CRITICAL9.8CVE-2022-29361Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted H… from 0, < 9a3a981d70d2e9ec3344b5192f86fcaf3210cd85 | from 0, < 2.1.1
HIGH7.5CVE-2024-49767Werkzeug possible resource exhaustion when parsing file data in forms >= 2.0.0rc1, < 3.0.6
HIGH7.5python-werkzeug - security update
from 0, < 3.0.3
HIGH7.5High resource usage when parsing multipart form data with many fields
from 0, < 2.2.3
HIGH7.5High resource usage when parsing multipart form data with many fields
from 0, < 517cac5a804e8c4dc4ed038bb20dacd038e7a9f1 | from 0, < 2.2.3
HIGH7.5Pallets Werkzeug vulnerable to Path Traversal
from 0, < 0.15.5
HIGH7.5Pallets Werkzeug Insufficient Entropy
from 0, < 00bc43b1672e662e5e3b8cecd79e67fc968fa246 | from 0, < 0.15.3
HIGH7.5Pallets Werkzeug Insufficient Entropy
from 0, < 0.15.3
MEDIUM6.1python-werkzeug - security update
from 0, < 0.11.11
MEDIUM6.1python-werkzeug - security update
from 0, < 0.11.11
MEDIUM6.1Open Redirect in werkzeug
from 0, < 0.11.6
MEDIUM6.1Open Redirect in werkzeug
from 0, < 0.11.6
MEDIUM5.7Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
>= 3.0.0, < 3.0.1
MEDIUM5.7Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
from 0, < f3c803b3ade485a45f12b6d6617595350c0f03e2, < f2300208d5e2a5076cbbb4c2aad71096fd040ef9 | from 0, < 2.3.8, >= 3.0.0, < 3.0.1
MEDIUM5.3Werkzeug safe_join() allows Windows special device names
from 0, < 3.1.6
MEDIUM5.3Werkzeug safe_join() allows Windows special device names with compound extensions
from 0, < 3.1.5
MEDIUM5.3Werkzeug safe_join() allows Windows special device names
from 0, < 3.1.4
LOW2.6python-werkzeug - security update
from 0, < 2.2.3
LOW2.6python-werkzeug - security update
from 0, < cf275f42acad1b5950c50ffe8ef58fe62cdce028 | from 0, < 2.2.3
—Werkzeug safe_join not safe on Windows
from 0, < 3.0.6