CVE-2025-66221

Name of the Vulnerable Software and Affected Versions Werkzeug versions prior to 3.1.4

Description The safe join function in Werkzeug versions prior to 3.1.4 improperly handles path segments containing Windows device names. On Windows systems, special device names like CON and AUX are present in every directory. The send from directory function utilizes safe join to serve files from user-specified paths. When a request path includes a Windows device name, file opening succeeds, but reading the file will cause the application to hang indefinitely. This occurs because the operating system attempts to access a device rather than a regular file.

Recommendations Update to Werkzeug version 3.1.4 or later.