Skip to main content

Werkzeug CVE-2022-29361

CRITICAL
HTTP Request/Response Smuggling (CWE-444)
2022-05-25 cve@mitre.org
9.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
9.8 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
May 25, 2022 - 01:15 nvd
CRITICAL 9.8

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 12 pypi packages depend on werkzeug (12 direct, 0 indirect)

Ecosystem-wide dependent count for version 2.1.1.

DescriptionNVD

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project

AnalysisAI

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Technical ContextAI

This vulnerability is classified as HTTP Request/Response Smuggling (CWE-444), which allows attackers to manipulate HTTP request interpretation between frontend and backend servers. Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body. NOTE: the vendor's position is that this behavior can only occur in unsupported configurations involving development mode and an HTTP server from outside the Werkzeug project Affected products include: Palletsprojects Werkzeug.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Enforce strict HTTP parsing, normalize requests at proxy layer, use HTTP/2 end-to-end, reject ambiguous headers.

CVE-2024-34069 HIGH POC
7.5 May 06

Werkzeug is a comprehensive WSGI web application library. Rated high severity (CVSS 7.5), this vulnerability is remotely

CVE-2019-14322 HIGH POC
7.5 Jul 28

In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. Rated

CVE-2020-28724 MEDIUM POC
6.1 Nov 18

Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL. Rated medium severity (CVSS 6.1), t

CVE-2023-46136 HIGH
8.0 Oct 25

Werkzeug is a comprehensive WSGI web application library. Rated high severity (CVSS 8.0), this vulnerability is low atta

CVE-2023-25577 HIGH
7.5 Feb 14

Werkzeug is a comprehensive WSGI web application library. Rated high severity (CVSS 7.5), this vulnerability is remotely

CVE-2019-14806 HIGH
7.5 Aug 09

Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker container

CVE-2025-66221 MEDIUM
6.3 Nov 29

Werkzeug is a comprehensive WSGI web application library. Rated medium severity (CVSS 6.3), this vulnerability is remote

CVE-2024-49766 MEDIUM
6.3 Oct 25

Werkzeug is a Web Server Gateway Interface web application library. Rated medium severity (CVSS 6.3), this vulnerability

CVE-2016-10516 MEDIUM
6.1 Oct 23

Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werk

CVE-2026-27199 MEDIUM
5.3 Feb 21

Werkzeug versions 3.1.5 and below on Windows fail to properly filter reserved device names in the safe_join function whe

CVE-2026-21860 MEDIUM
5.3 Jan 08

Werkzeug versions prior to 3.1.5 fail to properly validate Windows reserved device names in the safe_join function, allo

CVE-2023-23934 LOW
3.5 Feb 14

Werkzeug is a comprehensive WSGI web application library. Rated low severity (CVSS 3.5), this vulnerability is no authen

Share

CVE-2022-29361 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy