Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flask vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31519
The Lukasavicus/WindMill repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Windmill Project Windmill 1.0
9.3
CVSSv3
CVE-2022-31523
The PaddlePaddle/Anakin repository up to and including 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Paddlepaddle Anakin
9.3
CVSSv3
CVE-2022-31525
The SummaLabs/DLS repository up to and including 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Deep Learning Studio Project Deep Learning Studio 0.1.0
9.3
CVSSv3
CVE-2022-31539
The kotekan/kotekan repository up to and including 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Kotekan Project Kotekan
9.3
CVSSv3
CVE-2022-31543
The maxtortime/SetupBox repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Setupbox Project Setupbox
9.3
CVSSv3
CVE-2022-31544
The meerstein/rbtm repository up to and including 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Xtomo Robo-tom
9.3
CVSSv3
CVE-2022-31567
The DSABenchmark/DSAB repository up to and including 2.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Data Stream Algorithm Benchmark Project Data Stream Algorithm Benchmark
9.3
CVSSv3
CVE-2022-31531
The dainst/cilantro repository up to and including 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Dainst Cilantro
8.8
CVSSv3
CVE-2022-25510
FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows malicious users to create crafted cookies to bypass authentication or escalate privileges.
Freetakserver-ui Project Freetakserver-ui 1.9.8
9.3
CVSSv3
CVE-2022-31507
The ganga-devs/ganga repository prior to 8.5.10 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Ganga Project Ganga
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »