Logo
Submit a FixGo To App

AIKIDO-2024-10410

Werkzeug is vulnerable to Inadequate Encryption Strength

25

Low

Werkzeug python

AIKIDO-2024-10410: Werkzeug is vulnerable to Inadequate Encryption Strength in versions 0.13 - 3.0.6.

Inadequate Encryption Strength
Vuln in 0.13 - 3.0.6
Fixed in 3.1.0
No CVE available
TL;DR

Affected versions of the package are vulnerable to inadequate encryption strength. The default number of pbkdf2 iterations might not be sufficient for faster computers nowadays.

Who does this affect?

You're affected if you are using a version which is within vulnerability ranges.

How can it be fixed?

Upgrade Werkzeug library to patch version.

Background info

Link to vendor website

Don’t be left in the dark

With in-house intel and access to top vulnerability databases, see it all with Aikido.

cta graphic
Get Secure
Logo
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US