USN-3463-1
Advisory lineage Upstream: 2 Downstream: 0
Upstream
Published: 25 Oct 2017, 19:25
Last modified:04 Feb 2026, 03:50
Vulnerability Summary
Overall Risk (default)
minimal
0/100 CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
25 Oct 2017, 19:25
Published
Vulnerability first disclosed
04 Feb 2026, 03:50
Last Modified
Vulnerability information updated
Description
python-werkzeug vulnerability It was discovered that Werkzeug did not properly handle certain web scripts. A remote attacker could use this to inject arbitrary code via a field that contains an exception message.
Affected Systems
- ubuntu•python-werkzeug
< 0.9.4+dfsg-1.1ubuntu2.1 | < 0.10.4+dfsg1-1ubuntu1.1