CVE-2024-34069

一、漏洞信息
漏洞编号：CVE-2024-34069
漏洞归属组件：python-werkzeug
漏洞归属的版本：0.14.1,1.0.1,2.0.3,2.2.3,3.1.3
CVSS V3.0分值：
BaseScore：7.5 High
Vector：CVSS：3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
漏洞简述：
Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer s machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer s application that will trigger the debugger. This vulnerability is fixed in 3.0.3.
漏洞公开时间：2024-05-06 23:15:23
漏洞创建时间：2024-05-06 15:21:18
漏洞详情参考链接：
https://nvd.nist.gov/vuln/detail/CVE-2024-34069

更多参考(点击展开)

参考来源	参考链接	来源链接
security-advisories.github.com	https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692
security-advisories.github.com	https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985
security-advisories.github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/H4SH32AM3CTPMAAEOIDAN7VU565LO4IR/
security-advisories.github.com	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HFERFN7PINV4MOGMGA3DPIXJPDCYOEJZ/
security-advisories.github.com	https://security.netapp.com/advisory/ntap-20240614-0004/
suse_bugzilla	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-34069	https://bugzilla.suse.com/show_bug.cgi?id=1223979
suse_bugzilla	https://www.cve.org/CVERecord?id=CVE-2024-34069	https://bugzilla.suse.com/show_bug.cgi?id=1223979
suse_bugzilla	https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692	https://bugzilla.suse.com/show_bug.cgi?id=1223979
suse_bugzilla	https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985	https://bugzilla.suse.com/show_bug.cgi?id=1223979
redhat_bugzilla	https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692	https://bugzilla.redhat.com/show_bug.cgi?id=2279451
redhat_bugzilla	https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985	https://bugzilla.redhat.com/show_bug.cgi?id=2279451
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:5107	https://bugzilla.redhat.com/show_bug.cgi?id=2279451
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:5810	https://bugzilla.redhat.com/show_bug.cgi?id=2279451
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:6016	https://bugzilla.redhat.com/show_bug.cgi?id=2279451
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:9975	https://bugzilla.redhat.com/show_bug.cgi?id=2279451
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:9976	https://bugzilla.redhat.com/show_bug.cgi?id=2279451
redhat_bugzilla	https://access.redhat.com/errata/RHSA-2024:10696	https://bugzilla.redhat.com/show_bug.cgi?id=2279451
ubuntu	https://www.cve.org/CVERecord?id=CVE-2024-34069	https://ubuntu.com/security/CVE-2024-34069
ubuntu	https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985	https://ubuntu.com/security/CVE-2024-34069
ubuntu	https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692	https://ubuntu.com/security/CVE-2024-34069
ubuntu	https://ubuntu.com/security/notices/USN-6799-1	https://ubuntu.com/security/CVE-2024-34069
ubuntu	https://nvd.nist.gov/vuln/detail/CVE-2024-34069	https://ubuntu.com/security/CVE-2024-34069
ubuntu	https://launchpad.net/bugs/cve/CVE-2024-34069	https://ubuntu.com/security/CVE-2024-34069
ubuntu	https://security-tracker.debian.org/tracker/CVE-2024-34069	https://ubuntu.com/security/CVE-2024-34069
debian		https://security-tracker.debian.org/tracker/CVE-2024-34069
oracle		https://www.oracle.com/security-alerts/cpujul2024.html
anolis		https://anas.openanolis.cn/cves/detail/CVE-2024-34069
cve_search		https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985
cve_search		https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692
github_advisory	https://nvd.nist.gov/vuln/detail/CVE-2024-34069	https://github.com/advisories/GHSA-2g68-c3qc-8985
github_advisory	https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985	https://github.com/advisories/GHSA-2g68-c3qc-8985
github_advisory	https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692	https://github.com/advisories/GHSA-2g68-c3qc-8985
mageia		http://advisories.mageia.org/MGASA-2024-0234.html
amazon_linux_explore	https://access.redhat.com/security/cve/CVE-2024-34069	https://explore.alas.aws.amazon.com/CVE-2024-34069.html
amazon_linux_explore	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-34069	https://explore.alas.aws.amazon.com/CVE-2024-34069.html
snyk	https://github.com/pallets/werkzeug/commit/71b69dfb7df3d912e66bab87fbb1f21f83504967	https://security.snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
snyk	https://github.com/pallets/werkzeug/releases/tag/3.0.3	https://security.snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933

