Description
Pallets Werkzeug before 0.15.3, when used with Docker, has insufficient debugger PIN randomness because Docker containers share the same machine id.
Scores
CVSS v3
7.5
EPSS
0.0026
EPSS Percentile
49.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-331
Status
published
Products (4)
opensuse/leap
15.0
opensuse/leap
15.1
palletsprojects/werkzeug
< 0.15.3
pypi/werkzeug
0 - 0.15.3PyPI
Published
Aug 09, 2019
Tracked Since
Feb 18, 2026