Release | Version |
---|---|
jessie | 0.9.6+dfsg-1+deb8u3 |
stretch | 0.11.15+dfsg1-1+deb9u2 |
buster | 0.14.1+dfsg1-4+deb10u2 |
bullseye | 1.0.1+dfsg1-2+deb11u1 |
bookworm | 2.2.2-3 |
trixie | 3.0.4-1 |
sid | 3.0.4-1 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2024-49767 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | Werkzeug is a Web Server Gateway Interface web application library. Ap ... |
CVE-2024-34069 | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA, postponed) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Werkzeug is a comprehensive WSGI web application library. The debugger ... |
CVE-2023-46136 | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | Werkzeug is a comprehensive WSGI web application library. If an upload ... |
Bug | Description |
---|---|
TEMP-0000000-099EAC | werkzeug hashes its secret instead of using hmac |
CVE-2024-49766 | Werkzeug is a Web Server Gateway Interface web application library. On ... |
CVE-2023-25577 | Werkzeug is a comprehensive WSGI web application library. Prior to ver ... |
CVE-2023-23934 | Werkzeug is a comprehensive WSGI web application library. Browsers may ... |
CVE-2020-28724 | Open redirect vulnerability in werkzeug before 0.11.6 via a double sla ... |
CVE-2019-14806 | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficien ... |
CVE-2019-14322 | In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles dri ... |
CVE-2016-10516 | Cross-site scripting (XSS) vulnerability in the render_full function i ... |
DSA / DLA | Description |
---|---|
DSA-5470-1 | python-werkzeug - security update |
ELA-897-1 | python-werkzeug - security update |
DLA-3346-1 | python-werkzeug - security update |
ELA-318-1 | python-werkzeug - security update |
DLA-1191-1 | python-werkzeug - security update |