Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DSA-2937-1
HistoryMay 27, 2014 - 12:00 a.m.

mod-wsgi - security update

2014-05-2700:00:00
Google
osv.dev
6

0.071 Low

EPSS

Percentile

94.0%

JSON

Two security issues have been found in the Python WSGI adapter module
for Apache:

  • CVE-2014-0240
    Robert Kisteleki discovered a potential privilege escalation in
    daemon mode. This is not exploitable with the kernel used in Debian
    7.0/wheezy.
  • CVE-2014-0242
    Buck Golemon discovered that incorrect memory handling could lead to
    information disclosure when processing Content-Type headers.

For the oldstable distribution (squeeze), these problems have been fixed in
version 3.3-2+deb6u1.

For the stable distribution (wheezy), these problems have been fixed in
version 3.3-4+deb7u1.

For the testing distribution (jessie), these problems have been fixed in
version 3.5-1.

For the unstable distribution (sid), these problems have been fixed in
version 3.5-1.

We recommend that you upgrade your mod-wsgi packages.

CPENameOperatorVersion
mod-wsgieq3.3-4

Related

nessus 19
openvas 14
amazon 2
centos 2
gentoo 1
securityvulns 2
fedora 2
debian 1
redhat 3
ubuntu 1
oraclelinux 2
debiancve 2
nvd 2
cvelist 2
cve 2
veracode 2
ubuntucve 2
prion 2
nessus
nessus
CentOS 6 : mod_wsgi (CESA-2014:0788)
2014-06-26 00:00:00
Scientific Linux Security Update : mod_wsgi on SL6.x i386/srpm/x86_64 (20140625)
2014-06-26 00:00:00
Fedora 20 : mod_wsgi-3.5-1.fc20 (2014-6944)
2014-06-18 00:00:00
openvas
openvas
Oracle: Security Advisory (ELSA-2014-0788)
2015-10-06 00:00:00
Debian: Security Advisory (DSA-2937-1)
2014-05-26 00:00:00
RedHat Update for mod_wsgi RHSA-2014:0788-01
2014-07-01 00:00:00
amazon
amazon
Important: mod24_wsgi
2014-07-09 23:02:00
Important: mod_wsgi
2014-07-09 23:07:00
centos
centos
mod_wsgi security update
2014-06-25 19:01:10
mod_wsgi security update
2014-08-25 12:17:55
gentoo
gentoo
mod_wsgi: Privilege escalation
2014-12-13 00:00:00
securityvulns
securityvulns
mod-wsgi security vulnerabilities
2014-05-29 00:00:00
[SECURITY] [DSA 2937-1] mod-wsgi security update
2014-05-29 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: mod_wsgi-3.5-1.fc20
2014-06-17 23:26:05
[SECURITY] Fedora 19 Update: mod_wsgi-3.5-1.fc19
2014-06-17 23:35:19
debian
debian
[SECURITY] [DSA 2937-1] mod-wsgi security update
2014-05-27 14:35:16
redhat
redhat
(RHSA-2014:0788) Important: mod_wsgi security update
2014-06-25 00:00:00
(RHSA-2014:1091) Important: mod_wsgi security update
2014-08-25 00:00:00
(RHSA-2014:0789) Important: python27-mod_wsgi and python33-mod_wsgi security update
2014-06-25 00:00:00
ubuntu
ubuntu
mod_wsgi vulnerabilities
2014-05-26 00:00:00
oraclelinux
oraclelinux
mod_wsgi security update
2014-06-25 00:00:00
mod_wsgi security update
2014-08-25 00:00:00
debiancve
debiancve
CVE-2014-0240
2014-05-27 15:00:00
CVE-2014-0242
2019-12-09 20:15:09
nvd
nvd
CVE-2014-0240
2014-05-27 14:55:12
CVE-2014-0242
2019-12-09 20:15:09
cvelist
cvelist
CVE-2014-0240
2014-05-27 15:00:00
CVE-2014-0242
2019-12-09 19:33:29
cve
cve
CVE-2014-0242
2019-12-09 20:15:09
CVE-2014-0240
2014-05-27 15:00:00
veracode
veracode
Information Disclosure
2019-05-02 04:58:48
Privilege Escalation
2019-01-15 08:54:30
ubuntucve
ubuntucve
CVE-2014-0240
2014-05-23 00:00:00
CVE-2014-0242
2014-05-23 00:00:00
prion
prion
Design/Logic Flaw
2019-12-09 20:15:00
Code injection
2014-05-27 14:55:00

0.071 Low

EPSS

Percentile

94.0%

JSON
Related for OSV:DSA-2937-1
nessus19openvas14amazon2centos2gentoo1securityvulns2fedora2debian1redhat3ubuntu1oraclelinux2debiancve2nvd2cvelist2cve2veracode2ubuntucve2prion2