CVE-2022-31583

Name of the Vulnerable Software and Affected Versions sravaniboinepelli/AutomatedQuizEval repository through 2020-04-27

Description The issue allows absolute path traversal due to the unsafe use of the Flask send file function. This enables potential access to sensitive files outside the intended directory.

Recommendations For versions through 2020-04-27, consider restricting access to the send file function until a safer implementation is available. As a temporary workaround, review and limit the use of absolute paths in file operations to minimize potential traversal risks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.