CVE-2022-31508
CVE-2022-31508 affects the idayrus/evoting repository prior to 2022-05-08. The vulnerability arises from unsafe use of Flask’s send_file, enabling absolute path traversal that could allow access to arbitrary files/directories on the file system. NVD CVSSv3.1 base score 9.3 (CRITICAL) with network...