CVE-2022-31547
The CVE-2022-31547 entry concerns the noamezekiel/sphere repository (up to 2020-05-31) where Flask’s send_file is used unsafely, enabling absolute path traversal. Red Hat and other feeds corroborate the flaw in sphere, with vulnerability described as an absolute path traversal due to unsafe send_...