VYPR
Critical severity9.3NVD Advisory· Published Jul 11, 2022· Updated Jun 17, 2026

CVE-2022-31579

CVE-2022-31579

Description

The ralphjzhang/iasset repository through 2022-05-04 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.