Bugs fixes in "python-werkzeug"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2023-25577 | Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited numbe | 2023-03-14 |
| CVE | CVE-2023-23934 | Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vul | 2023-03-14 |
| CVE | CVE-2023-25577 | Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited numbe | 2023-03-13 |
| CVE | CVE-2023-23934 | Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vul | 2023-03-13 |
| CVE | CVE-2023-25577 | Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited numbe | 2023-03-13 |
| CVE | CVE-2023-23934 | Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vul | 2023-03-13 |
| CVE | CVE-2023-25577 | Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited numbe | 2023-03-13 |
| CVE | CVE-2023-23934 | Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like `=value` instead of `key=value`. A vul | 2023-03-13 |
| CVE | CVE-2020-28724 | Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL. | 2020-12-01 |
| CVE | CVE-2020-28724 | Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL. | 2020-12-01 |
| CVE | CVE-2020-28724 | Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL. | 2020-12-01 |
| CVE | CVE-2020-28724 | Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL. | 2020-12-01 |
| CVE | CVE-2019-14806 | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. | 2020-12-01 |
| CVE | CVE-2019-14806 | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. | 2020-12-01 |
| CVE | CVE-2019-14806 | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. | 2020-12-01 |
| CVE | CVE-2019-14806 | Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id. | 2020-12-01 |
| CVE | CVE-2016-10516 | Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used | 2017-10-25 |
| CVE | CVE-2016-10516 | Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used | 2017-10-25 |
| CVE | CVE-2016-10516 | Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used | 2017-10-25 |
| CVE | CVE-2016-10516 | Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used | 2017-10-25 |
About
-
Send Feedback to @ubuntu_updates
