vulnerability
Red Hat: CVE-2022-2255: mod_wsgi: Trusted Proxy Headers Removing Bypass (Multiple Advisories)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Aug 25, 2022 | May 13, 2025 | May 13, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Aug 25, 2022
Added
May 13, 2025
Modified
May 13, 2025
Description
A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.
Solution(s)
redhat-upgrade-numpy-debugsourceredhat-upgrade-python-cffi-debugsourceredhat-upgrade-python-cryptography-debugsourceredhat-upgrade-python-lxml-debugsourceredhat-upgrade-python-psutil-debugsourceredhat-upgrade-python-psycopg2-debugsourceredhat-upgrade-python39redhat-upgrade-python39-cffiredhat-upgrade-python39-cffi-debuginforedhat-upgrade-python39-chardetredhat-upgrade-python39-cryptographyredhat-upgrade-python39-cryptography-debuginforedhat-upgrade-python39-debuginforedhat-upgrade-python39-debugsourceredhat-upgrade-python39-develredhat-upgrade-python39-idleredhat-upgrade-python39-idnaredhat-upgrade-python39-libsredhat-upgrade-python39-lxmlredhat-upgrade-python39-lxml-debuginforedhat-upgrade-python39-mod_wsgiredhat-upgrade-python39-numpyredhat-upgrade-python39-numpy-debuginforedhat-upgrade-python39-numpy-docredhat-upgrade-python39-numpy-f2pyredhat-upgrade-python39-pipredhat-upgrade-python39-pip-wheelredhat-upgrade-python39-plyredhat-upgrade-python39-psutilredhat-upgrade-python39-psutil-debuginforedhat-upgrade-python39-psycopg2redhat-upgrade-python39-psycopg2-debuginforedhat-upgrade-python39-psycopg2-docredhat-upgrade-python39-psycopg2-testsredhat-upgrade-python39-pycparserredhat-upgrade-python39-pymysqlredhat-upgrade-python39-pysocksredhat-upgrade-python39-pyyamlredhat-upgrade-python39-pyyaml-debuginforedhat-upgrade-python39-requestsredhat-upgrade-python39-rpm-macrosredhat-upgrade-python39-scipyredhat-upgrade-python39-scipy-debuginforedhat-upgrade-python39-setuptoolsredhat-upgrade-python39-setuptools-wheelredhat-upgrade-python39-sixredhat-upgrade-python39-testredhat-upgrade-python39-tkinterredhat-upgrade-python39-tomlredhat-upgrade-python39-urllib3redhat-upgrade-python39-wheelredhat-upgrade-python39-wheel-wheelredhat-upgrade-pyyaml-debugsourceredhat-upgrade-scipy-debugsource
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.