漏洞分析指导链接：
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
漏洞数据来源:
openBrain开源漏洞感知系统
漏洞补丁信息：

详情(点击展开)

影响的包	修复版本	修复补丁	问题引入补丁	来源
		https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692		security-advisories.github.com
		https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692		suse_bugzilla
		https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692		redhat_bugzilla
		https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692		ubuntu
		https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692		github_advisory
		https://github.com/pallets/werkzeug/commit/71b69dfb7df3d912e66bab87fbb1f21f83504967		snyk
		https://github.com/pallets/werkzeug/commit/71b69dfb7df3d912e66bab87fbb1f21f83504967		debian
		https://github.com/pallets/werkzeug/commit/890b6b62634fa61224222aee31081c61b054ff01		debian

二、漏洞分析结构反馈
影响性分析说明：
Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer s machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer s application that will trigger the debugger. This vulnerability is fixed in 3.0.3.
openEuler评分：
7.5
Vector：CVSS：3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
受影响版本排查(受影响/不受影响)：
1.master(3.1.3):受影响
2.openEuler-20.03-LTS-SP4(1.0.1):受影响
3.openEuler-22.03-LTS-SP3(2.0.3):受影响
4.openEuler-22.03-LTS-SP4(2.0.3):受影响
5.openEuler-24.03-LTS(2.2.3):受影响
6.openEuler-24.03-LTS-Next(2.2.3):受影响
7.openEuler-24.03-LTS-SP1(2.2.3):不受影响

修复是否涉及abi变化(是/否)：
1.master(3.1.3):否
2.openEuler-20.03-LTS-SP4(1.0.1):否
3.openEuler-22.03-LTS-SP3(2.0.3):否
4.openEuler-22.03-LTS-SP4(2.0.3):否
5.openEuler-24.03-LTS(2.2.3):否
6.openEuler-24.03-LTS-Next(2.2.3):否
7.openEuler-24.03-LTS-SP1(2.2.3):否

原因说明：
1.master(3.1.3):正常修复
2.openEuler-24.03-LTS(2.2.3):正常修复
3.openEuler-24.03-LTS-Next(2.2.3):正常修复
4.openEuler-20.03-LTS-SP4(1.0.1):暂不修复-待升级版本修复
5.openEuler-22.03-LTS-SP3(2.0.3):暂不修复-待升级版本修复
6.openEuler-22.03-LTS-SP4(2.0.3):暂不修复-待升级版本修复
7.openEuler-24.03-LTS-SP1(2.2.3):不受影响-漏洞代码不能被攻击者触发

@algorithmofdish ,@Charlie_li ,@caodongxia ,@lyn1001 ,@Lostwayzxc
issue处理注意事项:
1. 当前issue受影响的分支提交pr时, 须在pr描述中填写当前issue编号进行关联, 否则无法关闭当前issue;
2. 模板内容需要填写完整, 无论是受影响或者不受影响都需要填写完整内容,未引入的分支不需要填写, 否则无法关闭当前issue;
3. 以下为模板中需要填写完整的内容, 请复制到评论区回复, 注: 内容的标题名称(影响性分析说明, openEuler评分, 受影响版本排查(受影响/不受影响), 修复是否涉及abi变化(是/否))不能省略,省略后cve-manager将无法正常解析填写内容.

