Package impact
PyPI / werkzeug
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-46136 | high | 7.5 | 7.5 | 3y ago | Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are a… | |||
| CVE-2016-10516 | medium | 6.1 | 6.1 | 9y ago | Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werkzeug before 0.11.11 (as used in Pallets Flask and other products) allows remote… | |||
| CVE-2024-49767 | medium | — | 5.5 | 2y ago | Werkzeug possible resource exhaustion when parsing file data in forms |