Wind River Support Network

HomeDefectsLIN1021-3633
Not to be fixed

LIN1021-3633 : Security Advisory - python-werkzeug - CVE-2022-29361

Created: May 26, 2022    Updated: Aug 2, 2022
Resolved Date: Aug 2, 2022
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

Improper parsing of HTTP requests in Pallets Werkzeug v2.1.0 and below allows attackers to perform HTTP Request Smuggling using a crafted HTTP request with multiple requests included inside the body.

CREATE(Triage):(User=admin) CVE-2022-29361 (https://nvd.nist.gov/vuln/detail/CVE-2022-29361)
Live chat
Online