Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 10:35 a.m.5 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by improper handling of Windows device names due to Werkzeug

Summary Werkzeug is used by IBM Cloud Pak for Data System 1.0 as a WSGI web application library. CVE-2025-66221 affects Werkzeug's handling of Windows device names, which could lead to improper resource handling and potential availability impact on Windows systems. This vulnerability relates to t...

6.3CVSS6.9AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/28 4:17 a.m.7 views

Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to improper name handling in Werkzeug [ CVE-2025-66221]

Summary IBM Watson Speech Services Cartridge is vulnerable to improper name handling in Werkzeug, caused by a reading issue with Werkzeug's safejoin function that allows path segments with special device names to hang indefinately CVE-2025-66221. Werkzeug is used in our service runtimes. This...

6.3CVSS5.9AI score0.00474EPSS
Exploits0Affected Software1
vulnersOsv
vulnersOsv
added 2026/02/19 8:32 p.m.6 views

abilian-sbe (>=1.1.0 <=1.1.12), acfx (>=0.3.1 <=0.3.7.dev2) +701 more potentially affected by CVE-2025-66221 +1 more via werkzeug (>=3.0.0 <=3.1.5)

werkzeug PYPI version =3.0.0, =1.1.0, =0.3.1, =4.11.0, =1.0.0, =0.1.3, =0.2.4.1, =0.0.1, =1.3.0, =0.1.0, =0.1.1, =0.5.7, =0.1.0, =0.4.0 and more Source cves: CVE-2025-66221, CVE-2026-27199 Source advisory: SNYK:PYTHON-WERKZEUG-15322677...

6.3CVSS5.8AI score0.00556EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/02 12:50 p.m.10 views

Security Bulletin: There is a vulnerability in werkzeug-3.1.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2025-66221)

Summary There is a vulnerability in werkzeug-3.1.3-py3-none-any.whl used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2025-66221 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin...

6.3CVSS5.3AI score0.00474EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/09 3:9 a.m.5 views

CVE-2025-66221

A flaw was found in Werkzeug. This vulnerability allows a denial of service via path segments with Windows device names. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...

6.3CVSS5.7AI score0.00474EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/12/02 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-66221

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. O...

6.3CVSS6.5AI score0.00474EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/11/29 3:39 a.m.5 views

abilian-sbe (>=1.1.0 <=1.1.12), acfx (>=0.3.1 <=0.3.7.dev2) +688 more potentially affected by CVE-2025-66221 via werkzeug (>=3.0.0 <=3.1.3)

werkzeug PYPI version =3.0.0, =1.1.0, =0.3.1, =4.11.0, =1.0.0, =0.1.3, =0.2.4.1, =0.0.1, =1.3.0, =0.1.0, =0.1.1, =0.5.7, =0.1.0, =0.4.72, =1.0.0, =1.1.0a20250428 and more Source cves: CVE-2025-66221 Source advisory: SNYK:PYTHON-WERKZEUG-14151620...

6.3CVSS5.9AI score0.00474EPSS
Exploits0
Rows per page
Query Builder