CVE-2013-1915

2013-04-2523:55:00

Debian Security Bug Tracker

security-tracker.debian.org

0.009 Low

EPSS

Percentile

82.6%

JSON

ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) vulnerability.

OSVersionArchitecturePackageVersionFilename
Debian12allmodsecurity-apache< 2.6.6-6modsecurity-apache_2.6.6-6_all.deb
Debian11allmodsecurity-apache< 2.6.6-6modsecurity-apache_2.6.6-6_all.deb
Debian10allmodsecurity-apache< 2.6.6-6modsecurity-apache_2.6.6-6_all.deb
Debian999allmodsecurity-apache< 2.6.6-6modsecurity-apache_2.6.6-6_all.deb
Debian13allmodsecurity-apache< 2.6.6-6modsecurity-apache_2.6.6-6_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	modsecurity-apache	< 2.6.6-6	modsecurity-apache_2.6.6-6_all.deb
Debian	11	all	modsecurity-apache	< 2.6.6-6	modsecurity-apache_2.6.6-6_all.deb
Debian	10	all	modsecurity-apache	< 2.6.6-6	modsecurity-apache_2.6.6-6_all.deb
Debian	999	all	modsecurity-apache	< 2.6.6-6	modsecurity-apache_2.6.6-6_all.deb
Debian	13	all	modsecurity-apache	< 2.6.6-6	modsecurity-apache_2.6.6-6_all.deb

0.009 Low

EPSS

Percentile

82.6%

JSON

Related for DEBIANCVE:CVE-2013-1915