CVE-2022-31545
The CVE-2022-31545 vulnerability affects the ml-inory/ModelConverter repository (up to 2021-04-26). It is caused by unsafe usage of Flask send_file, enabling absolute path traversal. The public description explicitly states this leads to path traversal in that repository.