CVE-2022-31569

Опубликовано: 11 июл. 2022

Источник: nvd

Описание

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that no specific affected product had been identified. Notes: none

Связанные уязвимости

GHSA-g7h7-rg53-h2g9

CVSS3: 9.3

github

больше 3 лет назад

The RipudamanKaushikDal/projects repository through 2022-04-03 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.