Vulnerabilities (CVE)

Filtered by vendor Shiva-server Project Subscribe
Filtered by product Shiva-server
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-31558 1 Shiva-server Project 1 Shiva-server 2024-02-28 6.4 MEDIUM 9.3 CRITICAL
The tooxie/shiva-server repository through 0.10.0 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely.