The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository...
Critical severity
Unreviewed
Published
Jul 12, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Jul 11, 2022
Published to the GitHub Advisory Database
Jul 12, 2022
Last updated
Jan 27, 2023
The ChangeWeDer/BaiduWenkuSpider_flaskWeb repository before 2021-11-29 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.
References