CVE-2022-31519

The CVE-2022-31519 entry concerns the WindMill project by Lukasavicus (up to version 1.0 and earlier) where an unsafe use of Flask’s send_file enables absolute path traversal. Affected component: Flask-based file delivery in WindMill, leading to potential access to arbitrary files via path traver...