Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

pallets

3 Products 11 CVEs

CVE Severity Distribution (All Time)

Critical
0
High
5
Medium
2
Low
1

Timeline Overview

Last 30 Days 0 CVEs
Last 6 Months 0 CVEs
Last Year 4 CVEs

Products

View all

werkzeug

4 Versions 6 CVEs

jinja

4 Versions 4 CVEs

flask

2 Versions 1 CVE

Recent CVEs

View all
CVE-2024-56326 HIGH 8 months, 2 weeks ago

Jinja is an extensible templating engine. Prior to 3.1.5, An oversight in how the Jinja sandboxed environment detects calls to str.format allows an a…

CVE-2024-56201 UNKNOWN 8 months, 2 weeks ago

Jinja is an extensible templating engine. In versions on the 3.x branch prior to 3.1.5, a bug in the Jinja compiler allows an attacker that controls …

CVE-2024-49767 UNKNOWN 10 months, 2 weeks ago

Werkzeug is a Web Server Gateway Interface web application library. Applications using `werkzeug.formparser.MultiPartParser` corresponding to a versi…

CVE-2024-49766 UNKNOWN 10 months, 2 weeks ago

Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //serv…