CVE-2024-49766
Medium
Low
Medium
High
Critical
5.3
CVSS Score
Vulnerability Description
Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path that is not safe, potentially allowing unintended access to data. Applications using Python >= 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch.
CVSS Metrics
Common Vulnerability Scoring System
Vector String:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
N
Attack Complexity
L
Privileges Required
N
User Interaction
N
Scope
U
Confidentiality
L
Integrity
N
Availability
N
Oracle
CPUJAN2025
Oracle Critical Patch Update Advisory - January 2025
Severity
Critical
Released
Jan 21, 2025
Restart Required
Security Update
References & Resources
-
https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092security-advisories@github.com Patch
-
https://github.com/pallets/werkzeug/releases/tag/3.0.6security-advisories@github.com Release Notes
-
https://github.com/pallets/werkzeug/security/advisories/GHSA-f9vj-2wh5-fj8jsecurity-advisories@github.com Vendor Advisory
-
https://security.netapp.com/advisory/ntap-20250131-0005/af854a3a-2127-422b-91ae-364da2661108 Third Party Advisory
Severity Details
5.3
out of 10.0
Medium
Weakness Type (CWE)
CWE-22
Top 25 #6
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
- Description
- The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can…
- Exploit Likelihood
- High
- Typical Severity
- High
- OWASP Top 10
- A01:2021-Broken Access Control
- Abstraction Level
- Base
Key Information
- Published Date
- October 25, 2024
