CVE-2016-10516 Ubuntu Security Notification for Python-werkzeug Vulnerability (USN-3463-1)

漏洞类别:Ubuntu

漏洞等级:

漏洞信息

It was discovered that Werkzeug did not properly handle certain web scripts.

漏洞危害

A remote attacker could use this to inject arbitrary code via a field that contains an exception message.

解决方案

Refer to Ubuntu advisory USN-3463-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3463-1: 14.04 (Kylin) on src (python-werkzeug)

USN-3463-1: 16.04 (Xenial) on src (python-werkzeug)

USN-3463-1: 16.04 (Xenial) on src (python3-werkzeug)

USN-3463-1: 14.04 (Kylin) on src (python3-werkzeug)

Leave a Reply