CVE-2026-21860 Werkzeug safe_join() allows Windows special device names with compound extensions

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present...

CVE-2026-21860 Werkzeug safe_join() allows Windows special device names with compound extensions

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present...

CVE-2025-66221

A flaw was found in Werkzeug. This vulnerability allows a denial of service via path segments with Windows device names. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and...

Werkzeug safe_join() allows Windows special device names

...

CVE-2025-66221

Werkzeug CVE-2025-66221 affects the safe_join path handling in Werkzeug prior to 3.1.4 on Windows. If a request ends with a Windows device name (e.g., CON, AUX), the file is opened but reading can hang indefinitely when using send_from_directory under a directory. The issue has been patched in 3....

CVE-2025-66221 Werkzeug safe_join() allows Windows special device names

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's safejoin function allows path segments with Windows device names. On Windows, there are special device names such as CON, AUX, etc that are implicitly present and readable in every directory...

Werkzeug 安全漏洞

Werkzeug is a comprehensive WSGI web application library open-sourced by Pallets. A security vulnerability exists in Werkzeug versions prior to 3.1.4, which stems from improper handling of Windows device names by the safejoin function, which may result in file read hangs...

Security Bulletin: Denial of service, directory traversal, and other vulnerabilities might affect IBM Storage Defender – Resiliency Service

Summary IBM Storage Defender – Resiliency Service is vulnerable to denial of service, directory traversal, and others. The vulnerabilities have been addressed. CVE-2024-49767, CVE-2024-49766, CVE-2024-39614, CVE-2024-38875, CVE-2024-41989, CVE-2024-41990, CVE-2024-41991, CVE-2024-47119,...

CVE-2024-49766

Werkzeug is a Web Server Gateway Interface web application library. On Python = 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch...

Werkzeug safe_join not safe on Windows

On Python = 3.11, or not using Windows, are not vulnerable...

GHSA-F9VJ-2WH5-FJ8J Werkzeug safe_join not safe on Windows

On Python = 3.11, or not using Windows, are not vulnerable...

CVE-2024-49766 Werkzeug safe_join not safe on Windows

Werkzeug is a Web Server Gateway Interface web application library. On Python = 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch...

CVE-2024-49766

CVE-2024-49766 — Werkzeug UNC Path Validation Issue : Werkzeug on Windows with Python <3.11 fails to catch UNC paths in os.path.isabs(), causing safe_join() to produce potentially unsafe paths. Vulnerable scenarios affect apps using Python =3.11 or non-Windows environments are not affected. A ...

CVE-2024-49766 Werkzeug safe_join not safe on Windows

Werkzeug is a Web Server Gateway Interface web application library. On Python = 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch...

CVE-2024-49766 Werkzeug safe_join not safe on Windows

Werkzeug is a Web Server Gateway Interface web application library. On Python = 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch...

CVE-2022-24900

Piano LED Visualizer is software that allows LED lights to light up as a person plays a piano connected to a computer. Version 1.3 and prior are vulnerable to a path traversal attack. The os.path.join call is unsafe for use with untrusted input. When the os.path.join call encounters an absolute...

Directory Traversal

Flask and Werkzeug are vulnerable to directory traversal attacks. These attacks are possible because it uses the safejoin method. In Windows, safejoin doesn't correctly filter file paths allowing directory traversal and disclosure of arbitrary files from a server...