Lucene search
K
ModwsgiMod Wsgi

4 matches found

CVE
CVE
added 2022/08/25 5:26 p.m.337 views

CVE-2022-2255

CVE-2022-2255 affects mod_wsgi: a request from an untrusted proxy can carry the X-Client-IP header to the WSGI app because the removal condition is missing. Impact: potential header spoofing bypass. Affected versions are older mod_wsgi; multiple advisories indicate remediation via upgrading to no...

7.5CVSS7.1AI score0.0069EPSS
CVE
CVE
added 2014/05/27 3:0 p.m.167 views

CVE-2014-0240

CVE-2014-0240 affects the mod_wsgi Apache module (daemon mode) where error codes from setuid are not properly handled on certain Linux kernels, enabling a local attacker to escalate privileges via vectors related to the number of running processes. Multiple vendors/advisories reference this flaw ...

6.2CVSS7.3AI score0.00411EPSS
CVE
CVE
added 2019/12/09 7:33 p.m.101 views

CVE-2014-0242

CVE-2014-0242 affects the mod_wsgi Apache module (pre-3.4 in embedded mode). It can cause memory contents to be leaked via the Content-Type header, enabling disclosure of sensitive information. The issue is coupled with CVE-2014-0240 (privilege escalation). Public advisories and Nessus/Gentoo ent...

7.5CVSS7.2AI score0.08526EPSS
CVE
CVE
added 2014/12/16 6:0 p.m.69 views

CVE-2014-8583

CVE-2014-8583 : mod_wsgi (Apache) before 4.2.4 fails to handle when it cannot drop group privileges during daemon process group creation, potentially allowing local privilege escalation via unspecified vectors. Affected software: mod_wsgi before 4.2.4. Impact: attacker could gain privileges with ...

6.9CVSS6.6AI score0.00403EPSS