Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
modwsgi mod wsgi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-2255
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an malicious user to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.
Modwsgi Mod Wsgi
Debian Debian Linux 10.0
435
VMScore
CVE-2014-0242
mod_wsgi module prior to 3.4 for Apache, when used in embedded mode, might allow remote malicious users to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
Modwsgi Mod Wsgi
1 EDB exploit
614
VMScore
CVE-2014-8583
mod_wsgi prior to 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow malicious users to gain privileges via unspecified vectors.
Modwsgi Mod Wsgi
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started