Lucene search
K

7 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2026/04/01 10:8 a.m.3 views

Security Bulletin: IBM Cloud Pak for Data System (CPDS 1.0) is affected by multiple vulnerabilities due to Werkzeug

Summary Werkzeug is used by IBM Cloud Pak for Data System 1.0 as a WSGI web application library. Multiple vulnerabilities affect Werkzeug. CVE-2024-49767 involves a resource exhaustion vulnerability in the multipart/form-data parser where a specifically crafted form submission can cause the parse...

7.5CVSS7.2AI score0.01093EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2026/02/02 7:9 p.m.5 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in Werkzeug

Summary Multiple vulnerabilities in Werkzeug that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2026-21860 DESCRIPTION: Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments wi...

6.3CVSS6.3AI score0.00474EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/29 8:50 p.m.6 views

Security Bulletin: IBM Storage Ceph is vulnerable to Path Traversal and Uncontrolled Resource Consumption in Werkzeug (CVE-2024-49766, CVE-2024-49767)

Summary Werkzeug is used by IBM Storage Ceph for the Web Server Gateway Interface. CVE-2024-49766 CVE-2024-49767This bulletin identifies the steps to take to address the vulnerability in IBM Storage Ceph. Vulnerability Details CVEID:CVE-2024-49766 DESCRIPTION: Werkzeug is a Web Server Gateway...

7.5CVSS6.7AI score0.01093EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2025/07/01 6:8 p.m.11 views

Security Bulletin: IBM Storage Ceph is vulnerable to Uncontrolled Resource Consumption and Improper Input Validation in Werkzeug (CVE-2023-46136, CVE-2023-25577, CVE-2023-23934)

Summary Werkzeug is used by IBM Storage Ceph in the Dashboard. CVE-2023-46136, CVE-2023-25577, CVE-2023-23934 This bulletin identifies the steps to take to address the vulnerability in IBM Storage Ceph. Vulnerability Details CVEID:CVE-2023-46136 DESCRIPTION: Werkzeug is a comprehensive WSGI web...

8CVSS9AI score0.0142EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 4: python-werkzeug (TSSA-2024:0371)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0371 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

8CVSS6.8AI score0.03397EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2025/03/02 12:47 p.m.16 views

Security Bulletin: Vulnerability in Werkzeug affects IBM Cloud Pak for Data System 2.0 (CPDS 2.0) [CVE-2023-25577, CVE-2023-23934]

Summary The Werkzeug package is used by IBM Cloud Pak for Data System 2.0 . IBM Cloud Pak for Data System 2.0 has addressed the applicable CVEs CVE-2023-25577, CVE-2023-23934. Vulnerability Details CVEID:CVE-2023-25577 DESCRIPTION: Pallets Werkzeug is vulnerable to a denial of service, caused by ...

7.5CVSS6.9AI score0.0142EPSS
Exploits0Affected Software1
Ubuntu
Ubuntu
added 2023/06/20 10:6 p.m.51 views

USN-5948-2: Werkzeug vulnerabilities

USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the corresponding updates for Ubuntu 23.04. Original advisory details: It was discovered that Werkzeug did not properly handle the parsing of nameless cookies. A remote attacker could possibly use this issue to shadow other cookie...

7.5CVSS6.6AI score0.0142EPSS
Exploits0
Rows per page
Query Builder