Description
Path Traversal due to `send_file` call in GitHub repository clinical-genomics/scout prior to 4.52.
References (2)
Core 2
Core References
Exploit, Patch, Third Party Advisory x_refsource_confirm
https://huntr.dev/bounties/7acac778-5ba4-4f02-99e2-e4e17a81e600
Patch, Third Party Advisory x_refsource_misc
https://github.com/clinical-genomics/scout/commit/952a2e2319af2d95d22b017a561730feac086ff1
Scores
CVSS v3
7.5
EPSS
0.0127
EPSS Percentile
65.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-22
CWE-36
Status
published
Products (2)
clinical-genomics/scout
< 4.52
pypi/scout-browser
0 - 4.52PyPI
Published
May 03, 2022
Tracked Since
Feb 18, 2026