USN-5948-2: Werkzeug vulnerabilities

Read Time:27 Second

USN-5948-1 fixed vulnerabilities in Werkzeug. This update provides the
corresponding updates for Ubuntu 23.04.

Original advisory details:

It was discovered that Werkzeug did not properly handle the parsing of
nameless cookies. A remote attacker could possibly use this issue to
shadow other cookies. (CVE-2023-23934)

It was discovered that Werkzeug could be made to process unlimited number
of multipart form data parts. A remote attacker could possibly use this
issue to cause Werkzeug to consume resources, leading to a denial of
service. (CVE-2023-25577)

Uyghur Diaspora Group Targeted with Remote Surveillance Malware

Half of Mobile Devices Run Outdated Operating Systems

Researchers Note 16.7% Increase in Automated Scanning Activity

2025 Cyber Resilience Research Discovers Speed of AI Advancing Emerging Attack Types

ISACA Highlights Critical Lack of Quantum Threat Mitigation Strategies

FBI Asks for Help Tracking Chinese Salt Typhoon Actors

Government Set to Ban SIM Farms in European First

Friday Squid Blogging: Squid Facts on Your Phone

Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes

USN-5948-2: Werkzeug vulnerabilities

USN-7469-2: Apache Tomcat vulnerability

USN-7469-1: Apache Traffic Server vulnerability

USN-7468-1: Linux kernel (Azure, N-Series) vulnerabilities

USN-7459-2: Linux kernel (GCP) vulnerabilities

USN-7467-1: libxml2 vulnerabilities

USN-7466-1: KiCad vulnerabilities