VulnerableCode Package Details - pkg:deb/debian/uwsgi@2.0.7-1%2Bdeb8u2

Search for packages

Vulnerability	Summary	Fixed by
VCID-redt-eznr-43fv Aliases: CVE-2018-6758	The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.	2.0.18-1 Affected by 0 other vulnerabilities.
VCID-rrau-77nx-mybd Aliases: CVE-2018-7490 GHSA-h2vm-c85r-5vh5 PYSEC-2018-78	uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.	2.0.14+20161117-3+deb9u2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.0.18-1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-redt-eznr-43fv
Aliases:
CVE-2018-6758

The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.

2.0.18-1
Affected by 0 other vulnerabilities.

VCID-rrau-77nx-mybd
Aliases:
CVE-2018-7490
GHSA-h2vm-c85r-5vh5
PYSEC-2018-78

uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.

2.0.14+20161117-3+deb9u2
Affected by 2 other vulnerabilities.

2.0.18-1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-rrau-77nx-mybd	uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.	CVE-2018-7490 GHSA-h2vm-c85r-5vh5 PYSEC-2018-78

Vulnerability

Summary

Aliases

VCID-rrau-77nx-mybd

uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.

CVE-2018-7490
GHSA-h2vm-c85r-5vh5
PYSEC-2018-78

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T17:27:05.275878+00:00	Debian Oval Importer	Affected by	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:44:22.385674+00:00	Debian Oval Importer	Affected by	VCID-redt-eznr-43fv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:07:49.995710+00:00	Debian Oval Importer	Affected by	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T13:59:14.393637+00:00	Debian Oval Importer	Fixing	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.4.0
2026-04-11T17:13:25.784374+00:00	Debian Oval Importer	Affected by	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:31:12.504358+00:00	Debian Oval Importer	Affected by	VCID-redt-eznr-43fv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T13:56:24.077732+00:00	Debian Oval Importer	Affected by	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T13:47:52.109010+00:00	Debian Oval Importer	Fixing	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.3.0
2026-04-08T17:02:18.979202+00:00	Debian Oval Importer	Affected by	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:22:22.614642+00:00	Debian Oval Importer	Affected by	VCID-redt-eznr-43fv	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T22:31:11.439049+00:00	Debian Oval Importer	Affected by	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T22:23:17.308884+00:00	Debian Oval Importer	Fixing	VCID-rrau-77nx-mybd	https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2	38.1.0