Alpine/py3-werkzeug — 6 CVEs

CRITICAL9.8CVE-2022-29361Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted H…

from 0, < 2.2.2-r0

HIGH7.5CVE-2024-49767Werkzeug possible resource exhaustion when parsing file data in forms

from 0, < 3.0.6-r0

MEDIUM5.7CVE-2023-46136Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning

from 0, < 2.3.7-r0

MEDIUM5.3Werkzeug safe_join() allows Windows special device names

from 0, < 3.1.6-r0

MEDIUM5.3Werkzeug safe_join() allows Windows special device names with compound extensions

from 0, < 3.1.5-r0

MEDIUM5.3Werkzeug safe_join() allows Windows special device names

from 0, < 3.1.4-r0

pkg:Alpine/py3-werkzeug

✅ Check your installed version

All known vulnerabilities