EUVD-2018-18505

Malware in sbrugna...

Ubuntu 16.04 ESM : uWSGI vulnerability (USN-5054-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5054-2 advisory. USN-5054-1 fixed a vulnerability in uWSGI for Ubuntu 18.04 LTS. This update provides the corresponding fixes for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable ha...

boyaa-seed (=0.1.6), caluma (>=5.2.1 <=6.7.0) +31 more potentially affected by CVE-2023-27522 via uwsgi (>=2.0.13.1 <=2.0.21)

uwsgi PYPI version =2.0.13.1, =5.2.1, =0.1.11, =0.10.0, =0.1.0, =0.0.1, =0.0.1, =3.3.3, =0.104.0rc1, =0.1.0, =0.7.2, =2.1.0, =0.37.0, =12.0.0, =12.4.0 and more Source cves: CVE-2023-27522 Source advisory: OSV:GHSA-VCPH-37MH-FQRH...

GHSA-H2VM-C85R-5VH5 uWSGI Directory Traversal vulnerability

uWSGI before 2.0.17 mishandles a DOCUMENTROOT check during use of the --php-docroot option, allowing directory traversal...

liveprofiler (>=0.2.0 <=1.0.0), prediction (=0.0.3) potentially affected by CVE-2018-7490 via uwsgi (>=2.0.13.1 <=2.0.15)

uwsgi PYPI version =2.0.13.1, =0.2.0, =1.0.0 - prediction =0.0.3 Source cves: CVE-2018-7490 Source advisory: OSV:GHSA-H2VM-C85R-5VH5...

Ubuntu 18.04 LTS : uWSGI vulnerability (USN-5054-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5054-1 advisory. Felix Wilhelm discovered a buffer overflow flaw in the modproxyuwsgi module. An attacker could use this vulnerability to provoke an information disclosure or...

Directory traversal

uWSGI before 2.0.17 mishandles a DOCUMENTROOT check during use of the --php-docroot option, allowing directory traversal...

PT-2018-18100 · Uwsgi +1 · Uwsgi +1

Name of the Vulnerable Software and Affected Versions: uWSGI versions prior to 2.0.17 Description: The issue arises from the mishandling of a DOCUMENT ROOT check during the use of the --php-docroot option, allowing directory traversal. Recommendations: For versions prior to 2.0.17, update to...