Release | Version |
---|---|
bullseye | 1.0.1+dfsg1-2+deb11u1 |
bookworm | 2.2.2-3 |
trixie | 3.1.3-2 |
sid | 3.1.3-2 |
Bug | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|
CVE-2024-49767 | fixed | vulnerable (no DSA) | fixed | fixed | Werkzeug is a Web Server Gateway Interface web application library. Ap ... |
CVE-2024-34069 | vulnerable (no DSA, postponed) | vulnerable (no DSA) | fixed | fixed | Werkzeug is a comprehensive WSGI web application library. The debugger ... |
CVE-2023-46136 | fixed | vulnerable (no DSA) | fixed | fixed | Werkzeug is a comprehensive WSGI web application library. If an upload ... |
Bug | Description |
---|---|
TEMP-0000000-099EAC | werkzeug hashes its secret instead of using hmac |
CVE-2024-49766 | Werkzeug is a Web Server Gateway Interface web application library. On ... |
CVE-2023-25577 | Werkzeug is a comprehensive WSGI web application library. Prior to ver ... |
CVE-2023-23934 | Werkzeug is a comprehensive WSGI web application library. Browsers may ... |
CVE-2020-28724 | Open redirect vulnerability in werkzeug before 0.11.6 via a double sla ... |
CVE-2019-14806 | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficien ... |
CVE-2019-14322 | In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles dri ... |
CVE-2016-10516 | Cross-site scripting (XSS) vulnerability in the render_full function i ... |
DSA / DLA | Description |
---|---|
DSA-5470-1 | python-werkzeug - security update |
DLA-3346-1 | python-werkzeug - security update |
DLA-1191-1 | python-werkzeug - security update |