CVE-2022-31553
CVE-2022-31553 affects the rainsoupah/sleep-learner repository (up to 2021-02-21). The vulnerability is caused by unsafe use of Flask's send_file, enabling absolute path traversal. NVD lists CVSSv2 base 6.4 (MEDIUM) and CVSSv3.1 base 9.3 (CRITICAL); impact includes partial confidentiality and ava...