Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
modwsgi mod wsgi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2255
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an malicious user to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.
Modwsgi Mod Wsgi
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2014-0242
mod_wsgi module prior to 3.4 for Apache, when used in embedded mode, might allow remote malicious users to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
Modwsgi Mod Wsgi
1 EDB exploit
6.9
CVSSv2
CVE-2014-8583
mod_wsgi prior to 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow malicious users to gain privileges via unspecified vectors.
Modwsgi Mod Wsgi
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started