In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in …

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perf…

Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of …

Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness…

Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the…

Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL.

Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's mu…

Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeu…

Werkzeug is a comprehensive WSGI web application library. If an upload of a file that starts wi…

Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows…

Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies…

Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_jo…

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.4, Werkzeug's sa…

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's sa…