Vulnerabilities > Palletsprojects > Werkzeug > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-10-25 | CVE-2024-49767 | Allocation of Resources Without Limits or Throttling vulnerability in Palletsprojects Werkzeug Werkzeug is a Web Server Gateway Interface web application library. | 7.5 |
2023-10-25 | CVE-2023-46136 | Out-of-bounds Write vulnerability in Palletsprojects Werkzeug Werkzeug is a comprehensive WSGI web application library. | 7.5 |
2023-02-14 | CVE-2023-25577 | Unspecified vulnerability in Palletsprojects Werkzeug Werkzeug is a comprehensive WSGI web application library. | 7.5 |
2019-08-09 | CVE-2019-14806 | Insufficient Entropy vulnerability in multiple products Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. | 7.5 |
2019-07-28 | CVE-2019-14322 | Path Traversal vulnerability in Palletsprojects Werkzeug In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. | 7.5 |