Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flask vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv3
CVE-2022-31505
The cheo0/MercadoEnLineaBack repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Mercadoenlineaback Project Mercadoenlineaback
9.3
CVSSv3
CVE-2022-31508
The idayrus/evoting repository prior to 2022-05-08 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Idayrus E-voting
9.3
CVSSv3
CVE-2022-31509
The iedadata/usap-dc-website repository up to and including 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Iedadata Usap-dc Web Submission And Dataset Search
9.3
CVSSv3
CVE-2022-31511
The AFDudley/equanimity repository through 2014-04-23 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Equanimity Project Equanimity
9.3
CVSSv3
CVE-2022-31513
The BolunHan/Krypton repository through 2021-06-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Krypton Project Krypton
9.3
CVSSv3
CVE-2022-31516
The Harveyzyh/Python repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Harveyzyh Python Project Harveyzyh Python
9.3
CVSSv3
CVE-2022-31517
The HolgerGraef/MSM repository through 2021-04-20 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Mercury Sample Manager Project Mercury Sample Manager
9.3
CVSSv3
CVE-2022-31529
The cinemaproject/monorepo repository through 2021-03-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Monorepo Project Monorepo
9.3
CVSSv3
CVE-2022-31532
The dankolbman/travel_blahg repository through 2016-01-16 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Travel Blahg Project Travel Blahg
9.3
CVSSv3
CVE-2022-31535
The freefood89/Fishtank repository through 2015-06-24 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Fishtank Project Fishtank
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »