USN-7093-1: Werkzeug vulnerability
5 November 2024
Werkzeug could be made to consume resources if it received specially crafted network traffic.
Releases
Packages
- python-werkzeug - collection of utilities for WSGI applications
Details
It was discovered that Werkzeug incorrectly handled multiple form
submission requests. A remote attacker could possibly use this issue to
cause Werkzeug to consume resources, leading to a denial of service.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 24.10
Ubuntu 24.04
Ubuntu 22.04
In general, a standard system update will make all the necessary changes.