Lucene search

K
cvelistMitreCVELIST:CVE-2022-48279
HistoryJan 20, 2023 - 12:00 a.m.

CVE-2022-48279

2023-01-2000:00:00
mitre
www.cve.org
modsecurity
bypass
http
multipart
parsing
vulnerability

8.8 High

AI Score

Confidence

High

0.005 Low

EPSS

Percentile

75.5%

In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity (C language) codebase.