Read Time:21 Second

It was discovered that Werkzeug did not properly handle the parsing of
nameless cookies. A remote attacker could possibly use this issue to
shadow other cookies. (CVE-2023-23934)

It was discovered that Werkzeug could be made to process unlimited number
of multipart form data parts. A remote attacker could possibly use this
issue to cause Werkzeug to consume resources, leading to a denial of
service. (CVE-2023-25577)

Read More

More Stories

xen-4.17.5-2.fc39

FEDORA-2024-020dbf247c Packages in this update: xen-4.17.5-2.fc39 Update description: x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] update to xen-4.17.5 Read More

xen-4.18.3-2.fc40

FEDORA-2024-051cf1553e Packages in this update: xen-4.18.3-2.fc40 Update description: x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] Read More

xen-4.19.0-4.fc41

FEDORA-2024-60809cb44e Packages in this update: xen-4.19.0-4.fc41 Update description: x86: Deadlock in vlapic_error() [XSA-462, CVE-2024-45817] Read More