Search for packages
Package details: pkg:deb/debian/uwsgi@2.0.18-1
purl pkg:deb/debian/uwsgi@2.0.18-1
Next non-vulnerable version 2.0.20-2~bpo11+1
Latest non-vulnerable version 2.0.20-2~bpo11+1
Risk 10.0
Vulnerabilities affecting this package (2)
Vulnerability Summary Fixed by
VCID-dt6a-dc5k-aaak
Aliases:
CVE-2020-11984
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
2.0.20-2~bpo11+1
Affected by 0 other vulnerabilities.
VCID-fccq-2kpj-aaap
Aliases:
CVE-2021-36160
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).
2.0.20-2~bpo11+1
Affected by 0 other vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-cb96-v58z-aaan uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal. CVE-2018-7490
GHSA-h2vm-c85r-5vh5
PYSEC-2018-78
VCID-k8c8-d9j5-aaaf The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length. CVE-2018-6758

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-21T19:03:45.122148+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T15:49:39.330418+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T13:45:43.251151+00:00 Debian Oval Importer Fixing VCID-cb96-v58z-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-20T23:42:50.658478+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf None 36.1.3
2025-06-20T22:26:26.667227+00:00 Debian Oval Importer Fixing VCID-cb96-v58z-aaan None 36.1.3
2025-06-08T12:00:02.405715+00:00 Debian Oval Importer Fixing VCID-cb96-v58z-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:32:57.653154+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T08:43:01.588741+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T06:39:54.240877+00:00 Debian Oval Importer Fixing VCID-cb96-v58z-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-07T17:05:45.144732+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf None 36.1.0
2025-06-07T15:50:41.585329+00:00 Debian Oval Importer Fixing VCID-cb96-v58z-aaan None 36.1.0
2025-04-12T17:45:19.400532+00:00 Debian Oval Importer Fixing VCID-cb96-v58z-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:17:22.888441+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-08T07:14:31.824926+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T05:12:19.624939+00:00 Debian Oval Importer Fixing VCID-cb96-v58z-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-07T15:39:11.114947+00:00 Debian Oval Importer Fixing VCID-k8c8-d9j5-aaaf None 36.0.0
2025-04-07T14:21:32.159098+00:00 Debian Oval Importer Fixing VCID-cb96-v58z-aaan None 36.0.0
2025-04-07T11:27:11.652360+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 36.0.0
2025-04-06T23:20:44.083895+00:00 Debian Importer Affected by VCID-fccq-2kpj-aaap None 36.0.0
2025-02-20T02:34:35.319597+00:00 Debian Importer Affected by VCID-fccq-2kpj-aaap None 35.1.0
2025-02-19T12:05:13.881064+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 35.1.0
2024-11-22T20:29:07.471185+00:00 Debian Importer Affected by VCID-fccq-2kpj-aaap None 35.0.0
2024-11-22T09:23:39.075233+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 35.0.0
2024-11-20T07:55:58.021545+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 34.3.2
2024-10-09T19:07:14.843826+00:00 Debian Importer Affected by VCID-fccq-2kpj-aaap None 34.0.2
2024-10-09T08:21:24.433618+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 34.0.2
2024-09-19T03:28:49.014545+00:00 Debian Importer Affected by VCID-fccq-2kpj-aaap None 34.0.1
2024-09-18T19:01:07.256394+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 34.0.1
2024-04-25T01:48:23.559150+00:00 Debian Importer Affected by VCID-fccq-2kpj-aaap None 34.0.0rc4
2024-04-24T17:11:11.946711+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 34.0.0rc4
2024-01-11T02:46:34.777172+00:00 Debian Importer Affected by VCID-fccq-2kpj-aaap None 34.0.0rc2
2024-01-10T19:07:12.507296+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 34.0.0rc2
2024-01-04T15:02:29.246983+00:00 Debian Importer Affected by VCID-fccq-2kpj-aaap None 34.0.0rc1
2024-01-04T08:35:45.533449+00:00 Debian Importer Affected by VCID-dt6a-dc5k-aaak None 34.0.0rc1