Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31520 Path Traversal vulnerability in Logstash-Management-Api Project Logstash-Management-Api
The Luxas98/logstash-management-api repository through 2020-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
logstash-management-api-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31521 Path Traversal vulnerability in Mosaic Project Mosaic 1.0.0
The Niyaz-Mohamed/mosaic repository through 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
mosaic-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31522 Path Traversal vulnerability in Karaokey Project Karaokey
The NotVinay/karaokey repository through 2019-12-11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
karaokey-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31523 Path Traversal vulnerability in Paddlepaddle Anakin 0.1.0/0.1.1
The PaddlePaddle/Anakin repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
paddlepaddle CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31524 Path Traversal vulnerability in Purestorage Pure Swagger
The PureStorage-OpenConnect/swagger repository through 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
purestorage CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31525 Path Traversal vulnerability in Deep Learning Studio Project Deep Learning Studio 0.1.0
The SummaLabs/DLS repository through 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
deep-learning-studio-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31526 Path Traversal vulnerability in Thunderatz Thunderdocs 20200501
The ThundeRatz/ThunderDocs repository through 2020-05-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
thunderatz CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31527 Path Traversal vulnerability in Flask-File-Server Project Flask-File-Server
The Wildog/flask-file-server repository through 2020-02-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
flask-file-server-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31528 Path Traversal vulnerability in Bonn Activity Maps Annotation Tool Project Bonn Activity Maps Annotation Tool
The bonn-activity-maps/bam_annotation_tool repository through 2021-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
bonn-activity-maps-annotation-tool-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31529 Path Traversal vulnerability in Monorepo Project Monorepo
The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
monorepo-project CWE-22
critical
 9.3
9.3