Vulnerabilities > Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31551 Path Traversal vulnerability in Flask-Mongo-Skel Project Flask-Mongo-Skel 20121101
The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
flask-mongo-skel-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31552 Path Traversal vulnerability in Anuvaad-Corpus Project Anuvaad-Corpus 20201123
The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
anuvaad-corpus-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31553 Path Traversal vulnerability in Sleep Learner Project Sleep Learner 20210221
The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
sleep-learner-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31554 Path Traversal vulnerability in Movie-Review-Sentiment-Analysis Project Movie-Review-Sentiment-Analysis 20170507
The rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
movie-review-sentiment-analysis-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31555 Path Traversal vulnerability in Nurse Quest Project Nurse Quest 20180222
The romain20100/nursequest repository through 2018-02-22 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
nurse-quest-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31556 Path Traversal vulnerability in Trainenergyserver Project Trainenergyserver 20170803
The rusyasoft/TrainEnergyServer repository through 2017-08-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
trainenergyserver-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31557 Path Traversal vulnerability in Golem Project Golem 20160517
The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
golem-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31558 Path Traversal vulnerability in Shiva-Server Project Shiva-Server
The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
shiva-server-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31559 Path Traversal vulnerability in Flask-Yeoman Project Flask-Yeoman 20130913
The tsileo/flask-yeoman repository through 2013-09-13 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
flask-yeoman-project CWE-22
critical
 9.3
9.3
2022-07-11 CVE-2022-31560 Path Traversal vulnerability in Photo TAG Project Photo TAG 20200831
The uncleYiba/photo_tag repository through 2020-08-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
photo-tag-project CWE-22
critical
 9.3
9.3