MiracleLinux 8 : python39:3.9 (AXSA:2025-9939:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9939:01 advisory. modwsgi: Trusted Proxy Headers Removing Bypass CVE-2022-2255 Tenable has extracted the preceding description block directly from the MiracleLinux security...

EUVD-2014-0278

Malware in sbrugna...

EUVD-2022-0159

Malicious code in bioql PyPI...

A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.

...

AZL-10734 CVE-2022-2255 affecting package mod_wsgi for versions less than 4.9.3-2

A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...

CVE-2014-0242

modwsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread...

MGASA-2014-0513 Updated apache-mod_wsgi package fixes security vulnerability

It was discovered that modwsgi incorrectly handled errors when setting up the working directory and group access rights. A malicious application could possibly use this issue to cause a local privilege escalation when using daemon mode CVE-2014-8583...

USN-2431-2: MAAS regression

USN-2431-1 fixed vulnerabilities in modwsgi. The security update exposed an issue in the MAAS package, causing a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that modwsgi incorrectly handled errors when setting up the...