Filter

ubuntu/jinja2Jinja vulnerable to Cross-Site Scripting (XSS)

EPSS
0.10%
First published (updated )

pip/werkzeugWerkzeug vulnerable to high resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning

First published (updated )

Canonical Ubuntu LinuxLast updated 24 July 2024

8.6
First published (updated )

Palletsprojects JinjaLast updated 24 July 2024

8.6
First published (updated )

redhat/python-werkzeugWerkzeug may allow high resource usage when parsing multipart form data with many fields

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

debian/python-werkzeugWrkzeug's incorrect parsing of nameless cookies leads to __Host- cookies bypass

3.5
First published (updated )

Palletsprojects WerkzeugXSS

First published (updated )

Palletsprojects WerkzeugOpen redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.

First published (updated )

openSUSE LeapPallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness beca…

7.5
First published (updated )

pip/quartWerkzeug possible resource exhaustion when parsing file data in forms

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

ubuntu/jinja2Regular Expression Denial of Service (ReDoS)

7.5
First published (updated )

pip/flaskThe Pallets Project Flask before 1.0 is affected by unexpected memory usage. The impact is denial of…

7.5
First published (updated )

pip/flaskInput Validation

7.5
First published (updated )

Palletsprojects FlaskFlask vulnerable to possible disclosure of permanent session cookie due to missing Vary: Cookie header

7.5
First published (updated )

Palletsprojects WerkzeugPath Traversal

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Palletsprojects WerkzeugImproper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform H…

First published (updated )

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203