影响性分析说明:

openEuler评分: (评分和向量)

受影响版本排查(受影响/不受影响):
1.master(2.2.3):
2.openEuler-20.03-LTS-SP1(1.0.1):
3.openEuler-20.03-LTS-SP4(1.0.1):
4.openEuler-22.03-LTS(1.0.1):
5.openEuler-22.03-LTS-Next(2.0.3):
6.openEuler-22.03-LTS-SP1(2.0.3):
7.openEuler-22.03-LTS-SP2(2.0.3):
8.openEuler-22.03-LTS-SP3(2.0.3):
9.openEuler-24.03-LTS:
10.openEuler-24.03-LTS-Next:

修复是否涉及abi变化(是/否)：
1.master(2.2.3):
2.openEuler-20.03-LTS-SP1(1.0.1):
3.openEuler-20.03-LTS-SP4(1.0.1):
4.openEuler-22.03-LTS(1.0.1):
5.openEuler-22.03-LTS-Next(2.0.3):
6.openEuler-22.03-LTS-SP1(2.0.3):
7.openEuler-22.03-LTS-SP2(2.0.3):
8.openEuler-22.03-LTS-SP3(2.0.3):
9.openEuler-24.03-LTS:
10.openEuler-24.03-LTS-Next:

issue处理具体操作请参考:
https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
pr关联issue具体操作请参考:
https://gitee.com/help/articles/4142

Hi openeuler-ci-bot, welcome to the openEuler Community.
I'm the Bot here serving you. You can find the instructions on how to interact with me at Here.
If you have any questions, please contact the SIG: Programming-language, and any of the maintainers: @algorithmofdish , @Charlie_li , @caodongxia , @lyn1001 , @Lostwayzxc

参考网址	关联pr	状态	补丁链接
https://nvd.nist.gov/vuln/detail/CVE-2024-34069	None	None	https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692
https://ubuntu.com/security/CVE-2024-34069
https://www.opencve.io/cve/CVE-2024-34069	None	None	https://github.com/pallets/werkzeug/commit/3386395b24c7371db11a5b8eaac0c91da5362692
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2024-34069
https://security-tracker.debian.org/tracker/CVE-2024-34069

说明：补丁链接仅供初步排查参考，实际可用性请人工再次确认，补丁下载验证可使用CVE补丁工具。
若补丁不准确，烦请在此issue下评论 '/report-patch 参考网址补丁链接1,补丁链接2' 反馈正确信息，便于我们不断优化工具，不胜感激。
如 /report-patch https://security-tracker.debian.org/tracker/CVE-2021-3997 https://github.com/systemd/systemd/commit/5b1cf7a9be37e20133c0208005274ce4a5b5c6a1

@openeuler-sync-bot 请确认分支: master,openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP4,openEuler-22.03-LTS,openEuler-22.03-LTS-Next,openEuler-22.03-LTS-SP1,openEuler-22.03-LTS-SP2,openEuler-22.03-LTS-SP3,openEuler-24.03-LTS,openEuler-24.03-LTS-Next 受影响/不受影响.
请确认分支信息是否填写完整,否则将无法关闭当前issue.

/reason 该漏洞影响Werkzeug < 3.0.3版本，并在3.0.3版本修复此漏洞。当前社区20.03及22.03分支版本均受此漏洞影响，但上游社区未提供低版本适配补丁，无法回合高版本补丁修复。尝试升级到3.0.3版本解决，升级后成功后验证上层依赖python-connexion依赖版本不满足而编译失败，同步升级python-connexion后需引入python-starlette解决依赖，受依赖包阻塞无法升级解决，暂时挂起，后续跟进修复。

issue状态	操作者	原因
已挂起	starlet-dx	该漏洞影响Werkzeug < 3.0.3版本，并在3.0.3版本修复此漏洞。当前社区20.03及22.03分支版本均受此漏洞影响，但上游社区未提供低版本适配补丁，无法回合高版本补丁修复。尝试升级到3.0.3版本解决，升级后成功后验证上层依赖python-connexion依赖版本不满足而编译失败，同步升级python-connexion后需引入python-starlette解决依赖，受依赖包阻塞无法升级解决，暂时挂起，后续跟进修复。

issue状态	操作者	原因
已挂起	wk333	该漏洞影响Werkzeug < 3.0.3版本，并在3.0.3版本修复此漏洞。当前社区20.03及22.03分支版本均受此漏洞影响，但上游社区未提供低版本适配补丁，无法回合高版本补丁修复。尝试升级到3.0.3版本解决，升级后成功后验证上层依赖python-connexion依赖版本不满足而编译失败，同步升级python-connexion后需引入python-starlette解决依赖，受依赖包阻塞无法升级解决，暂时挂起，后续跟进修复。

