•9 views

Path traversal

The yogson/syrabond repository through 2020-05-25 on GitHub allows absolute path traversal because the Flask sendfile function is used unsafely...

6.4CVSS9.3AI score0.00465EPSS

Exploits0References1Affected Software1

CVE•added 2022/07/11 1:0 a.m.•55 views

CVE-2022-31565

CVE-2022-31565 concerns absolute path traversal in the yogson/syrabond repository (up to 2020-05-25) caused by unsafe use of Flask’s send_file. Red Hat, NVD and CVE records corroborate the same issue across multiple feeds. The vulnerability stems from how send_file is invoked, enabling an attacke...

9.3CVSS9.2AI score0.00465EPSS

Exploits0References1Affected Software1