vulnerability

SUSE: CVE-2019-14806: SUSE Linux Security Advisory

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:N/A:N)

Published

Aug 9, 2019

Added

Sep 11, 2019

Modified

May 11, 2021

Description

Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.

suse-upgrade-python-werkzeug-docsuse-upgrade-python2-werkzeugsuse-upgrade-python3-werkzeug

Rapid7 Labs

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.