PyPI package
uwsgi
pkg:pypi/uwsgi
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-27522 | — | < 2.0.22 | 2.0.22 | Mar 7, 2023 | HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client. | ||
| CVE-2018-7490 | Hig | 7.5 | < 2.0.17 | 2.0.17 | Feb 26, 2018 | uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal. |
- CVE-2023-27522Mar 7, 2023affected < 2.0.22fixed 2.0.22
HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client.
- affected < 2.0.17fixed 2.0.17
uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.