Release | Version |
---|---|
buster | 0.14.1+dfsg1-4+deb10u1 |
buster (security) | 0.14.1+dfsg1-4+deb10u2 |
bullseye | 1.0.1+dfsg1-2+deb11u1 |
bookworm | 2.2.2-3 |
trixie | 3.0.2-1 |
sid | 3.0.3-1 |
Bug | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|
CVE-2024-34069 | vulnerable | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable | fixed | Werkzeug is a comprehensive WSGI web application library. The debugger ... |
CVE-2023-46136 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Werkzeug is a comprehensive WSGI web application library. If an upload ... |
Bug | Description |
---|---|
TEMP-0000000-099EAC | werkzeug hashes its secret instead of using hmac |
CVE-2023-25577 | Werkzeug is a comprehensive WSGI web application library. Prior to ver ... |
CVE-2023-23934 | Werkzeug is a comprehensive WSGI web application library. Browsers may ... |
CVE-2020-28724 | Open redirect vulnerability in werkzeug before 0.11.6 via a double sla ... |
CVE-2019-14806 | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficien ... |
CVE-2019-14322 | In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles dri ... |
CVE-2016-10516 | Cross-site scripting (XSS) vulnerability in the render_full function i ... |
DSA / DLA | Description |
---|---|
DSA-5470-1 | python-werkzeug - security update |
DLA-3346-1 | python-werkzeug - security update |
DLA-1191-1 | python-werkzeug - security update |