Published: 23 May 2014
mod_wsgi module before 3.4 for Apache, when used in embedded mode, might allow remote attackers to obtain sensitive information via the Content-Type header which is generated from memory that may have been freed and then overwritten by a separate thread.
CVSS 3 base score: 7.5
Launchpad, Ubuntu, Debian
|Ubuntu 14.04 ESM (Trusty Tahr)||