CVE-2022-31561
CVE-2022-31561 affects the Sphere_ImageBackend project (varijkapil13) and is due to unsafe use of Flask’s send_file, enabling absolute path traversal. Reported for versions up to 2019-10-03. This vulnerability can allow unauthorized access to files outside the intended directory. Documented CVSS ...