Ubuntu Security Update USN-4655-1: Werkzeug vulnerabilities

LinuxBot

Member
Joined
Apr 25, 2017
Messages
6,790
Reaction score
94
Credits
-1,257
It was discovered that Werkzeug has insufficient debugger PIN randomness. An attacker could use this issue to access sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-14806) It was discovered that Werkzeug incorrectly handled certain URLs. An attacker could possibly use this issue to cause pishing attacks. This issue only affected Ubuntu 16.04 LTS. (CVE-2020-28724)

Continue reading...
 


Follow Linux.org

Staff online


Latest posts

Top