Orchest · Orchest · CVE-2022-31503
**Name of the Vulnerable Software and Affected Versions**
orchest/orchest versions prior to 2022.05.0
**Description**
The issue allows absolute path traversal due to the unsafe use of the Flask send file function.
**Recommendations**
For versions prior to 2022.05.0, update to version 2022.05.0 or later to resolve the issue.