Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Server Component

Werkzeug WSGI

Werkzeug is a comprehensive WSGI web application library.

Official Site:

https://palletsprojects.com/p/werkzeug/

Severity Summary:

Critical: 1 High: 6 Medium: 6 Low: 1
Reference
Title
Severity
CVE-2022-29361
Werkzeug WSGI Inconsistent Interpretation of HTTP Requests (HTTP Request/Response Smuggling) Vulnerability
Critical
CVE-2019-14806
Werkzeug WSGI Insufficient Entropy Vulnerability
High
CVE-2019-14322
Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
High
CVE-2023-25577
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability
High
CVE-2023-46136
Werkzeug WSGI Out-of-bounds Write Vulnerability
High
CVE-2024-49767
Werkzeug WSGI Allocation of Resources Without Limits or Throttling Vulnerability
High
CVE-2024-34069
Werkzeug WSGI Cross-Site Request Forgery (CSRF) Vulnerability
High
CVE-2016-10516
Werkzeug WSGI Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2020-28724
Werkzeug WSGI URL Redirection to Untrusted Site (Open Redirect) Vulnerability
Medium
CVE-2025-66221
Werkzeug WSGI Improper Handling of Windows Device Names Vulnerability
Medium
CVE-2024-49766
Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2026-21860
Werkzeug WSGI Improper Handling of Windows Device Names Vulnerability
Medium
CVE-2026-27199
Werkzeug WSGI Improper Handling of Windows Device Names Vulnerability
Medium
CVE-2023-23934
Werkzeug WSGI Vulnerability
Low