The stonethree/s3label repository through 2019-08-14 on GitHub allows absolute path traversal because the Flask send_file function is used unsafely. (CVSS:6.4) (Last Update:2022-07-15)Latest security vulnerabilities (Directory Traversal) (CVSS score >= 4)