13 matches found
Security Bulletin: IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Assistant App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2023-46136 DESCRIPTION: Pallets...
cloudmesh-client (>=4.2.6 <=4.4.0), coil (>=1.2.1 <=1.3.7) +6 more potentially affected by CVE-2016-10516 via werkzeug (>=0.10.1 <=0.11.10)
werkzeug PYPI version =0.10.1, =4.2.6, =1.2.1, =1.0.22, =0.7.12, =1.0.0, =1.1.1, =2.0.1 - typedjsonrpc =0.4.0 Source cves: CVE-2016-10516 Source advisory: OSV:GHSA-H2FP-XGX6-XH6F...
Huawei EulerOS: Security Advisory for python-werkzeug (EulerOS-SA-2021-2671)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 27 : python-werkzeug (2017-654136ee16)
Update to 0.12.2 which also fixes CVE-2016-10516 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
Updated python-werkzeug packages fix security vulnerability
Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message CVE-2016-10516...
Fedora Update for python-werkzeug FEDORA-2017-23c3f02995
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 26 : python-werkzeug (2017-23c3f02995)
Update to 0.12.2 which also fixes CVE-2016-10516 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...
[SECURITY] [DLA 1191-1] python-werkzeug security update
Package : python-werkzeug Version : 0.8.3+dfsg-1+deb7u1 CVE ID : CVE-2016-10516 A security issue that allows XSS on the Werkzeug debugger allows remote attackers to inject arbitrary stuff via a field that contains an exception message. For Debian 7 "Wheezy", these problems have been fixed in...
CVE-2016-10516
Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...
CVE-2016-10516
Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...
CVE-2016-10516
Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...
CVE-2016-10516
Affected software: Pallets Werkzeug (Python library) used by Flask. Vulnerable path: render_full in debug/tbtools.py. Root cause: improper validation of user-supplied input via an exception message, enabling cross-site scripting (XSS). Impact: remote attacker could inject arbitrary script into a ...
CVE-2016-10516
Cross-site scripting XSS vulnerability in the renderfull function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 as used in Pallets Flask and other products allows remote attackers to inject arbitrary web script or HTML via a field that contains an exception message...