Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:HPE Helion OpenStack 8 package python-Werkzeug, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (3)
CVE-2019-14806 — CVSS 7.5 (high): Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same…
CVE-2023-25577 — CVSS 7.5 (high): Werkzeug is a comprehensive WSGI web application library. Prior to version 2.2.3, Werkzeug's multipart form data parser will parse an…
CVE-2023-1625 — CVSS 7.4 (high): An information leak was discovered in OpenStack heat. This issue could allow a remote, authenticated attacker to use the 'stack show'…