USN-6799-1: Werkzeug vulnerability
Published May 29, 2024
·Updated
It was discovered that the debugger in Werkzeug was not restricted to trusted hosts. A remote attacker could possibly use this issue to execute code on the host under certain circumstances.
Affected Software
16 affected componentsFixes available
All of the following
ubuntu/python3-werkzeug<3.0.1-3ubuntu0.1
3.0.1-3ubuntu0.1
Ubuntu Ubuntu=24.04
All of the following
ubuntu/python3-werkzeug<2.2.2-3ubuntu0.1
2.2.2-3ubuntu0.1
Ubuntu Ubuntu=23.10
All of the following
ubuntu/python3-werkzeug<2.0.2+dfsg1-1ubuntu0.22.04.2
2.0.2+dfsg1-1ubuntu0.22.04.2
Ubuntu Ubuntu=22.04
All of the following
ubuntu/python3-werkzeug<0.16.1+dfsg1-2ubuntu0.2
0.16.1+dfsg1-2ubuntu0.2
Ubuntu Ubuntu=20.04
All of the following
ubuntu/python-werkzeug<0.14.1+dfsg1-1ubuntu0.2+esm1
0.14.1+dfsg1-1ubuntu0.2+esm1
Ubuntu Ubuntu=18.04
All of the following
ubuntu/python3-werkzeug<0.14.1+dfsg1-1ubuntu0.2+esm1
0.14.1+dfsg1-1ubuntu0.2+esm1
Ubuntu Ubuntu=18.04
All of the following
ubuntu/python-werkzeug<0.10.4+dfsg1-1ubuntu1.2+esm2
0.10.4+dfsg1-1ubuntu1.2+esm2
Ubuntu Ubuntu=16.04
All of the following
ubuntu/python3-werkzeug<0.10.4+dfsg1-1ubuntu1.2+esm2
0.10.4+dfsg1-1ubuntu1.2+esm2
Ubuntu Ubuntu=16.04
Event History
May 29, 2024
Advisory Published
via Ubuntu·12:00 AM
Frequently Asked Questions
1
What is the severity of USN-6799-1?
The severity of USN-6799-1 is categorized as potentially critical due to the ability of a remote attacker to execute code.
2
How do I fix USN-6799-1?
To fix USN-6799-1, update the python3-werkzeug package to the fixed versions provided by Ubuntu.
3
What versions of Ubuntu are affected by USN-6799-1?
USN-6799-1 affects multiple Ubuntu versions including 16.04, 18.04, 20.04, 22.04, 23.10, and 24.04.
4
What package is related to USN-6799-1 vulnerability?
The USN-6799-1 vulnerability is related to the python3-werkzeug package.
5
Is there a workaround for USN-6799-1?
There is no proper workaround for USN-6799-1; the recommended action is to apply the necessary updates.