Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
flask vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2022-31519
The Lukasavicus/WindMill repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Windmill Project Windmill 1.0
570
VMScore
CVE-2022-31523
The PaddlePaddle/Anakin repository up to and including 0.1.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Paddlepaddle Anakin
570
VMScore
CVE-2022-31525
The SummaLabs/DLS repository up to and including 0.1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Deep Learning Studio Project Deep Learning Studio 0.1.0
570
VMScore
CVE-2022-31531
The dainst/cilantro repository up to and including 0.0.4 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Dainst Cilantro
570
VMScore
CVE-2022-31539
The kotekan/kotekan repository up to and including 2021.11 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Kotekan Project Kotekan
570
VMScore
CVE-2022-31543
The maxtortime/SetupBox repository up to and including 1.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Setupbox Project Setupbox
570
VMScore
CVE-2022-31544
The meerstein/rbtm repository up to and including 1.5 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Xtomo Robo-tom
570
VMScore
CVE-2022-31567
The DSABenchmark/DSAB repository up to and including 2.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Data Stream Algorithm Benchmark Project Data Stream Algorithm Benchmark
578
VMScore
CVE-2022-25510
FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows malicious users to create crafted cookies to bypass authentication or escalate privileges.
Freetakserver-ui Project Freetakserver-ui 1.9.8
570
VMScore
CVE-2022-31521
The Niyaz-Mohamed/mosaic repository up to and including 1.0.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Mosaic Project Mosaic 1.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »