Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flask vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31521
The Niyaz-Mohamed/mosaic repository up to and including 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Mosaic Project Mosaic 1.0.0
9.3
CVSSv3
CVE-2022-31524
The PureStorage-OpenConnect/swagger repository up to and including 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Purestorage Pure Swagger
9.3
CVSSv3
CVE-2022-31530
The csm-aut/csm repository up to and including 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Csm Server Project Csm Server
9.3
CVSSv3
CVE-2022-31558
The tooxie/shiva-server repository up to and including 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Shiva-server Project Shiva-server
9.3
CVSSv3
CVE-2022-31573
The chainer/chainerrl-visualizer repository up to and including 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Chainer Chainerrl-visualizer
9.3
CVSSv3
CVE-2022-31501
The ChaoticOnyx/OnyxForum repository prior to 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Onyxforum Project Onyxforum
9.3
CVSSv3
CVE-2022-31504
The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository prior to 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Baiduwenkuspider Flaskweb Project Baiduwenkuspider Flaskweb
9.3
CVSSv3
CVE-2022-31505
The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Mercadoenlineaback Project Mercadoenlineaback
9.3
CVSSv3
CVE-2022-31508
The idayrus/evoting repository prior to 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Idayrus E-voting
9.3
CVSSv3
CVE-2022-31509
The iedadata/usap-dc-website repository up to and including 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Iedadata Usap-dc Web Submission And Dataset Search
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2018-25103
CVE-2024-36279
CVE-2024-38457
elevation of privilege
CVE-2024-27801
CVE-2024-30103
NULL pointer dereference
CVE-2024-6057
XML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »