Unrated severityNVD Advisory· Published Jul 11, 2022· Updated Aug 3, 2024
CVE-2022-31503
CVE-2022-31503
Description
The orchest/orchest repository before 2022.05.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Affected products
2Patches
Vulnerability mechanics
References
3- github.com/github/securitylab/issues/669mitrex_refsource_MISC
- github.com/orchest/orchest/pull/913mitrex_refsource_MISC
- github.com/orchest/orchest/releases/tag/v2022.05.0mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.