VYPR

rpm package

suse/python-Werkzeug&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS

pkg:rpm/suse/python-Werkzeug&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS

Vulnerabilities (2)

  • CVE-2024-34069May 6, 2024
    affected < 1.0.1-150300.3.8.1fixed 1.0.1-150300.3.8.1

    Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain

  • CVE-2023-25577HigFeb 14, 2023
    affected < 1.0.1-150300.3.3.1fixed 1.0.1-150300.3.3.1

    Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory