Oracle Linux 8 : python-werkzeug (ELSA-2023-12709)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-12709 advisory. - Fix CVE-2023-23934 Orabug: 35662419 - Fix CVE-2023-25577 Orabug: 35662419 Tenable has extracted the preceding description block directly from the...

Debian: Security Advisory (DSA-5470-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5470-1] python-werkzeug security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5470-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 06, 2023 https://www.debian.org/security/faq -...

python-werkzeug security update

0.12.2-4.0.1 - Fix CVE-2023-23934 Orabug: 35662419 - Fix CVE-2023-25577 Orabug: 35662419 - enable tests Orabug: 35662419...

DSA-5470-1 python-werkzeug - security update

Bulletin has no description...

Ubuntu: Security Advisory (USN-5948-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-5948-2: Werkzeug vulnerabilities

USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookie...

Huawei EulerOS: Security Advisory for python-werkzeug (EulerOS-SA-2023-2167)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : python-werkzeug (EulerOS-SA-2023-2167)

According to the versions of the python-werkzeug package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Werkzeug is a comprehensive WSGI web application library. Browsers may allow 'nameless' cookies that look like =value instead of...

SUSE-SU-2023:2379-1 Security update for openstack-heat, python-Werkzeug

This update for openstack-heat, python-Werkzeug contains the following fixes: Security fixes included on this update: openstack-heat: - CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment. bsc1209774 python-Werkzeug: - CVE-2023-25577:...

SUSE-SU-2023:2378-1 Security update for openstack-heat, openstack-swift, python-Werkzeug

This update for openstack-heat, openstack-swift, python-Werkzeug contains the following fixes: Security fixes included in this update: openstack-heat: - CVE-2023-1625: Fixed an issue where parameter values marked as 'hidden' would be shown in the stack's environment bsc1209774. openstack-swift: -...

python-werkzeug: high resource usage when parsing multipart form data with many fields

A flaw was found in python-werkzeug. Werkzeug is multipart form data parser, that will parse an unlimited number of parts, including file parts. These parts can be a small amount of bytes, but each requires CPU time to parse, and may use more memory as Python data. If a request can be made to an...

SUSE SLES12 Security Update : python-Werkzeug (SUSE-SU-2023:1775-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1775-1 advisory. - Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an...

SUSE-SU-2023:1775-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: CVE-2023-25577: Fixed high resource usage when parsing multipart form data with many fields bsc1208283...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : python-Werkzeug (SUSE-SU-2023:1693-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1693-1 advisory. - Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart...

SUSE: Security Advisory (SUSE-SU-2023:1693-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:1693-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: - CVE-2023-25577: Fixed high resource usage when parsing multipart form data with many fields bsc1208283...

SUSE: Security Advisory (SUSE-SU-2023:1664-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:1664-1 Security update for python-Werkzeug

This update for python-Werkzeug fixes the following issues: - CVE-2023-25577: Fixed high resource usage when parsing multipart form data with many fields bsc1208283...

CVE-2023-23934 affecting package python-werkzeug for versions less than 2.2.3-1

CVE-2023-23934 affecting package python-werkzeug for versions less than 2.2.3-1. An upgraded version of the package is available that resolves this issue...