CVE-2022-31554

Name of the Vulnerable Software and Affected Versions rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07

Description The issue allows absolute path traversal due to the unsafe use of the Flask send file function. This enables potential access to sensitive files outside the intended directory.

Recommendations For the rohitnayak/movie-review-sentiment-analysis repository through 2017-05-07, consider restricting the use of the send file function to prevent absolute path traversal until a proper fix is applied. As a temporary workaround, ensure that only intended files are accessible through this function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.