Information on source package python-werkzeug

Available versions

ReleaseVersion
buster0.14.1+dfsg1-4+deb10u1
buster (security)0.14.1+dfsg1-4+deb10u2
bullseye1.0.1+dfsg1-2+deb11u1
bookworm2.2.2-3
trixie3.0.3-1
sid3.0.3-1

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2024-34069vulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedWerkzeug is a comprehensive WSGI web application library. The debugger ...
CVE-2023-46136vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedWerkzeug is a comprehensive WSGI web application library. If an upload ...

Resolved issues

BugDescription
TEMP-0000000-099EACwerkzeug hashes its secret instead of using hmac
CVE-2023-25577Werkzeug is a comprehensive WSGI web application library. Prior to ver ...
CVE-2023-23934Werkzeug is a comprehensive WSGI web application library. Browsers may ...
CVE-2020-28724Open redirect vulnerability in werkzeug before 0.11.6 via a double sla ...
CVE-2019-14806Pallets Werkzeug before 0.15.3, when used with Docker, has insufficien ...
CVE-2019-14322In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles dri ...
CVE-2016-10516Cross-site scripting (XSS) vulnerability in the render_full function i ...

Security announcements

DSA / DLADescription
DSA-5470-1python-werkzeug - security update
DLA-3346-1python-werkzeug - security update
DLA-1191-1python-werkzeug - security update

Search for package or bug name: Reporting problems