cbcvebase.
CVE-2023-46136
published 2023-10-25

CVE-2023-46136: Werkzeug is a comprehensive WSGI web application library. In versions on the 3.x branch prior to 3.0.1 and on the 2.x branch prior to 2.3.8, if an upload of a…

PriorityP340high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.07%
60.7th percentile
Werkzeug is a comprehensive WSGI web application library. In versions on the 3.x branch prior to 3.0.1 and on the 2.x branch prior to 2.3.8, if an upload of a file that starts with CR or LF and then is followed by megabytes of data without these characters: all of these bytes are appended chunk by chunk into internal bytearray and lookup for boundary is performed on growing buffer. This allows an attacker to cause a denial of service by sending crafted multipart data to an endpoint that will parse it. The amount of CPU time required can block worker processes from handling legitimate requests. This vulnerability has been patched in version 3.0.1 and 2.3.8.

Affected

14 ranges
VendorProductVersion rangeFixed in
debianpython-werkzeug< python-werkzeug 2.2.2-3+deb12u1 (bookworm)python-werkzeug 2.2.2-3+deb12u1 (bookworm)
msrcazl3_python-werkzeug_2.2.3-1_on_azure_linux_3.0
msrcazl3_python-werkzeug_3.0.1-1_on_azure_linux_3.0
msrcazure_linux_3.0_arm
msrcazure_linux_3.0_x64
msrccbl2_python-werkzeug_2.3.7-1_on_cbl_mariner_2.0
msrccbl_mariner_2.0_arm
msrccbl_mariner_2.0_x64
palletswerkzeug
palletswerkzeug
palletsprojectswerkzeug< 2.3.82.3.8
palletsprojectswerkzeug
palletsprojectswerkzeug>= 0 < 2.3.82.3.8
palletsprojectswerkzeug>= 3.0.0 < 3.0.13.0.1

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH
vendor_debian8.0HIGH
vendor_msrc8.0HIGH
vendor_redhat8.0HIGH
vendor_oracle7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.