Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31513 Path Traversal vulnerability in Krypton Project Krypton
The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
krypton-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31514 Path Traversal vulnerability in FAN Platform Project FAN Platform
The Caoyongqi912/Fan_Platform repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
fan-platform-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31515 Path Traversal vulnerability in Carceresbe Project Carceresbe 1.0
The Delor4/CarceresBE repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
carceresbe-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31516 Path Traversal vulnerability in Harveyzyh Python Project Harveyzyh Python
The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
harveyzyh-python-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31517 Path Traversal vulnerability in Mercury Sample Manager Project Mercury Sample Manager 20210420
The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
mercury-sample-manager-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31518 Path Traversal vulnerability in Python-Recipe-Database Project Python-Recipe-Database
The JustAnotherSoftwareDeveloper/Python-Recipe-Database repository through 2021-03-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
python-recipe-database-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31519 Path Traversal vulnerability in Windmill Project Windmill 1.0
The Lukasavicus/WindMill repository through 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
windmill-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31520 Path Traversal vulnerability in Logstash-Management-Api Project Logstash-Management-Api
The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
logstash-management-api-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31521 Path Traversal vulnerability in Mosaic Project Mosaic 1.0.0
The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
mosaic-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31522 Path Traversal vulnerability in Karaokey Project Karaokey
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
karaokey-project CWE-22
critical
 9.3
9.3