40 matches found
ROOT-APP-PYPI-CVE-2024-34069 CVE-2024-34069 in rootio-Werkzeug - Patched by Root
Root has patched CVE-2024-34069 in the rootio-Werkzeug package for Root:PyPI. Multiple fixed versions available...
OESA-2025-1998 python-werkzeug security update
A comprehensive WSGI web application library Security Fixes: Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal...
Security Bulletin: IBM Storage Ceph is vulnerable to CSRF in Werkzeug (CVE-2024-34069)
Summary Werkzeug is used by IBM Storage Ceph for the Web Server Interface. CVE-2024-34069 This bulletin identifies the steps to take to address the vulnerability in IBM Storage Ceph. Vulnerability Details CVEID:CVE-2024-34069 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library...
NewStart CGSL MAIN 7.02 : python-werkzeug Vulnerability (NS-SA-2025-0136)
The remote NewStart CGSL host, running version MAIN 7.02, has python-werkzeug packages installed that are affected by a vulnerability: - Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's...
Security Bulletin: IBM Cloud Pak for Data is vulnerable to to Cross-Site Request Forgery (CSRF) due to insecure debugger access in Werkzeug ( CVE-2024-34069)
Summary Potential vulnerabilities in Werkzeug has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-34069 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. The debugger in affected version...
Debian: Security Advisory (DLA-4062-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Werkzeug-2.3.4-py3-none-any.whl CVE-2023-46136
Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Werkzeug-2.3.4-py3-none-any.whl CVE-2023-46136. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-46136 DESCRIPTION: Pallets Werkzeug is vulnerable to a denial o...
RHEL 8 : Red Hat OpenStack Platform 16.2 (python-werkzeug) (RHSA-2024:10696)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:10696 advisory. Werkzeug is a WSGI utility module. It includes a debugger, request and response objects, HTTP utilities to handle entity tags, cache control headers...
RHEL 8 : RHOSP 17.1.4 (python-werkzeug) (RHSA-2024:9975)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9975 advisory. Werkzeug is a WSGI utility module. It includes a debugger, request and response objects, HTTP utilities to handle entity tags, cache control headers,...
RHEL 9 : RHOSP 17.1.4 (python-werkzeug) (RHSA-2024:9976)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9976 advisory. Werkzeug is a WSGI utility module. It includes a debugger, request and response objects, HTTP utilities to handle entity tags, cache control headers,...
Important: Red Hat Security Advisory: RHOSP 17.1.4 (python-werkzeug) security update
An update for python-werkzeug is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Important: Red Hat Security Advisory: RHOSP 17.1.4 (python-werkzeug) security update
An update for python-werkzeug is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.30 packages and security update
Red Hat OpenShift Container Platform release 4.15.30 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...
RHEL 9 : OpenShift Container Platform 4.15.30 (RHSA-2024:6016)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:6016 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...
RHEL 8 / 9 : OpenShift Container Platform 4.12.64 (RHSA-2024:5810)
The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5810 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...
Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.7 bug fix and security update
Red Hat OpenShift Container Platform release 4.16.7 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...
Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution, in Pallets Werkzeug [CVE-2024-34069]
Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution, in Pallets Werkzeug, caused by improper usage of a pathname and improper CSRF protection in the debuggerCVE-2024-34069. Pallets Werkzeug is used by our Speech Service runtimes. Th...
Amazon Linux 2023 : python3-werkzeug (ALAS2023-2024-662)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-662 advisory. Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This...
CBL Mariner 2.0 Security Update: python-werkzeug (CVE-2024-34069)
The version of python-werkzeug installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-34069 advisory. - Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of...
Security Bulletin: Vulnerability in Pallets Werkzeug affects IBM Process Mining CVE-2024-34069
Summary There is a vulnerability in Pallets Werkzeug that could allow an attacker to gain elevated privileges on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-34069...