Date: Fri, 07 Aug 2020 06:31:38 -0500 From: Daniel Ruggeri <druggeri@...che.org> To: oss-security@...ts.openwall.com Subject: CVE-2020-11984: Apache httpd: mod_uwsgi buffer overlow CVE-2020-11984: mod_uwsgi buffer overlow Severity: moderate Vendor: The Apache Software Foundation Versions Affected: httpd 2.4.32 to 2.4.44 Description: Apache HTTP Server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE Mitigation: disable mod_uwsgi Credit: Discovered by Felix Wilhelm of Google Project Zero References: https://httpd.apache.org/security/vulnerabilities_24.html
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.