vulnerability
Alma Linux: CVE-2022-2255: Moderate: python39:3.9 security update (ALSA-2025-4791)
Severity | CVSS | Published | Added | Modified |
---|---|---|---|---|
8 | (AV:N/AC:L/Au:N/C:N/I:C/A:N) | Aug 25, 2022 | May 14, 2025 | May 14, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:C/A:N)
Published
Aug 25, 2022
Added
May 14, 2025
Modified
May 14, 2025
Description
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.
Solution(s)
alma-upgrade-python39alma-upgrade-python39-cffialma-upgrade-python39-chardetalma-upgrade-python39-cryptographyalma-upgrade-python39-develalma-upgrade-python39-idlealma-upgrade-python39-idnaalma-upgrade-python39-libsalma-upgrade-python39-lxmlalma-upgrade-python39-mod_wsgialma-upgrade-python39-numpyalma-upgrade-python39-numpy-docalma-upgrade-python39-numpy-f2pyalma-upgrade-python39-pipalma-upgrade-python39-pip-wheelalma-upgrade-python39-plyalma-upgrade-python39-psutilalma-upgrade-python39-psycopg2alma-upgrade-python39-psycopg2-docalma-upgrade-python39-psycopg2-testsalma-upgrade-python39-pycparseralma-upgrade-python39-pymysqlalma-upgrade-python39-pysocksalma-upgrade-python39-pyyamlalma-upgrade-python39-requestsalma-upgrade-python39-rpm-macrosalma-upgrade-python39-scipyalma-upgrade-python39-setuptoolsalma-upgrade-python39-setuptools-wheelalma-upgrade-python39-sixalma-upgrade-python39-testalma-upgrade-python39-tkinteralma-upgrade-python39-tomlalma-upgrade-python39-urllib3alma-upgrade-python39-wheelalma-upgrade-python39-wheel-wheel

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.