CVE-2024-49766

Werkzeug is a Web Server Gateway Interface web application library. On Python < 3.11 on Windows, os.path.isabs() does not catch UNC paths like //server/share. Werkzeug's safe_join() relies on this check, and so can produce a path that is not safe, potentially allowing unintended access to data. Applications using Python >= 3.11, or not using Windows, are not vulnerable. Werkzeug version 3.0.6 contains a patch.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092	Patch
https://github.com/pallets/werkzeug/releases/tag/3.0.6	Release Notes
https://github.com/pallets/werkzeug/security/advisories/GHSA-f9vj-2wh5-fj8j	Vendor Advisory
https://security.netapp.com/advisory/ntap-20250131-0005/	Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:palletsprojects:werkzeug:*:*:*:*:*:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

03 Dec 2025, 15:29

Type	Values Removed	Values Added
References	~~() https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092 -~~	() https://github.com/pallets/werkzeug/commit/2767bcb10a7dd1c297d812cc5e6d11a474c1f092 - Patch
References	~~() https://github.com/pallets/werkzeug/releases/tag/3.0.6 -~~	() https://github.com/pallets/werkzeug/releases/tag/3.0.6 - Release Notes
References	~~() https://github.com/pallets/werkzeug/security/advisories/GHSA-f9vj-2wh5-fj8j -~~	() https://github.com/pallets/werkzeug/security/advisories/GHSA-f9vj-2wh5-fj8j - Vendor Advisory
References	~~() https://security.netapp.com/advisory/ntap-20250131-0005/ -~~	() https://security.netapp.com/advisory/ntap-20250131-0005/ - Third Party Advisory
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 5.3
CPE		cpe:2.3:o:microsoft:windows:-:::::::* cpe:2.3:a:palletsprojects:werkzeug::::::::
First Time		Palletsprojects werkzeug Palletsprojects Microsoft Microsoft windows

31 Jan 2025, 15:15

Type	Values Removed	Values Added
References		() https://security.netapp.com/advisory/ntap-20250131-0005/ -

28 Oct 2024, 13:58

Type	Values Removed	Values Added
Summary		(es) Werkzeug es una librería de aplicaciones web de interfaz de puerta de enlace de servidor web. En Python anterior a la 3.11 en Windows, os.path.isabs() no detecta rutas UNC como //server/share. safe_join() de Werkzeug depende de esta comprobación y, por lo tanto, puede generar una ruta que no sea segura, lo que potencialmente permite un acceso no deseado a los datos. Las aplicaciones que usan Python anterior a la 3.11 o que no usan Windows no son vulnerables. La versión 3.0.6 de Werkzeug contiene un parche.

25 Oct 2024, 20:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-25 20:15

Updated : 2025-12-03 15:29

NVD link : CVE-2024-49766

Mitre link : CVE-2024-49766

CVE.ORG link : CVE-2024-49766

JSON object : View

Products Affected

palletsprojects

werkzeug

microsoft

windows

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

5.3 /10