← All advisories

Unrated severityNVD Advisory· Published Jul 11, 2022· Updated Aug 3, 2024

CVE-2022-31584

CVE-2022-31584

Description

The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.

Affected products

2

stonethree/s3labeldescription
stonethree/s3labelllm-create

Patches

Vulnerability mechanics

References

1

github.com/github/securitylab/issues/669mitrex_refsource_MISC

News mentions

0

No linked articles in our index yet.