This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Modwsgi First view 2014-05-27
Product Mod Wsgi Last view 2019-12-09
Version 1.5 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:modwsgi:mod_wsgi

Activity : Overall

Related : CVE

  Date Alert Description
7.5 2019-12-09 CVE-2014-0242

mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.

6.9 2014-12-16 CVE-2014-8583

mod_wsgi before 4.2.4 for Apache, when creating a daemon process group, does not properly handle when group privileges cannot be dropped, which might allow attackers to gain privileges via unspecified vectors.

6.2 2014-05-27 CVE-2014-0240

The mod_wsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes.

CWE : Common Weakness Enumeration

%idName
33% (1) CWE-264 Permissions, Privileges, and Access Controls
33% (1) CWE-254 Security Features
33% (1) CWE-200 Information Exposure

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-04-27 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-987.nasl - Type: ACT_GATHER_INFO
2018-04-18 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-987.nasl - Type: ACT_GATHER_INFO
2017-01-03 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201612-49.nasl - Type: ACT_GATHER_INFO
2015-03-31 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2015-180.nasl - Type: ACT_GATHER_INFO
2014-12-16 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2014-253.nasl - Type: ACT_GATHER_INFO
2014-12-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201412-21.nasl - Type: ACT_GATHER_INFO
2014-12-09 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-753.nasl - Type: ACT_GATHER_INFO
2014-12-04 Name: The remote Ubuntu host is missing one or more security-related patches.
File: ubuntu_USN-2431-1.nasl - Type: ACT_GATHER_INFO
2014-10-12 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2014-376.nasl - Type: ACT_GATHER_INFO
2014-10-12 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2014-375.nasl - Type: ACT_GATHER_INFO
2014-08-26 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2014-1091.nasl - Type: ACT_GATHER_INFO
2014-08-26 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-1091.nasl - Type: ACT_GATHER_INFO
2014-08-26 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2014-1091.nasl - Type: ACT_GATHER_INFO
2014-07-14 Name: The remote web server module is affected by a privilege escalation vulnerabil...
File: mod_wsgi_4_2_4.nasl - Type: ACT_GATHER_INFO
2014-07-14 Name: The remote web server module is affected by a privilege escalation vulnerabil...
File: mod_wsgi_3_5.nasl - Type: ACT_GATHER_INFO
2014-07-14 Name: The remote web server module has a remote information disclosure vulnerability.
File: mod_wsgi_3_4.nasl - Type: ACT_GATHER_INFO
2014-07-13 Name: The remote Mandriva Linux host is missing a security update.
File: mandriva_MDVSA-2014-137.nasl - Type: ACT_GATHER_INFO
2014-06-26 Name: The remote Scientific Linux host is missing one or more security updates.
File: sl_20140625_mod_wsgi_on_SL6_x.nasl - Type: ACT_GATHER_INFO
2014-06-26 Name: The remote Red Hat host is missing one or more security updates.
File: redhat-RHSA-2014-0788.nasl - Type: ACT_GATHER_INFO
2014-06-26 Name: The remote Oracle Linux host is missing a security update.
File: oraclelinux_ELSA-2014-0788.nasl - Type: ACT_GATHER_INFO
2014-06-26 Name: The remote CentOS host is missing a security update.
File: centos_RHSA-2014-0788.nasl - Type: ACT_GATHER_INFO
2014-06-18 Name: The remote Fedora host is missing a security update.
File: fedora_2014-6944.nasl - Type: ACT_GATHER_INFO
2014-06-18 Name: The remote Fedora host is missing a security update.
File: fedora_2014-6938.nasl - Type: ACT_GATHER_INFO
2014-06-16 Name: The remote openSUSE host is missing a security update.
File: openSUSE-2014-421.nasl - Type: ACT_GATHER_INFO
2014-05-28 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-2937.nasl - Type: ACT_GATHER_INFO