Tag
werkzeug
Safeguard articles tagged "werkzeug" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Vulnerability Analysis
Werkzeug multipart form-data denial of service (CVE-2019-1010083)
CVE-2019-1010083 lets attackers crash Flask apps via crafted multipart form-data. Here's the CVSS score, timeline, and how to fix the Werkzeug DoS flaw.
Dec 27, 20258 min read
Vulnerability Analysis
Werkzeug multipart parser DoS (CVE-2023-46136)
A crafted multipart upload could pin Werkzeug workers at 100% CPU with no auth required. Here's what CVE-2023-46136 affects and how to fix it.
Dec 26, 20257 min read
Vulnerability Analysis
CVE-2023-25577: Denial of service in Werkzeug multipart p...
CVE-2023-25577 lets attackers trigger denial of service in Werkzeug's multipart parser via crafted uploads. Here's the impact, timeline, and fix.
Oct 3, 20257 min read