) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CVSS Version: 3
- CVSS V3 Severity: Critical (9-10)
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2022-31533 |
The decentraminds/umbral repository through 2020-01-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31532 |
The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31531 |
The dainst/cilantro repository through 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31530 |
The csm-aut/csm repository through 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31529 |
The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31528 |
The bonn-activity-maps/bam_annotation_tool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31527 |
The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31526 |
The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31525 |
The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:09 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31524 |
The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31523 |
The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31522 |
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31521 |
The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31520 |
The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31519 |
The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31518 |
The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31517 |
The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31516 |
The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31515 |
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |
| CVE-2022-31514 |
The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. Published: July 10, 2022; 9:15:08 PM -0400 |
V4.0:(not available) V3.1: 9.3 CRITICAL V2.0: 6.4 MEDIUM |