CVE-2014-0242
Description
mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
8.583
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi_3.3-4ubuntu0.2_i386.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi_3.3-4ubuntu0.2_amd64.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi_3.4-4ubuntu2.1.14.04.2_i386.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi_3.4-4ubuntu2.1.14.04.2_amd64.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi-py3_3.3-4ubuntu0.2_i386.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi-py3_3.3-4ubuntu0.2_amd64.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi-py3_3.4-4ubuntu2.1.14.04.2_i386.deb | Linux |
| Python WSGI adapter module for Apache (USN-2222-1) libapache2-mod-wsgi-py3_3.4-4ubuntu2.1.14.04.2_amd64.deb | Linux |
| (RHSA-2014:0788) Important: mod_wsgi security update mod_wsgi-3.2-6.el6_5.i686.rpm | Linux |
| (RHSA-2014:0788) Important: mod_wsgi security update mod_wsgi-3.2-6.el6_5.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234