CVE-2022-31542
CVE-2022-31542 affects the mandoku/mdweb repository (pre-2015-05-07) where an unsafe use of Flask's send_file enables absolute path traversal. The issue is confirmed across multiple connected sources (NVD, Red Hat, CVE lists, CNNVD) describing the root cause as improper handling of file paths in ...