Skip to main content

Werkzeug CVE-2023-23934

LOW
Improper Input Validation (CWE-20)
2023-02-14 security-advisories@github.com
3.5
CVSS 3.1 · NVD

Severity by source

NVD PRIMARY
3.5 LOW
AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
None

Lifecycle Timeline

1
CVE Published
Feb 14, 2023 - 20:15 nvd
LOW 3.5

Blast Radius

ecosystem impact
† from your stack dependencies † transitive graph · vuln.today resolves 4-path depth
  • 247 pypi packages depend on werkzeug (109 direct, 143 indirect)

Ecosystem-wide dependent count for version 2.2.3.

DescriptionNVD

Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like =value instead of key=value. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like =__Host-test=bad for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie =__Host-test=bad as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3.

AnalysisAI

Werkzeug is a comprehensive WSGI web application library. Rated low severity (CVSS 3.5), this vulnerability is no authentication required, low attack complexity.

Technical ContextAI

This vulnerability is classified under CWE-20. Werkzeug is a comprehensive WSGI web application library. Browsers may allow "nameless" cookies that look like =value instead of key=value. A vulnerable browser may allow a compromised application on an adjacent subdomain to exploit this to set a cookie like =__Host-test=bad for another subdomain. Werkzeug prior to 2.2.3 will parse the cookie =__Host-test=bad as __Host-test=bad`. If a Werkzeug application is running next to a vulnerable or malicious subdomain which sets such a cookie using a vulnerable browser, the Werkzeug application will see the bad cookie value but the valid cookie key. The issue is fixed in Werkzeug 2.2.3. Affected products include: Palletsprojects Werkzeug. Version information: prior to 2.2.3.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2024-34069 HIGH POC
7.5 May 06

Werkzeug is a comprehensive WSGI web application library. Rated high severity (CVSS 7.5), this vulnerability is remotely

CVE-2019-14322 HIGH POC
7.5 Jul 28

In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. Rated

CVE-2020-28724 MEDIUM POC
6.1 Nov 18

Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL. Rated medium severity (CVSS 6.1), t

CVE-2022-29361 CRITICAL
9.8 May 25

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smugglin

CVE-2023-46136 HIGH
8.0 Oct 25

Werkzeug is a comprehensive WSGI web application library. Rated high severity (CVSS 8.0), this vulnerability is low atta

CVE-2023-25577 HIGH
7.5 Feb 14

Werkzeug is a comprehensive WSGI web application library. Rated high severity (CVSS 7.5), this vulnerability is remotely

CVE-2019-14806 HIGH
7.5 Aug 09

Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker container

CVE-2025-66221 MEDIUM
6.3 Nov 29

Werkzeug is a comprehensive WSGI web application library. Rated medium severity (CVSS 6.3), this vulnerability is remote

CVE-2024-49766 MEDIUM
6.3 Oct 25

Werkzeug is a Web Server Gateway Interface web application library. Rated medium severity (CVSS 6.3), this vulnerability

CVE-2016-10516 MEDIUM
6.1 Oct 23

Cross-site scripting (XSS) vulnerability in the render_full function in debug/tbtools.py in the debugger in Pallets Werk

CVE-2026-27199 MEDIUM
5.3 Feb 21

Werkzeug versions 3.1.5 and below on Windows fail to properly filter reserved device names in the safe_join function whe

CVE-2026-21860 MEDIUM
5.3 Jan 08

Werkzeug versions prior to 3.1.5 fail to properly validate Windows reserved device names in the safe_join function, allo

Share

CVE-2023-23934 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy