Unbit: Security Vulnerabilities
HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55.
Special characters in the origin response header can truncate/split the response forwarded to the client.
CVSS Score
7.5
EPSS Score
0.007
Published
2023-03-07
uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.
CVSS Score
7.5
EPSS Score
0.941
Published
2018-02-26
The uwsgi_expand_path function in core/utils.c in Unbit uWSGI through 2.0.15 has a stack-based buffer overflow via a large directory length.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-02-06