{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/5694?format=json","vulnerability_id":"VCID-rrau-77nx-mybd","summary":"uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.","aliases":[{"alias":"CVE-2018-7490"},{"alias":"GHSA-h2vm-c85r-5vh5"},{"alias":"PYSEC-2018-78"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/399224?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=aarch64&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=aarch64&distroversion=v3.6&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/399225?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=armhf&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=armhf&distroversion=v3.6&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/399226?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=ppc64le&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=ppc64le&distroversion=v3.6&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/399227?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=s390x&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=s390x&distroversion=v3.6&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/399228?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86&distroversion=v3.6&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/399229?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86_64&distroversion=v3.6&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86_64&distroversion=v3.6&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/467491?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=armhf&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=armhf&distroversion=v3.4&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/467492?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86&distroversion=v3.4&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/467493?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86_64&distroversion=v3.4&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86_64&distroversion=v3.4&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/496061?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=aarch64&distroversion=v3.5&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=aarch64&distroversion=v3.5&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/496062?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=armhf&distroversion=v3.5&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=armhf&distroversion=v3.5&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/496063?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86&distroversion=v3.5&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86&distroversion=v3.5&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/496064?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86_64&distroversion=v3.5&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86_64&distroversion=v3.5&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/965389?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=armhf&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=armhf&distroversion=v3.7&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/965390?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=ppc64le&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=ppc64le&distroversion=v3.7&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/965391?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=s390x&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=s390x&distroversion=v3.7&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/965392?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86&distroversion=v3.7&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/965393?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=x86_64&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=x86_64&distroversion=v3.7&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/965388?format=json","purl":"pkg:apk/alpine/uwsgi@2.0.17-r0?arch=aarch64&distroversion=v3.7&reponame=main","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:apk/alpine/uwsgi@2.0.17-r0%3Farch=aarch64&distroversion=v3.7&reponame=main"},{"url":"http://public2.vulnerablecode.io/api/packages/1036763?format=json","purl":"pkg:deb/debian/uwsgi@2.0.7-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-redt-eznr-43fv"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.7-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037091?format=json","purl":"pkg:deb/debian/uwsgi@2.0.14%2B20161117-3%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-redt-eznr-43fv"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.14%252B20161117-3%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/941986?format=json","purl":"pkg:deb/debian/uwsgi@2.0.15-10.4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.15-10.4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1052091?format=json","purl":"pkg:deb/debian/uwsgi@2.0.18-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.18-1"},{"url":"http://public2.vulnerablecode.io/api/packages/941982?format=json","purl":"pkg:deb/debian/uwsgi@2.0.19.1-7.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.19.1-7.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941980?format=json","purl":"pkg:deb/debian/uwsgi@2.0.21-5.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.21-5.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941985?format=json","purl":"pkg:deb/debian/uwsgi@2.0.28-9?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.28-9%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941983?format=json","purl":"pkg:deb/debian/uwsgi@2.0.31-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.31-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/941984?format=json","purl":"pkg:deb/debian/uwsgi@2.0.31-4?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.31-4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/5771?format=json","purl":"pkg:pypi/uwsgi@2.0.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.17"}],"affected_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1036761?format=json","purl":"pkg:deb/debian/uwsgi@1.2.3%2Bdfsg-5%2Bdeb7u1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-redt-eznr-43fv"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@1.2.3%252Bdfsg-5%252Bdeb7u1"},{"url":"http://public2.vulnerablecode.io/api/packages/1036762?format=json","purl":"pkg:deb/debian/uwsgi@2.0.7-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-redt-eznr-43fv"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.7-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1036763?format=json","purl":"pkg:deb/debian/uwsgi@2.0.7-1%2Bdeb8u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-redt-eznr-43fv"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.7-1%252Bdeb8u2"},{"url":"http://public2.vulnerablecode.io/api/packages/1037091?format=json","purl":"pkg:deb/debian/uwsgi@2.0.14%2B20161117-3%2Bdeb9u2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-redt-eznr-43fv"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/uwsgi@2.0.14%252B20161117-3%252Bdeb9u2"},{"url":"http://public2.vulnerablecode.io/api/packages/5722?format=json","purl":"pkg:pypi/uwsgi@1.4.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.4.9"},{"url":"http://public2.vulnerablecode.io/api/packages/5723?format=json","purl":"pkg:pypi/uwsgi@1.4.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.4.10"},{"url":"http://public2.vulnerablecode.io/api/packages/5724?format=json","purl":"pkg:pypi/uwsgi@1.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9"},{"url":"http://public2.vulnerablecode.io/api/packages/5725?format=json","purl":"pkg:pypi/uwsgi@1.9.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5726?format=json","purl":"pkg:pypi/uwsgi@1.9.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.2"},{"url":"http://public2.vulnerablecode.io/api/packages/5727?format=json","purl":"pkg:pypi/uwsgi@1.9.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.3"},{"url":"http://public2.vulnerablecode.io/api/packages/5728?format=json","purl":"pkg:pypi/uwsgi@1.9.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.4"},{"url":"http://public2.vulnerablecode.io/api/packages/5729?format=json","purl":"pkg:pypi/uwsgi@1.9.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.5"},{"url":"http://public2.vulnerablecode.io/api/packages/5730?format=json","purl":"pkg:pypi/uwsgi@1.9.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.6"},{"url":"http://public2.vulnerablecode.io/api/packages/5731?format=json","purl":"pkg:pypi/uwsgi@1.9.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.7"},{"url":"http://public2.vulnerablecode.io/api/packages/5732?format=json","purl":"pkg:pypi/uwsgi@1.9.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.8"},{"url":"http://public2.vulnerablecode.io/api/packages/5733?format=json","purl":"pkg:pypi/uwsgi@1.9.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.9"},{"url":"http://public2.vulnerablecode.io/api/packages/5734?format=json","purl":"pkg:pypi/uwsgi@1.9.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.10"},{"url":"http://public2.vulnerablecode.io/api/packages/5735?format=json","purl":"pkg:pypi/uwsgi@1.9.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.11"},{"url":"http://public2.vulnerablecode.io/api/packages/5736?format=json","purl":"pkg:pypi/uwsgi@1.9.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.12"},{"url":"http://public2.vulnerablecode.io/api/packages/5737?format=json","purl":"pkg:pypi/uwsgi@1.9.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.13"},{"url":"http://public2.vulnerablecode.io/api/packages/5738?format=json","purl":"pkg:pypi/uwsgi@1.9.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.14"},{"url":"http://public2.vulnerablecode.io/api/packages/5739?format=json","purl":"pkg:pypi/uwsgi@1.9.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.15"},{"url":"http://public2.vulnerablecode.io/api/packages/5740?format=json","purl":"pkg:pypi/uwsgi@1.9.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.16"},{"url":"http://public2.vulnerablecode.io/api/packages/5741?format=json","purl":"pkg:pypi/uwsgi@1.9.17","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.17"},{"url":"http://public2.vulnerablecode.io/api/packages/5742?format=json","purl":"pkg:pypi/uwsgi@1.9.17.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.17.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5743?format=json","purl":"pkg:pypi/uwsgi@1.9.18","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.18"},{"url":"http://public2.vulnerablecode.io/api/packages/5744?format=json","purl":"pkg:pypi/uwsgi@1.9.18.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.18.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5745?format=json","purl":"pkg:pypi/uwsgi@1.9.18.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.18.2"},{"url":"http://public2.vulnerablecode.io/api/packages/5746?format=json","purl":"pkg:pypi/uwsgi@1.9.19","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.19"},{"url":"http://public2.vulnerablecode.io/api/packages/5747?format=json","purl":"pkg:pypi/uwsgi@1.9.20","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.20"},{"url":"http://public2.vulnerablecode.io/api/packages/5748?format=json","purl":"pkg:pypi/uwsgi@1.9.21","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.21"},{"url":"http://public2.vulnerablecode.io/api/packages/5749?format=json","purl":"pkg:pypi/uwsgi@1.9.21.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@1.9.21.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5750?format=json","purl":"pkg:pypi/uwsgi@2.0","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0"},{"url":"http://public2.vulnerablecode.io/api/packages/5751?format=json","purl":"pkg:pypi/uwsgi@2.0.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5752?format=json","purl":"pkg:pypi/uwsgi@2.0.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.2"},{"url":"http://public2.vulnerablecode.io/api/packages/5753?format=json","purl":"pkg:pypi/uwsgi@2.0.3","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.3"},{"url":"http://public2.vulnerablecode.io/api/packages/5754?format=json","purl":"pkg:pypi/uwsgi@2.0.4","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.4"},{"url":"http://public2.vulnerablecode.io/api/packages/5755?format=json","purl":"pkg:pypi/uwsgi@2.0.5","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.5"},{"url":"http://public2.vulnerablecode.io/api/packages/5756?format=json","purl":"pkg:pypi/uwsgi@2.0.5.