影响性分析说明：
Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3.

openEuler评分：
7.5
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

受影响版本排查(受影响/不受影响)：
1.master: 受影响
2.openEuler-20.03-LTS-SP4: 受影响
3.openEuler-22.03-LTS-SP3: 受影响
4.openEuler-22.03-LTS-SP4: 受影响
5.openEuler-24.03-LTS: 受影响
6.openEuler-24.03-LTS-Next: 受影响
7.openEuler-24.03-LTS-SP1: 不受影响

修复是否涉及abi变化(是/否)：
1.master: 否
2.openEuler-20.03-LTS-SP4: 否
3.openEuler-22.03-LTS-SP3: 否
4.openEuler-22.03-LTS-SP4: 否
5.openEuler-24.03-LTS: 否
6.openEuler-24.03-LTS-Next: 否
7.openEuler-24.03-LTS-SP1: 否

原因说明：
1.master: 正常修复
2.openEuler-20.03-LTS-SP4: 暂不修复-待升级版本修复
3.openEuler-22.03-LTS-SP3: 暂不修复-待升级版本修复
4.openEuler-22.03-LTS-SP4: 暂不修复-待升级版本修复
5.openEuler-24.03-LTS: 正常修复
6.openEuler-24.03-LTS-Next: 正常修复
7.openEuler-24.03-LTS-SP1: 不受影响-漏洞代码不能被攻击者触发

@Charlie_li 经过 cve-manager 解析, 已分析的内容如下表所示:

状态	分析项目	内容
已分析	1.影响性分析说明	Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain they control, and enter the debugger PIN, but if they are successful it allows access to the debugger even if it is only running on localhost. This also requires the attacker to guess a URL in the developer's application that will trigger the debugger. This vulnerability is fixed in 3.0.3.
已分析	2.openEulerScore	7.5
已分析	3.openEulerVector	AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
已分析	4.受影响版本排查	master:受影响,openEuler-20.03-LTS-SP4:受影响,openEuler-22.03-LTS-SP3:受影响,openEuler-22.03-LTS-SP4:受影响,openEuler-24.03-LTS:受影响,openEuler-24.03-LTS-Next:受影响,openEuler-24.03-LTS-SP1:不受影响
已分析	5.是否涉及abi变化	master:否,openEuler-20.03-LTS-SP4:否,openEuler-22.03-LTS-SP3:否,openEuler-22.03-LTS-SP4:否,openEuler-24.03-LTS:否,openEuler-24.03-LTS-Next:否,openEuler-24.03-LTS-SP1:否
已分析	6.原因说明	master:正常修复,openEuler-24.03-LTS:正常修复,openEuler-24.03-LTS-Next:正常修复,openEuler-20.03-LTS-SP4:暂不修复-待升级版本修复,openEuler-22.03-LTS-SP3:暂不修复-待升级版本修复,openEuler-22.03-LTS-SP4:暂不修复-待升级版本修复,openEuler-24.03-LTS-SP1:不受影响-漏洞代码不能被攻击者触发

请确认分析内容的准确性, 确认无误后, 您可以进行后续步骤, 否则您可以继续分析.

src-openEuler/python-werkzeug

内容风险标识

评论 (10)

src-openEuler/python-werkzeug .gitee-modal { width: 500px !important; }

内容风险标识

CVE-2024-34069

评论 (10)

搜索帮助

src-openEuler/python-werkzeug