Download
| Alert*
|
oval:org.secpod.oval:def:3300822
SUSE Security Update: Security update for apache2-mod_wsgi oval:org.secpod.oval:def:3300374 SUSE Security Update: Security update for apache2-mod_wsgi oval:org.secpod.oval:def:88565 mod-wsgi: Python WSGI adapter module for Apache mod-wsgi could allow unintended access to network services. oval:org.secpod.oval:def:1701721 A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing oval:org.secpod.oval:def:707660 mod-wsgi: Python WSGI adapter module for Apache mod-wsgi could allow unintended access to network services. oval:org.secpod.oval:def:89048045 This update for apache2-mod_wsgi fixes the following issues: - CVE-2022-2255: Hardened the trusted proxy header filter to avoid bypass |
