CVE-2014-0242

Severity CVSS v4.0:
Pending analysis
Type:
CWE-200 Information Leak / Disclosure
Publication date:
09/12/2019
Last modified:
17/12/2019

Description

mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:modwsgi:mod_wsgi:*:*:*:*:*:*:*:* 3.4 (excluding)