Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31571 Path Traversal vulnerability in Python-Flask-Restful-Api Project Python-Flask-Restful-Api 20190916
The akashtalole/python-flask-restful-api repository through 2019-09-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
python-flask-restful-api-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31572 Path Traversal vulnerability in Cockybook Project Cockybook 20150416
The ceee-vip/cockybook repository through 2015-04-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
cockybook-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31573 Path Traversal vulnerability in Chainer Chainerrl-Visualizer 0.1.1
The chainer/chainerrl-visualizer repository through 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
chainer CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31574 Path Traversal vulnerability in Realestate Project Realestate 20181130
The deepaliupadhyay/RealEstate repository through 2018-11-30 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
realestate-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31575 Path Traversal vulnerability in Livro Python Project Livro Python 20180606
The duducosmos/livro_python repository through 2018-06-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
livro-python-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31576 Path Traversal vulnerability in Shackerpanel Project Shackerpanel 20210525
The heidi-luong1109/shackerpanel repository through 2021-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
shackerpanel-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31577 Path Traversal vulnerability in Audio Aligner APP Project Audio Aligner APP 20200110
The longmaoteamtf/audio_aligner_app repository through 2020-01-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
audio-aligner-app-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31578 Path Traversal vulnerability in BT Lnmp Project BT Lnmp 20191010
The piaoyunsoft/bt_lnmp repository through 2019-10-10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
bt-lnmp-project CWE-22
7.5
7.5
2022-07-11 CVE-2022-31579 Path Traversal vulnerability in Iasset Project Iasset 20220504
The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
iasset-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31580 Path Traversal vulnerability in Caretakerr-Api Project Caretakerr-Api 20210517
The sanojtharindu/caretakerr-api repository through 2021-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
caretakerr-api-project CWE-22
critical
 9.3
9.3