JVN iPedia http://jvndb.jvn.jp Advisory JVNDB-2025-020967 Pallets project の Werkzeug には、Windows デバイス名の処理に関する脆弱性が存在します。 cpe:/a:palletsprojects:werkzeug https://jvndb.jvn.jp/ja/contents/2025/JVNDB-2025-020967.html Common Vulnerabilities and Exposures (CVE) CVE-2025-66221 https://www.cve.org/CVERecord?id=CVE-2025-66221 National Vulnerability Database (NVD) CVE-2025-66221 https://nvd.nist.gov/vuln/detail/CVE-2025-66221 JVNDB CWE-67 https://cwe.mitre.org/data/definitions/67.html 関連文書 github.com (4b833376a45c323a189cd11d2362bcffdb1c0c13) https://github.com/pallets/werkzeug/commit/4b833376a45c323a189cd11d2362bcffdb1c0c13 関連文書 github.com (3.1.4) https://github.com/pallets/werkzeug/releases/tag/3.1.4 関連文書 github.com (GHSA-hgf8-39gv-g3f2) https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2 2025-12-05T11:38:17+09:00 2025-12-05T11:38:17+09:00