Lucene search
K

40 matches found

OSV
OSV
added 2026/06/03 7:11 p.m.4 views

ROOT-APP-PYPI-CVE-2024-34069 CVE-2024-34069 in rootio-Werkzeug - Patched by Root

Root has patched CVE-2024-34069 in the rootio-Werkzeug package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.4AI score0.03397EPSS
Exploits0
OSV
OSV
added 2025/08/15 12:39 p.m.3 views

OESA-2025-1998 python-werkzeug security update

A comprehensive WSGI web application library Security Fixes: Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal...

8CVSS7.4AI score0.03397EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/29 8:55 p.m.6 views

Security Bulletin: IBM Storage Ceph is vulnerable to CSRF in Werkzeug (CVE-2024-34069)

Summary Werkzeug is used by IBM Storage Ceph for the Web Server Interface. CVE-2024-34069 This bulletin identifies the steps to take to address the vulnerability in IBM Storage Ceph. Vulnerability Details CVEID:CVE-2024-34069 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library...

7.5CVSS7.2AI score0.03397EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/07/25 12:0 a.m.6 views

NewStart CGSL MAIN 7.02 : python-werkzeug Vulnerability (NS-SA-2025-0136)

The remote NewStart CGSL host, running version MAIN 7.02, has python-werkzeug packages installed that are affected by a vulnerability: - Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's...

7.5CVSS6.9AI score0.03397EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/06/16 6:58 p.m.13 views

Security Bulletin: IBM Cloud Pak for Data is vulnerable to to Cross-Site Request Forgery (CSRF) due to insecure debugger access in Werkzeug ( CVE-2024-34069)

Summary Potential vulnerabilities in Werkzeug has been identified that may affect IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2024-34069 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. The debugger in affected version...

7.5CVSS7.4AI score0.03397EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2025/02/24 12:0 a.m.9 views

Debian: Security Advisory (DLA-4062-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.03397EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/10 1:2 p.m.12 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to Werkzeug-2.3.4-py3-none-any.whl CVE-2023-46136

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to Werkzeug-2.3.4-py3-none-any.whl CVE-2023-46136. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-46136 DESCRIPTION: Pallets Werkzeug is vulnerable to a denial o...

8CVSS8.4AI score0.03397EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/12/02 12:0 a.m.11 views

RHEL 8 : Red Hat OpenStack Platform 16.2 (python-werkzeug) (RHSA-2024:10696)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:10696 advisory. Werkzeug is a WSGI utility module. It includes a debugger, request and response objects, HTTP utilities to handle entity tags, cache control headers...

7.5CVSS7AI score0.03397EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/25 12:0 a.m.11 views

RHEL 8 : RHOSP 17.1.4 (python-werkzeug) (RHSA-2024:9975)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9975 advisory. Werkzeug is a WSGI utility module. It includes a debugger, request and response objects, HTTP utilities to handle entity tags, cache control headers,...

7.5CVSS7AI score0.03397EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/11/25 12:0 a.m.11 views

RHEL 9 : RHOSP 17.1.4 (python-werkzeug) (RHSA-2024:9976)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:9976 advisory. Werkzeug is a WSGI utility module. It includes a debugger, request and response objects, HTTP utilities to handle entity tags, cache control headers,...

7.5CVSS7AI score0.03397EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/11/21 9:29 a.m.27 views

Important: Red Hat Security Advisory: RHOSP 17.1.4 (python-werkzeug) security update

An update for python-werkzeug is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS6.8AI score0.03397EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/11/21 9:28 a.m.24 views

Important: Red Hat Security Advisory: RHOSP 17.1.4 (python-werkzeug) security update

An update for python-werkzeug is now available for Red Hat OpenStack Platform RHOSP 17.1 Wallaby. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available fo...

7.5CVSS6.8AI score0.03397EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2024/09/05 6:33 a.m.32 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.15.30 packages and security update

Red Hat OpenShift Container Platform release 4.15.30 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.15. Red Hat Product Security has rated this update as having a...

7.5CVSS6.8AI score0.03397EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/09/05 12:0 a.m.23 views

RHEL 9 : OpenShift Container Platform 4.15.30 (RHSA-2024:6016)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:6016 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud...

7.5CVSS7AI score0.03397EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/08/29 12:0 a.m.30 views

RHEL 8 / 9 : OpenShift Container Platform 4.12.64 (RHSA-2024:5810)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5810 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

7.5CVSS7.2AI score0.03397EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2024/08/13 9:55 a.m.27 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.16.7 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.7 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

7.5CVSS6.9AI score0.03397EPSS
Exploits0References28
IBM Security Bulletins
IBM Security Bulletins
added 2024/08/01 4:19 p.m.26 views

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution, in Pallets Werkzeug [CVE-2024-34069]

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to an arbitrary code execution, in Pallets Werkzeug, caused by improper usage of a pathname and improper CSRF protection in the debuggerCVE-2024-34069. Pallets Werkzeug is used by our Speech Service runtimes. Th...

7.5CVSS7.7AI score0.03397EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/07/22 12:0 a.m.20 views

Amazon Linux 2023 : python3-werkzeug (ALAS2023-2024-662)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-662 advisory. Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This...

7.5CVSS6.8AI score0.03397EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/07/03 12:0 a.m.25 views

CBL Mariner 2.0 Security Update: python-werkzeug (CVE-2024-34069)

The version of python-werkzeug installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-34069 advisory. - Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of...

7.5CVSS6.8AI score0.03397EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/28 3:16 p.m.25 views

Security Bulletin: Vulnerability in Pallets Werkzeug affects IBM Process Mining CVE-2024-34069

Summary There is a vulnerability in Pallets Werkzeug that could allow an attacker to gain elevated privileges on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details CVEID:CVE-2024-34069...

7.5CVSS8.2AI score0.03397EPSS
Exploits0Affected Software1
Rows per page
Query Builder