rpm package
suse/python-Werkzeug&distro=SUSE Enterprise Storage 7.1
pkg:rpm/suse/python-Werkzeug&distro=SUSE%20Enterprise%20Storage%207.1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-34069 | — | < 1.0.1-150300.3.8.1 | 1.0.1-150300.3.8.1 | May 6, 2024 | Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain | ||
| CVE-2023-25577 | Hig | 7.5 | < 1.0.1-150300.3.3.1 | 1.0.1-150300.3.3.1 | Feb 14, 2023 | Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory |
- CVE-2024-34069May 6, 2024affected < 1.0.1-150300.3.8.1fixed 1.0.1-150300.3.8.1
Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain
- affected < 1.0.1-150300.3.3.1fixed 1.0.1-150300.3.3.1
Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory