Filters
Software
pip/quartWerkzeug possible resource exhaustion when parsing file data in forms
7.5
First published (updated )
ubuntu/jinja2Jinja vulnerable to Cross-Site Scripting (XSS)
6.1
EPSS
0.10%
First published (updated )
pip/werkzeugWerkzeug vulnerable to high resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
8
First published (updated )
Palletsprojects FlaskFlask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header
7.5
First published (updated )
debian/python-werkzeugWrkzeug's incorrect parsing of nameless cookies leads to __Host- cookies bypass
3.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
redhat/python-werkzeugWerkzeug may allow high resource usage when parsing multipart form data with many fields
7.5
First published (updated )
Palletsprojects WerkzeugImproper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform H…
9.8
First published (updated )
ubuntu/jinja2Regular Expression Denial of Service (ReDoS)
7.5
First published (updated )
Palletsprojects WerkzeugOpen redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.
6.1
First published (updated )
openSUSE LeapPallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness beca…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
pip/flaskThe Pallets Project Flask before 1.0 is affected by unexpected memory usage. The impact is denial of…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.