CVE-2022-31567

CVE-2022-31567 affects the DSABenchmark/DSAB repository (versions up to 2.1). The root cause is unsafe use of Flask send_file, enabling absolute path traversal. Documented impact indicates potential partial confidentiality and low- to high-impact conditions (per CVSS metrics: CVSSv2 base score 6....

CVE-2022-31566

CVE-2022-31566 : The DSAB-local/DSAB repository (up to 2019-02-18) suffers an absolute path traversal due to unsafe usage of Flask send_file, enabling access to arbitrary files on the file system. The vulnerability is reflected across multiple feeds (NVD, Red Hat, CNVD, CVE lists) with impact des...