Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
modwsgi vulnerabilities and exploits
(subscribe to this query)
614
VMScore
CVE-2014-8583
mod_wsgi prior to 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow malicious users to gain privileges via unspecified vectors.
Modwsgi Mod Wsgi
435
VMScore
CVE-2014-0242
mod_wsgi module prior to 3.4 for Apache, when used in embedded mode, might allow remote malicious users to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
Modwsgi Mod Wsgi
1 EDB exploit
NA
CVE-2022-2255
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an malicious user to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.
Modwsgi Mod Wsgi
Debian Debian Linux 10.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started