Linux Distros Unpatched Vulnerability : CVE-2022-42717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configure...

CVE-2023-42717

In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed...

CVE-2022-42717

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

Linux Distros Unpatched Vulnerability : CVE-2021-42717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web serve...

CVE-2022-42717 affecting package packer for versions less than 1.8.7-1

CVE-2022-42717 affecting package packer for versions less than 1.8.7-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-42717

creationtimestamp| type| source ---|---|--- 2023-12-22 14:58:41+00:00| seen| https://t.me/ctinow/158418...

CVE-2023-42717

In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed...

CVE-2023-42717

In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed...

CVE-2023-42717

CVE-2023-42717 affects the telephony service where a missing permission check could allow remote information disclosure without additional privileges. The CVSS data indicates network attack vector, low complexity, no user interaction, with a high confidentiality impact (C:H, I:N, A:N) and unchang...

Security update for modsecurity (moderate)

openSUSE Security Update: Security update for modsecurity Announcement ID: openSUSE-SU-2023:0257-1 Rating: moderate References: 1210993 1213702 Cross-References: CVE-2020-15598 CVE-2021-42717 CVE-2023-28882 CVE-2023-38285 CVSS scores: CVE-2020-15598 NVD : 7.5...

K50839343: NGINX ModSecurity WAF vulnerability CVE-2021-42717

Security Advisory Description ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large e.g., 300KB HTTP request can occupy...

Exploit for Uncontrolled Recursion in Owasp Modsecurity

Detection-and-Mitigation-script-for-CVE-2021-42717 Detection a...

CVE-2022-42717

creationtimestamp| type| source ---|---|--- 2022-10-12 02:26:34+00:00| seen| https://t.me/cibsecurity/51238...

CVE-2022-42717

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

CVE-2022-42717

CVE-2022-42717 affects Hashicorp Packer prior to 2.3.1. The issue is an insecure sudoers configuration for Vagrant on Linux, where a host configured per the documentation permits non-privileged users to exploit a wildcard in sudoers to execute commands as root. The data in connected sources confi...

CVE-2022-42717

An issue was discovered in Hashicorp Packer before 2.3.1. The recommended sudoers configuration for Vagrant on Linux is insecure. If the host has been configured according to this documentation, non-privileged users on the host can leverage a wildcard in the sudoers configuration to execute...

OESA-2022-1954 mod_security security update

This software is also called Modsec,it is an open-source web application firewall. It is designed for Apache HTTP Server.ModSecurity is commonly deployed to provide protections against generic classed of vulnerabilities.The install of this package is easy and you can read the README.TXT for more...

Huawei EulerOS: Security Advisory for mod_security (EulerOS-SA-2022-1355)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : mod_security (EulerOS-SA-2022-1355)

According to the versions of the modsecurity package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could...

EulerOS 2.0 SP5 : mod_security (EulerOS-SA-2022-1332)

According to the versions of the modsecurity package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could...