Lucene search
K

26 matches found

OSV
OSV
added 2026/06/03 7:11 p.m.3 views

ROOT-APP-PYPI-CVE-2024-49767 CVE-2024-49767 in rootio-Werkzeug - Patched by Root

Root has patched CVE-2024-49767 in the rootio-Werkzeug package for Root:PyPI. Multiple fixed versions available...

7.5CVSS7.6AI score0.01093EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 10:8 a.m.3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities due to Werkzeug

Summary Werkzeug is used by IBM Cloud Pak for Data System 1.0 as a WSGI web application library. Multiple vulnerabilities affect Werkzeug. CVE-2024-49767 involves a resource exhaustion vulnerability in the multipart/form-data parser where a specifically crafted form submission can cause the parse...

7.5CVSS7.2AI score0.01093EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/29 8:50 p.m.6 views

Security Bulletin: IBM Storage Ceph is vulnerable to Path Traversal and Uncontrolled Resource Consumption in Werkzeug (CVE-2024-49766, CVE-2024-49767)

Summary Werkzeug is used by IBM Storage Ceph for the Web Server Gateway Interface. CVE-2024-49766 CVE-2024-49767This bulletin identifies the steps to take to address the vulnerability in IBM Storage Ceph. Vulnerability Details CVEID:CVE-2024-49766 DESCRIPTION: Werkzeug is a Web Server Gateway...

7.5CVSS6.7AI score0.01093EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 4: python-werkzeug (TSSA-2024:1125)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:1125 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.5CVSS7AI score0.01093EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/15 2:50 a.m.47 views

Security Bulletin: Denial of service, directory traversal, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, directory traversal, and others. The vulnerabilities have been addressed. CVE-2024-49767, CVE-2024-49766, CVE-2024-39614, CVE-2024-38875, CVE-2024-41989, CVE-2024-41990, CVE-2024-41991, CVE-2024-47119,...

9.1CVSS8.9AI score0.28637EPSS
Exploits7Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/06 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2024-49767

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Werkzeug is a Web Server Gateway Interface web application library. Applications using werkzeug.formparser.MultiPartParser corresponding to a version of Werkzeu...

7.5CVSS6.7AI score0.01093EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/27 3:31 a.m.18 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component is vulnerable to werkzeug-3.0.4-py3-none-any.whl CVE-2024-49766

Summary IBM Maximo Application Suite - Monitor Component is vulnerable to werkzeug-3.0.4-py3-none-any.whl CVE-2024-49766. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2024-49766 DESCRIPTION: Werkzeug is a Web Server Gateway Interface w...

7.5CVSS7.3AI score0.01093EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/02/10 12:0 a.m.14 views

Azure Linux 3.0 Security Update: python-werkzeug (CVE-2024-49767)

The version of python-werkzeug installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49767 advisory. - Werkzeug is a Web Server Gateway Interface web application library. Applications using...

7.5CVSS6.9AI score0.01093EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2025/02/05 9:48 a.m.29 views

Security Bulletin: IBM Maximo Application Suite uses werkzeug-3.0.4-py3-none-any.whl, cookie-0.4.1.tgz and cross-spawn-7.0.3.tgz which is vulnerable to CVE-2024-49767, CVE-2024-49766, CVE-2024-47764 and CVE-2024-21538

Summary IBM Maximo Application Suite uses werkzeug-3.0.4-py3-none-any.whl, cookie-0.4.1.tgz and cross-spawn-7.0.3.tgz which is vulnerable to CVE-2024-49767, CVE-2024-49766, CVE-2024-47764 and CVE-2024-21538. This bulletin contains information regarding the vulnerability and its fixture...

8.7CVSS6.8AI score0.01093EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.22 views

Security Bulletin: IBM Maximo Application Suite - AI Broker Component component uses werkzeug-3.0.3-py3-none-any.whl which is vulnerable to this CVE-2024-49766 and CVE-2024-49767

Summary Security Bulletin: IBM Maximo Application Suite - AI Broker Component component uses werkzeug-3.0.3-py3-none-any.whl which is vulnerable to this CVE-2024-49766 and CVE-2024-49767. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

7.5CVSS7.2AI score0.01093EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.19 views

Security Bulletin: IBM Maximo Application Suite - Predict Component component uses werkzeug-3.0.4-py3-none-any.whl which is vulnerable to this CVE-2024-49767 and CVE-2024-49766

Summary Security Bulletin: IBM Maximo Application Suite - Predict Component component uses werkzeug-3.0.4-py3-none-any.whl which is vulnerable to this CVE-2024-49767 and CVE-2024-49766. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details...

7.5CVSS7.2AI score0.01093EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/12/13 12:0 a.m.21 views

CBL Mariner 2.0 Security Update: python-werkzeug (CVE-2024-49767)

The version of python-werkzeug installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49767 advisory. - Werkzeug is a Web Server Gateway Interface web application library. Applications using...

7.5CVSS6.9AI score0.01093EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2024/12/11 7:24 a.m.12 views

CVE-2024-49767 affecting package python-werkzeug for versions less than 2.3.7-3

CVE-2024-49767 affecting package python-werkzeug for versions less than 2.3.7-3. A patched version of the package is available...

7.5CVSS6.6AI score0.01093EPSS
Exploits0
CBLMariner
CBLMariner
added 2024/12/06 3:52 p.m.13 views

CVE-2024-49767 affecting package python-werkzeug for versions less than 3.0.3-2

CVE-2024-49767 affecting package python-werkzeug for versions less than 3.0.3-2. A patched version of the package is available...

7.5CVSS6.6AI score0.01093EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/12/04 9:59 p.m.19 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Werkzeug

Summary Multiple vulnerabilities in Werkzeug used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2024-49766 DESCRIPTION: Werkzeug is a Web Server Gateway Interface web application library. On Python = 3.11, or not using Windows, are not vulnerable. Werkzeug versi...

7.5CVSS6.4AI score0.01093EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2024/10/31 12:0 a.m.11 views

openSUSE Security Advisory (SUSE-SU-2024:3810-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7AI score0.01093EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/10/31 12:0 a.m.17 views

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Werkzeug (SUSE-SU-2024:3810-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:3810-1 advisory. - CVE-2024-49767: Fixed possible resource exhaustion when parsing file data in forms bsc1232449. Tenable...

7.5CVSS6.9AI score0.01093EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2024/10/30 3:33 p.m.0 views

Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: CVE-2024-49767: Fixed possible resource exhaustion when parsing file data in forms bsc1232449. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

6.9CVSS7.3AI score0.01093EPSS
Exploits0References4
OSV
OSV
added 2024/10/30 3:33 p.m.9 views

SUSE-SU-2024:3810-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: - CVE-2024-49767: Fixed possible resource exhaustion when parsing file data in forms bsc1232449...

7.5CVSS6.2AI score0.01093EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/10/29 4:17 a.m.3 views

SUSE CVE-2024-49767

Werkzeug is a Web Server Gateway Interface web application library. Applications using werkzeug.formparser.MultiPartParser corresponding to a version of Werkzeug prior to 3.0.6 to parse multipart/form-data requests e.g. all flask applications are vulnerable to a relatively simple but effective...

5.3CVSS9.6AI score0.01093EPSS
Exploits0References5
Rows per page
Query Builder