Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flask vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2022-31521
The Niyaz-Mohamed/mosaic repository up to and including 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Mosaic Project Mosaic 1.0.0
570
VMScore
CVE-2022-31530
The csm-aut/csm repository up to and including 3.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Csm Server Project Csm Server
570
VMScore
CVE-2022-31558
The tooxie/shiva-server repository up to and including 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Shiva-server Project Shiva-server
570
VMScore
CVE-2022-31573
The chainer/chainerrl-visualizer repository up to and including 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Chainer Chainerrl-visualizer
570
VMScore
CVE-2022-31524
The PureStorage-OpenConnect/swagger repository up to and including 1.1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Purestorage Pure Swagger
570
VMScore
CVE-2022-31501
The ChaoticOnyx/OnyxForum repository prior to 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Onyxforum Project Onyxforum
570
VMScore
CVE-2022-31504
The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository prior to 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Baiduwenkuspider Flaskweb Project Baiduwenkuspider Flaskweb
570
VMScore
CVE-2022-31505
The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Mercadoenlineaback Project Mercadoenlineaback
570
VMScore
CVE-2022-31508
The idayrus/evoting repository prior to 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Idayrus E-voting
570
VMScore
CVE-2022-31509
The iedadata/usap-dc-website repository up to and including 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Iedadata Usap-dc Web Submission And Dataset Search
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »