VulnerableCode Package Details - pkg:deb/ubuntu/uwsgi@2.0.14%2B20170111-4ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/uwsgi@2.0.14%2B20170111-4ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/uwsgi@2.0.14%2B20170111-4ubuntu1

Next non-vulnerable version	2.0.15-10.2ubuntu2.2
Latest non-vulnerable version	2.0.15-10.2ubuntu2.2
Risk	10.0

Vulnerabilities affecting this package (3)

Vulnerability	Summary	Fixed by
VCID-cb96-v58z-aaan Aliases: CVE-2018-7490 GHSA-h2vm-c85r-5vh5 PYSEC-2018-78	uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.	2.0.15-10.2ubuntu2.1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}
VCID-dt6a-dc5k-aaak Aliases: CVE-2020-11984	Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE	2.0.15-10.2ubuntu2.2 Affected by 0 other vulnerabilities.
VCID-k8c8-d9j5-aaaf Aliases: CVE-2018-6758	The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.	2.0.15-10.2 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version