Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31533 Path Traversal vulnerability in Umbral Project Umbral 20200115
The decentraminds/umbral repository through 2020-01-15 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
umbral-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31534 Path Traversal vulnerability in Pythonweb Project Pythonweb 20181031
The echoleegroup/PythonWeb repository through 2018-10-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
pythonweb-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31535 Path Traversal vulnerability in Fishtank Project Fishtank 20150624
The freefood89/Fishtank repository through 2015-06-24 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
fishtank-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31536 Path Traversal vulnerability in Ytdl-Sync Project Ytdl-Sync 20210102
The jaygarza1982/ytdl-sync repository through 2021-01-02 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
ytdl-sync-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31537 Path Traversal vulnerability in Solar-System-Simulator Project Solar-System-Simulator 20210726
The jmcginty15/Solar-system-simulator repository through 2021-07-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
solar-system-simulator-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31538 Path Traversal vulnerability in Mp-M08-Interface Project Mp-M08-Interface 20201210
The joaopedro-fg/mp-m08-interface repository through 2020-12-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
mp-m08-interface-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31539 Path Traversal vulnerability in Kotekan Project Kotekan
The kotekan/kotekan repository through 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
kotekan-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31540 Path Traversal vulnerability in Hin-Eng-Preprocessing Project Hin-Eng-Preprocessing 20190716
The kumardeepak/hin-eng-preprocessing repository through 2019-07-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
hin-eng-preprocessing-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31541 Path Traversal vulnerability in Barry Voice Assistant Project Barry Voice Assistant 20210118
The lyubolp/Barry-Voice-Assistant repository through 2021-01-18 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
barry-voice-assistant-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31542 Path Traversal vulnerability in Mdweb Project Mdweb 20150507
The mandoku/mdweb repository through 2015-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
mdweb-project CWE-22
critical
 9.3
9.3