CVE-2018-7490 (retired)

Priority
Description
uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the
--php-docroot option, allowing directory traversal.
Assigned-to
mikesalvatore
Notes
Package
Source: uwsgi (LP Ubuntu Debian)
Upstream:released (2.0.15-10.4, 2.0.7-1+deb8u2)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.0.12-5ubuntu3.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.0.15-10.2ubuntu2.1)
More Information

Updated: 2019-10-09 08:04:41 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)