Software catalogue for The Pallets Projects

Flask flask-sqlalchemy Jinja

Werkzeug

Latest security bulletins

Secuity bulletin	Severity	Status	Published
SB2026010911: Improper Handling of Windows Device Names in Werkzeug	Medium	Patched	09.01.2026
SB2025120137: Improper Handling of Windows Device Names in Werkzeug	Medium	Patched	01.12.2025
SB2025051380: Incorrect usage of signing key in Flask	Low	Patched	13.05.2025
SB2025030628: Code execution in Jinja	Low	Patched	06.03.2025
SB2024122789: Multiple vulnerabilities in Jinja	Low	Patched	27.12.2024
SB2024103173: Multiple vulnerabilities in Werkzeug	Medium	Patched	31.10.2024
SB2024052067: XSS in Jinja	Medium	Patched	20.05.2024
SB2024050606: Remote code execution in Werkzeug	Medium	Patched	06.05.2024
SB2024011508: Cross-site scripting in Jinja	Medium	Patched	15.01.2024
SB2023103003: Denial of service in Werkzeug	Medium	Patched	30.10.2023