In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. References https://nvd.nist.gov/vuln/detail/CVE-2019-14322 https://palletsprojects.com/blog/werkzeug-0-15-5-released/ http://packetstormsecurity.com/files/163398/Pallets-Werkzeug-0.15.4-Path-Traversal.html https://github.com/advisories/GHSA-j544-7q9p-6xp8
