CVE-2019-14806
Description
Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.264
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2019-14806 are fixed in Python-werkzeug 0.15.3 | Windows |
| collection of utilities for WSGI applications (Python 2.x) (USN-4655-1) python-werkzeug_0.10.4+dfsg1-1ubuntu1.2_all.deb | Linux |
| collection of utilities for WSGI applications (Python 2.x) (USN-4655-1) python-werkzeug_0.14.1+dfsg1-1ubuntu0.1_all.deb | Linux |
| collection of utilities for WSGI applications (Python 2.x) (USN-4655-1) python3-werkzeug_0.10.4+dfsg1-1ubuntu1.2_all.deb | Linux |
| collection of utilities for WSGI applications (Python 2.x) (USN-4655-1) python3-werkzeug_0.14.1+dfsg1-1ubuntu0.1_all.deb | Linux |
| Vulnerabilities CVE-2019-14806 are fixed in Python-werkzeug for linux 0.15.3 | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234