Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flask vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2022-31523
The PaddlePaddle/Anakin repository up to and including 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Paddlepaddle Anakin
6.4
CVSSv2
CVE-2022-31531
The dainst/cilantro repository up to and including 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Dainst Cilantro
6.4
CVSSv2
CVE-2022-31539
The kotekan/kotekan repository up to and including 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Kotekan Project Kotekan
6.4
CVSSv2
CVE-2022-31543
The maxtortime/SetupBox repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Setupbox Project Setupbox
6.4
CVSSv2
CVE-2022-31544
The meerstein/rbtm repository up to and including 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Xtomo Robo-tom
6.4
CVSSv2
CVE-2022-31567
The DSABenchmark/DSAB repository up to and including 2.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Data Stream Algorithm Benchmark Project Data Stream Algorithm Benchmark
6.4
CVSSv2
CVE-2022-31502
The operatorequals/wormnest repository up to and including 0.4.7 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Wormnest Project Wormnest
6.4
CVSSv2
CVE-2022-31525
The SummaLabs/DLS repository up to and including 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Deep Learning Studio Project Deep Learning Studio 0.1.0
6.5
CVSSv2
CVE-2022-25510
FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows malicious users to create crafted cookies to bypass authentication or escalate privileges.
Freetakserver-ui Project Freetakserver-ui 1.9.8
6.4
CVSSv2
CVE-2022-31507
The ganga-devs/ganga repository prior to 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Ganga Project Ganga
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »