Vulnerability in N/a
CVE-2019-14322
In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.
EPSS: 0.901 (99.6th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- palletsprojects.com/blog/werkzeug-0-15-5-released/ (x_refsource_MISC)
- packetstormsecurity.com/files/163398/Pallets-Werkzeug-0.15.4-Path-Traversal.html (x_refsource_MISC)
Frequently asked questions
- What is CVE-2019-14322?
- CVE-2019-14322 is a vulnerability in N/a. Published 2019-07-28.
- Is CVE-2019-14322 known to be exploited?
- 17 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.