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.5.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5757?format=json","purl":"pkg:pypi/uwsgi@2.0.6","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.6"},{"url":"http://public2.vulnerablecode.io/api/packages/5758?format=json","purl":"pkg:pypi/uwsgi@2.0.7","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.7"},{"url":"http://public2.vulnerablecode.io/api/packages/5759?format=json","purl":"pkg:pypi/uwsgi@2.0.8","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.8"},{"url":"http://public2.vulnerablecode.io/api/packages/5760?format=json","purl":"pkg:pypi/uwsgi@2.0.9","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.9"},{"url":"http://public2.vulnerablecode.io/api/packages/5761?format=json","purl":"pkg:pypi/uwsgi@2.0.10","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.10"},{"url":"http://public2.vulnerablecode.io/api/packages/5762?format=json","purl":"pkg:pypi/uwsgi@2.0.11","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.11"},{"url":"http://public2.vulnerablecode.io/api/packages/5763?format=json","purl":"pkg:pypi/uwsgi@2.0.11.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.11.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5764?format=json","purl":"pkg:pypi/uwsgi@2.0.11.2","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.11.2"},{"url":"http://public2.vulnerablecode.io/api/packages/5765?format=json","purl":"pkg:pypi/uwsgi@2.0.12","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.12"},{"url":"http://public2.vulnerablecode.io/api/packages/5766?format=json","purl":"pkg:pypi/uwsgi@2.0.13","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.13"},{"url":"http://public2.vulnerablecode.io/api/packages/5767?format=json","purl":"pkg:pypi/uwsgi@2.0.13.1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.13.1"},{"url":"http://public2.vulnerablecode.io/api/packages/5768?format=json","purl":"pkg:pypi/uwsgi@2.0.14","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.14"},{"url":"http://public2.vulnerablecode.io/api/packages/5769?format=json","purl":"pkg:pypi/uwsgi@2.0.15","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.15"},{"url":"http://public2.vulnerablecode.io/api/packages/5770?format=json","purl":"pkg:pypi/uwsgi@2.0.16","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-4c3m-m6ku-kbhq"},{"vulnerability":"VCID-rrau-77nx-mybd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:pypi/uwsgi@2.0.16"}],"references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7490","reference_id":"","reference_type":"","scores":[{"value":"0.93301","scoring_system":"epss","scoring_elements":"0.99804","published_at":"2026-04-04T12:55:00Z"},{"value":"0.93301","scoring_system":"epss","scoring_elements":"0.99806","published_at":"2026-04-13T12:55:00Z"},{"value":"0.93301","scoring_system":"epss","scoring_elements":"0.99805","published_at":"2026-04-08T12:55:00Z"},{"value":"0.93301","scoring_system":"epss","scoring_elements":"0.99803","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-7490"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7490","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7490"},{"reference_url":"https://github.com/pypa/advisory-database/tree/main/vulns/uwsgi/PYSEC-2018-78.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/pypa/advisory-database/tree/main/vulns/uwsgi/PYSEC-2018-78.yaml"},{"reference_url":"https://github.com/unbit/uwsgi","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/unbit/uwsgi"},{"reference_url":"https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://github.com/unbit/uwsgi/commit/0a480f435ea6feb63deb410ad2bf376ed3f05f8a"},{"reference_url":"https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://uwsgi-docs.readthedocs.io/en/latest/Changelog-2.0.17.html"},{"reference_url":"https://www.debian.org/security/2018/dsa-4142","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.debian.org/security/2018/dsa-4142"},{"reference_url":"https://www.exploit-db.com/exploits/44223","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://www.exploit-db.com/exploits/44223"},{"reference_url":"https://www.exploit-db.com/exploits/44223/","reference_id":"","reference_type":"","scores":[],"url":"https://www.exploit-db.com/exploits/44223/"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891639","reference_id":"891639","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=891639"},{"reference_url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44223.txt","reference_id":"CVE-2018-7490","reference_type":"exploit","scores":[],"url":"https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/44223.txt"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7490","reference_id":"CVE-2018-7490","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"8.7","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N"},{"value":"HIGH","scoring_system":"generic_textual","scoring_elements":""}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-7490"},{"reference_url":"https://github.com/advisories/GHSA-h2vm-c85r-5vh5","reference_id":"GHSA-h2vm-c85r-5vh5","reference_type":"","scores":[{"value":"HIGH","scoring_system":"cvssv3.1_qr","scoring_elements":""}],"url":"https://github.com/advisories/GHSA-h2vm-c85r-5vh5"}],"weaknesses":[{"cwe_id":22,"name":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","description":"The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory."},{"cwe_id":937,"name":"OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2013."},{"cwe_id":1035,"name":"OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities","description":"Weaknesses in this category are related to the A9 category in the OWASP Top Ten 2017."}],"exploits":[{"date_added":"2018-03-02","description":"uWSGI < 2.0.17 - Directory Traversal","required_action":null,"due_date":null,"notes":null,"known_ransomware_campaign_use":true,"source_date_published":"2018-03-02","exploit_type":"webapps","platform":"php","source_date_updated":"2018-03-02","data_source":"Exploit-DB","source_url":""}],"severity_range_score":"7.0 - 8.9","exploitability":"2.0","weighted_severity":"8.0","risk_score":10.0,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rrau-77nx-mybd"}