Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2019-14322 - Vulnerability Database

Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability - CVE-2019-14322

High
Reference: CVE-2019-14322
Title: Werkzeug WSGI Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Overview:

In Pallets Werkzeug before 0.15.5 SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.