Vulnerabilities > Iedadata

DATE CVE VULNERABILITY TITLE RISK
2022-07-11 CVE-2022-31509 Path Traversal vulnerability in Iedadata Usap-Dc web Submission and Dataset Search 1.0/1.0.0/1.0.1
The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
network
low complexity
iedadata CWE-22
critical
9.3