Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flask vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31544
The meerstein/rbtm repository up to and including 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Xtomo Robo-tom
9.3
CVSSv3
CVE-2022-31545
The ml-inory/ModelConverter repository through 2021-04-26 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Modelconverter Project Modelconverter
9.3
CVSSv3
CVE-2022-31546
The nlpweb/glance repository through 2014-06-27 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Glance Project Glance
9.3
CVSSv3
CVE-2022-31547
The noamezekiel/sphere repository through 2020-05-31 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Sphere Project Sphere
9.3
CVSSv3
CVE-2022-31548
The nrlakin/homepage repository through 2017-03-06 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Homepage Project Homepage
9.3
CVSSv3
CVE-2022-31549
The olmax99/helm-flask-celery repository prior to 2022-05-25 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Helm-flask-celery Project Helm-flask-celery
9.3
CVSSv3
CVE-2022-31550
The olmax99/pyathenastack repository through 2019-11-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Python Athena Stack Project Python Athena Stack
9.3
CVSSv3
CVE-2022-31551
The pleomax00/flask-mongo-skel repository through 2012-11-01 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Flask-mongo-skel Project Flask-mongo-skel
9.3
CVSSv3
CVE-2022-31552
The project-anuvaad/anuvaad-corpus repository through 2020-11-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Anuvaad-corpus Project Anuvaad-corpus
9.3
CVSSv3
CVE-2022-31553
The rainsoupah/sleep-learner repository through 2021-02-21 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Sleep Learner Project Sleep Learner
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »