Lucene search
K
PalletsprojectsWerkzeug

14 matches found

CVE
CVE
added 2024/05/06 2:44 p.m.978 views

CVE-2024-34069

Werkzeug (the Python WSGI library) contains a debugger-only vulnerability tracked as CVE-2024-34069. The issue arises in affected Werkzeug versions where the debugger can let an attacker execute code on a developer’s machine under certain conditions: the attacker must persuade the developer to vi...

7.5CVSS6.5AI score0.03397EPSS
CVE
CVE
added 2023/10/24 11:48 p.m.563 views

CVE-2023-46136

CVE-2023-46136 affects Werkzeug (WSGI library). A crafted multipart upload starting with CR/LF followed by many data bytes can cause the parser to append to an internal buffer and exhaust CPU, leading to DoS. This has been patched in version 3.0.1. IBM/PowerVC and QRadar bulletins referencing the...

8CVSS6.8AI score0.01072EPSS
CVE
CVE
added 2023/02/14 7:56 p.m.494 views

CVE-2023-23934

CVE-2023-23934 affects the Werkzeug WSGI library. A bug in parsing nameless cookies (e.g., =__Host-test=bad) can lead to cookie shadowing where the cookie value is set for one subdomain but read as a different key by adjacent subdomains. The issue applies to Werkzeug versions before 2.2.3 and is ...

3.5CVSS5.2AI score0.00507EPSS
CVE
CVE
added 2023/02/14 7:56 p.m.448 views

CVE-2023-25577

Werkzeug prior to 2.2.3 contains a DoS vulnerability in its multipart form data parser that can parse an unlimited number of parts (including file parts). Attacks that send crafted multipart data to endpoints reading request.data, request.form, request.files, or request.get_data(parse_form_data=F...

7.5CVSS7.5AI score0.0142EPSS
CVE
CVE
added 2024/10/25 7:41 p.m.345 views

CVE-2024-49767

CVE-2024-49767 : Werkzeug's MultiPartParser in versions prior to 3.0.6 is vulnerable to a resource-exhaustion DoS when parsing multipart/form-data. A crafted upload can cause the parser to allocate 3–8× the upload size in RAM, with a single 1 Gbit/s upload potentially exhausting ~32 GB in under a...

7.5CVSS7.3AI score0.01102EPSS
CVE
CVE
added 2024/10/25 7:22 p.m.307 views

CVE-2024-49766

CVE-2024-49766 — Werkzeug UNC Path Validation Issue : Werkzeug on Windows with Python <3.11 fails to catch UNC paths in os.path.isabs(), causing safe_join() to produce potentially unsafe paths. Vulnerable scenarios affect apps using Python =3.11 or non-Windows environments are not affected. A ...

6.3CVSS6.5AI score0.00786EPSS
CVE
CVE
added 2022/05/24 11:56 p.m.279 views

CVE-2022-29361

CVE-2022-29361 affects Pallets Werkzeug ≤ 2.1.0 and enables HTTP request smuggling through improper parsing of HTTP requests. Connected sources corroborate the issue, noting potential for web cache poisoning, WAF bypass, and XSS via crafted requests, with vendor guidance that the behavior occurs ...

9.8CVSS9.2AI score0.07663EPSS
CVE
CVE
added 2019/07/28 12:36 p.m.273 views

CVE-2019-14322

CVE-2019-14322 : Pallets Werkzeug before 0.15.5 is vulnerable to directory traversal via SharedDataMiddleware mishandling drive names (e.g., C:) in Windows pathnames. Exploitation could allow remote attackers to view arbitrary files on the system by crafting a URL with Windows drive references. P...

7.5CVSS7.3AI score0.55526EPSS
CVE
CVE
added 2019/08/09 2:29 p.m.228 views

CVE-2019-14806

CVE-2019-14806 affects Pallets Werkzeug prior to 0.15.3 when used with Docker, due to insufficient debugger PIN randomness caused by containers sharing the same machine-id. This enables remote exploitation with network access; CVSSv3 base score 7.5. Remediation is to upgrade Werkzeug to 0.15.3 or...

7.5CVSS7.3AI score0.02288EPSS
CVE
CVE
added 2026/02/21 5:15 a.m.206 views

CVE-2026-27199

CVE-2026-27199 affects Werkzeug. Versions 3.1.5 and earlier allow Windows device names as filenames when the path includes multiple segments, due to incomplete filtering in the safe_join function used by send_from_directory. When running on Windows, a request ending with a device name can open th...

6.3CVSS5.4AI score0.00556EPSS
Web
CVE
CVE
added 2017/10/23 4:0 p.m.146 views

CVE-2016-10516

Affected software: Pallets Werkzeug (Python library) used by Flask. Vulnerable path: render_full in debug/tbtools.py. Root cause: improper validation of user-supplied input via an exception message, enabling cross-site scripting (XSS). Impact: remote attacker could inject arbitrary script into a ...

6.1CVSS5.9AI score0.01985EPSS
CVE
CVE
added 2020/11/18 2:26 p.m.118 views

CVE-2020-28724

CVE-2020-28724 describes an Open Redirect vulnerability in Pallets Werkzeug exposed by URLs containing a double slash, affecting Werkzeug versions before 0.11.6. Multiple advisories (e.g., EulerOS/Ubuntu/Nessus/OpenVAS entries) reference this CVE alongside CVE-2016-10516, indicating the issue lie...

6.1CVSS6.1AI score0.01661EPSS
CVE
CVE
added 2025/11/29 2:28 a.m.62 views

CVE-2025-66221

Werkzeug CVE-2025-66221 affects the safe_join path handling in Werkzeug prior to 3.1.4 on Windows. If a request ends with a Windows device name (e.g., CON, AUX), the file is opened but reading can hang indefinitely when using send_from_directory under a directory. The issue has been patched in 3....

6.3CVSS6.4AI score0.00474EPSS
CVE
CVE
added 2026/01/08 6:34 p.m.61 views

CVE-2026-21860

CVE-2026-21860 affects Werkzeug’s safe_join on Windows, allowing segments with Windows device names (e.g., CON, AUX) plus extensions or trailing spaces in versions prior to 3.1.5. IBM-security notices confirm real-world impact in affiliated products: IBM Watson Discovery Cartridge (InfoSphere/Dis...

6.3CVSS6.5AI score0.00424EPSS