Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
modwsgi mod wsgi vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-2255
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an malicious user to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.
Modwsgi Mod Wsgi
Debian Debian Linux 10.0
7.5
CVSSv3
CVE-2014-0242
mod_wsgi module prior to 3.4 for Apache, when used in embedded mode, might allow remote malicious users to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
Modwsgi Mod Wsgi
1 EDB exploit
NA
CVE-2014-8583
mod_wsgi prior to 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow malicious users to gain privileges via unspecified vectors.
Modwsgi Mod Wsgi
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started