Unrated severityNVD Advisory· Published Jul 11, 2022· Updated Aug 3, 2024
CVE-2022-31509
CVE-2022-31509
Description
The iedadata/usap-dc-website repository through 1.0.1 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
Affected products
2- iedadata/usap-dc-websitedescription
- Range: <=1.0.1
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- github.com/github/securitylab/issues/669mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.