Download
| Alert*
oval:org.secpod.oval:def:93365
Several vulnerabilities were discovered in python-werkzeug, a collection of utilities for WSGI applications. CVE-2023-23934 It was discovered that Werkzeug did not properly handle the parsing of nameless cookies which may allow shadowing of other cookies. CVE-2023-25577 It was discovered that Werkze ... oval:org.secpod.oval:def:19500056 Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an unlimited number of parts, including file parts. Parts can be a small amount of bytes, but each requires CPU time to parse and may use more memory as Python data. If ... oval:org.secpod.oval:def:708259 python-werkzeug: collection of utilities for WSGI applications Details: USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the corresponding updates for Ubuntu 23.04. Original advisory Several security issues were fixed in Werkzeug. oval:org.secpod.oval:def:89495 python-werkzeug: documentation for the werkzeug Python library Several security issues were fixed in Werkzeug. oval:org.secpod.oval:def:708025 python-werkzeug: documentation for the werkzeug Python library Several security issues were fixed in Werkzeug. oval:org.secpod.oval:def:125160 MinGW Windows Python werkzeug library. oval:org.secpod.oval:def:89048675 This update for python-Werkzeug fixes the following issues: * CVE-2023-25577: Fixed high resource usage when parsing multipart form data with many fields . oval:org.secpod.oval:def:1506849 [0.12.2-4.0.1] - Fix CVE-2023-23934 [Orabug: 35662419] - Fix CVE-2023-25577 [Orabug: 35662419] - enable tests [Orabug: 35662419] oval:org.secpod.oval:def:89048670 This update for python-Werkzeug fixes the following issues: * CVE-2023-25577: Fixed high resource usage when parsing multipart form data with many fields oval:org.secpod.oval:def:612606 Several vulnerabilities were discovered in python-werkzeug, a collection of utilities for WSGI applications. CVE-2023-23934 It was discovered that Werkzeug did not properly handle the parsing of nameless cookies which may allow shadowing of other cookies. CVE-2023-25577 It was discovered that Werkze ... |