Description
Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safe_join accepts paths with multiple segments, such as example/NUL. The function send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely. This issue has been fixed in version 3.1.6.
Published: 2026-02-21
Score: 6.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service
Action: Apply Patch
AI Analysis

Impact

Werkzeug’s safe_join function was designed to prevent directory traversal by sanitizing file paths. In versions up to 3.1.5, the function fails to block Windows device names when the path contains multiple segments, such as example/NUL. When a user requests such a path through the send_from_directory helper, the function opens the special device file successfully, but attempts to read from it hang indefinitely. The hanging operation consumes server resources and blocks the request, resulting in a denial‑of‑service condition for the affected application. No information is provided about data exfiltration or code execution, so the primary consequence is a service outage.

Affected Systems

The vulnerability affects the Werkzeug library, managed by the pallets project. Versions 3.1.5 and earlier are impacted; the issue is fixed in 3.1.6. Applications running on Windows that use Werkzeug’s send_from_directory to serve user‑specified file paths are potentially exposed.

Risk and Exploitability

The CVSS score of 6.3 indicates a moderate severity. The EPSS score of < 1% suggests a very low likelihood of exploitation at present, and the vulnerability is not listed in the CISA KEV catalog. The exploit requires that the attacker can issue a request to a Werkzeug application running on Windows and that the application uses send_from_directory to serve files. The attack vector is therefore inferred to be remote, over a network or HTTP interface, allowing an adversary to trigger the hang by providing a path ending with a Windows device name such as NUL. Successful exploitation leads to a DoS of the application for the target user, but does not compromise confidentiality or integrity.

Generated by OpenCVE AI on April 17, 2026 at 16:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Werkzeug to version 3.1.6 or later.
  • If an immediate upgrade is not possible, modify the file‑serving logic to reject paths that end with Windows device names (e.g., NUL, COM1–COM9, LPT1–LPT9) before calling safe_join.
  • Alternatively, avoid using send_from_directory on Windows or replace it with a custom handler that performs explicit path validation and does not rely on safe_join.

Generated by OpenCVE AI on April 17, 2026 at 16:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Github GHSA Github GHSA GHSA-29vq-49wr-vm6x Werkzeug safe_join() allows Windows special device names
History

Tue, 03 Mar 2026 17:45:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:palletsprojects:werkzeug:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}

Wed, 25 Feb 2026 13:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 23 Feb 2026 15:00:00 +0000

Type Values Removed Values Added
First Time appeared Palletsprojects
Palletsprojects werkzeug
Vendors & Products Palletsprojects
Palletsprojects werkzeug

Sat, 21 Feb 2026 05:30:00 +0000

Type Values Removed Values Added
Description Werkzeug is a comprehensive WSGI web application library. Versions 3.1.5 and below, the safe_join function allows Windows device names as filenames if preceded by other path segments. This was previously reported as GHSA-hgf8-39gv-g3f2, but the added filtering failed to account for the fact that safe_join accepts paths with multiple segments, such as example/NUL. The function send_from_directory uses safe_join to safely serve files at user-specified paths under a directory. If the application is running on Windows, and the requested path ends with a special device name, the file will be opened successfully, but reading will hang indefinitely. This issue has been fixed in version 3.1.6.
Title Werkzeug safe_join() allows Windows special device names
Weaknesses CWE-67
References
Metrics cvssV4_0

{'score': 6.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Palletsprojects Werkzeug
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-24T19:02:19.689Z

Reserved: 2026-02-18T19:47:02.155Z

Link: CVE-2026-27199

cve-icon Vulnrichment

Updated: 2026-02-24T19:02:13.076Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-21T06:17:00.710

Modified: 2026-03-03T17:30:17.783

Link: CVE-2026-27199

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-17T17:00:10Z

Weaknesses