4 matches found
RHEL 7 : python-werkzeug (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python-werkzeug: cookie prefixed with = can shadow unprefixed cookie CVE-2023-23934 - Werkzeug is a...
SUSE SLES15 / openSUSE 15 Security Update : python-Werkzeug (SUSE-SU-2024:1608-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1608-1 advisory. - CVE-2024-34069: Fixed a remote code execution through debugger when interacting with attacker controlled domain bsc1223979...
Fedora 37 : mingw-python-werkzeug (2023-af75e27098)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-af75e27098 advisory. Update to python-werkzeug-2.2.3. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
CVE-2023-25577
Werkzeug prior to 2.2.3 contains a DoS vulnerability in its multipart form data parser that can parse an unlimited number of parts (including file parts). Attacks that send crafted multipart data to endpoints reading request.data, request.form, request.files, or request.get_data(parse_form_data=F...