CVE-2022-31557

The seveas/golem repository through 2016-05-17 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
References
Configurations

Configuration 1 (hide)

cpe:2.3:a:golem_project:golem:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-07-11 01:15

Updated : 2022-07-16 13:46


NVD link : CVE-2022-31557

Mitre link : CVE-2022-31557

CVE.ORG link : CVE-2022-31557


JSON object : View

Products Affected

golem_project

  • golem
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')