Moderate severityNVD Advisory· Published Oct 25, 2024· Updated Jan 31, 2025

Werkzeug safe_join not safe on Windows

CVE-2024-49766

Description

Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path that is not safe, potentially allowing unintended access to data. Applications using Python >= 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
WerkzeugPyPI	< 3.0.6	3.0.6

Affected products

Pallets/Werkzeugv5
Range: < 3.0.6

Patches

2767bcb10a7d

Merge commit from fork

https://github.com/pallets/werkzeugDavid LordOct 25, 2024via ghsa

commit

3 files changed · +16 −6

CHANGES.rst+3 −0 modified

@@ -8,6 +8,9 @@ Unreleased
 -   Fix how ``max_form_memory_size`` is applied when parsing large non-file
     fields. :ghsa:`q34m-jh98-gwm2`
 
+-   ``safe_join`` catches certain paths on Windows that were not caught by
+    ``ntpath.isabs`` on Python < 3.11. :ghsa:`f9vj-2wh5-fj8j`
+
 
 Version 3.0.5
 -------------

src/werkzeug/security.py+2 −0 modified

@@ -151,6 +151,8 @@ def safe_join(directory: str, *pathnames: str) -> str | None:
         if (
             any(sep in filename for sep in _os_alt_seps)
             or os.path.isabs(filename)
+            # ntpath.isabs doesn't catch this on Python < 3.11
+            or filename.startswith("/")
             or filename == ".."
             or filename.startswith("../")
         ):

tests/test_security.py+11 −6 modified

@@ -1,5 +1,4 @@
 import os
-import posixpath
 import sys
 
 import pytest
@@ -47,11 +46,17 @@ def test_invalid_method():
         generate_password_hash("secret", "sha256")
 
 
-def test_safe_join():
-    assert safe_join("foo", "bar/baz") == posixpath.join("foo", "bar/baz")
-    assert safe_join("foo", "../bar/baz") is None
-    if os.name == "nt":
-        assert safe_join("foo", "foo\\bar") is None
+@pytest.mark.parametrize(
+    ("path", "expect"),
+    [
+        ("b/c", "a/b/c"),
+        ("../b/c", None),
+        ("b\\c", None if os.name == "nt" else "a/b\\c"),
+        ("//b/c", None),
+    ],
+)
+def test_safe_join(path, expect):
+    assert safe_join("a", path) == expect
 
 
 def test_safe_join_os_sep():

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/advisories/GHSA-f9vj-2wh5-fj8jghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2024-49766ghsaADVISORY
github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092ghsax_refsource_MISCWEB
github.com/pallets/werkzeug/releases/tag/3.0.6ghsax_refsource_MISCWEB
github.com/pallets/werkzeug/security/advisories/GHSA-f9vj-2wh5-fj8jghsax_refsource_CONFIRMWEB
security.netapp.com/advisory/ntap-20250131-0005ghsaWEB

News mentions

No linked articles in our index yet.

cvss	0.260
epss	0.001
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000