Lucene search
+L

49 matches found

Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0160: python-werkzeug (ALINUX3-SA-2024:0160)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0160 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-23934: Werkzeug is a comprehensiv...

7.5CVSS6.5AI score0.0142EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.11 views

Linux Distros Unpatched Vulnerability : CVE-2023-25577

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts,...

7.5CVSS6.7AI score0.0142EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2024/11/26 9:41 a.m.30 views

Advisory ROSA-SA-2024-2530

Software: python3-werkzeug 1.0.1 OS: rosa-server79 packageevrstring: python3-werkzeug-1.0.1-2.res7 CVE-ID: CVE-2023-25577 BDU-ID: 2023-02343 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the WSGI Werkzeug web application library is related to the application not properly controlling the...

7.5CVSS6.9AI score0.0142EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2024/04/29 4:48 p.m.41 views

Security Bulletin: IBM QRadar Assistant App for IBM QRadar SIEM is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM QRadar Assistant App for IBM QRadar SIEM has addressed the applicable CVEs in an update. Vulnerability Details CVEID:CVE-2023-46136 DESCRIPTION: Pallets...

8.6CVSS8.6AI score0.55526EPSS
Exploits11Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/04/28 12:0 a.m.33 views

RHEL 9 : Red Hat OpenStack Platform 17.0 (python-werkzeug) (RHSA-2023:1018)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1018 advisory. Werkzeug ======== Werkzeug started as simple collection of various utilities for WSGI applications and has become one of the most advanced...

7.5CVSS6.6AI score0.0142EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/04/17 12:0 a.m.25 views

RHEL 8 / 9 : OpenShift Container Platform 4.14.4 (RHSA-2023:7473)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7473 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or...

8CVSS7.1AI score0.01815EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2023/11/30 2:34 p.m.35 views

Important: Red Hat Security Advisory: Red Hat Quay security update

An update is now available for Red Hat Quay 3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.7AI score0.0142EPSS
Exploits2References21
RedHat Linux
RedHat Linux
added 2023/11/29 12:12 p.m.45 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.14.4 packages and security update

Red Hat OpenShift Container Platform release 4.14.4 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.14. Red Hat Product Security has rated this update as having a...

8CVSS6.8AI score0.01815EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/08/15 12:0 a.m.29 views

Oracle Linux 8 : python-werkzeug (ELSA-2023-12709)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-12709 advisory. - Fix CVE-2023-23934 Orabug: 35662419 - Fix CVE-2023-25577 Orabug: 35662419 Tenable has extracted the preceding description block directly from the...

7.5CVSS6.5AI score0.0142EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/08/07 12:0 a.m.29 views

Debian DSA-5470-1 : python-werkzeug - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5470 advisory. - Werkzeug is a comprehensive WSGI web application library. Browsers may allow nameless cookies that look like =value instead of key=value. A vulnerable browser m...

7.5CVSS6.4AI score0.0142EPSS
Exploits0References8
Debian
Debian
added 2023/08/06 12:38 p.m.33 views

[SECURITY] [DSA 5470-1] python-werkzeug security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5470-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 06, 2023 https://www.debian.org/security/faq -...

7.5CVSS7.1AI score0.0142EPSS
Exploits0
Oracle linux
Oracle linux
added 2023/08/06 12:0 a.m.80 views

python-werkzeug security update

0.12.2-4.0.1 - Fix CVE-2023-23934 Orabug: 35662419 - Fix CVE-2023-25577 Orabug: 35662419 - enable tests Orabug: 35662419...

7.5CVSS7.1AI score0.0142EPSS
Exploits0
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/28 2:50 p.m.34 views

Security Bulletin: Vulnerability in werkzeug may affect IBM Spectrum Sentinel Anomaly Scan Engine (CVE-2023-25577, CVE-2023-23934)

Summary Vulnerabilities in werkzeug may affect IBM Spectrum Sentinel Anomaly Scan Engine. Vulnerabilities include: Werkzeug allowing remote attacker to bypass security restrictions and denial of service. Vulnerability Details CVEID:CVE-2023-23934 DESCRIPTION: Pallets Werkzeug could allow a remote...

7.5CVSS6.1AI score0.0142EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/24 5:29 p.m.31 views

Security Bulletin: Wekzeug is vulnerable to CVE-2023-25577 and CVE-2023-23934 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses Wekzeug which is vulnerable to CVE-2023-25577 and CVE-2023-23934. Vulnerability Details CVEID:CVE-2023-25577 DESCRIPTION: Pallets Werkzeug is vulnerable to a denial of service, caused by a flaw when parsing multipart form data with man...

7.5CVSS6.1AI score0.0142EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/06 5:50 p.m.42 views

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to Pallets Werkzeug security bypass and denialof service vulnerabilities( CVE-2023-23934, CVE-2023-25577)

Summary Potential Pallets Werkzeug security bypass and denial of service vulnerabilities CVE-2023-23934, CVE-2023-25577 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. Refer to details for additional information. Vulnerability Details CVEID:CVE-2023-23934...

7.5CVSS6.1AI score0.0142EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/06/22 12:0 a.m.20 views

Ubuntu: Security Advisory (USN-5948-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.1AI score0.0142EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2023/06/20 10:6 p.m.52 views

USN-5948-2: Werkzeug vulnerabilities

USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookie...

7.5CVSS6.6AI score0.0142EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/20 12:0 a.m.46 views

Ubuntu 23.04 : Werkzeug vulnerabilities (USN-5948-2)

The remote Ubuntu 23.04 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5948-2 advisory. USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the corresponding updates for Ubuntu 23.04. Tenable has extracted the preceding descriptio...

7.5CVSS6.5AI score0.0142EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/19 9:3 a.m.140 views

Security Bulletin: Vulnerabilities in Flask and Pallets Werkzeug may affect IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore (CVE-2023-30861, CVE-2023-25577, CVE-2023-23934)

Summary IBM Spectrum Protect Plus Microsoft File Systems Backup and Restore can be affected by vulnerabilities in Flask and Pallets Werkzeug include obtain sensitive information, denial of service attacks and bypass security restrictions, as described by the CVEs in the "Vulnerability Details"...

7.5CVSS6.9AI score0.0142EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.45 views

EulerOS 2.0 SP5 : python-werkzeug (EulerOS-SA-2023-2167)

According to the versions of the python-werkzeug package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Werkzeug is a comprehensive WSGI web application library. Browsers may allow 'nameless' cookies that look like =value instead of...

7.5CVSS6.3AI score0.0142EPSS
Exploits0References3
Rows per page
Query Builder