Lucene search
K

27 matches found

OPENSUSE Linux
OPENSUSE Linux
added 2025/01/29 12:0 a.m.3 views

apache2-mod_security2-2.9.8-2.1 on GA media (moderate)

apache2-modsecurity2-2.9.8-2.1 on GA media Announcement ID: openSUSE-SU-2025:14703-1 Rating: moderate Cross-References: CVE-2022-48279 CVSS scores: CVE-2022-48279 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability...

7.5CVSS7.3AI score0.01169EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 9 : mod_security (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - modsecurity: lacking the complete content in FILESTMPCONTENT leads to web application firewall bypass...

9.8CVSS10AI score0.01169EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.19 views

RHEL 8 : mod_security (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - modsecurity: lacking the complete content in FILESTMPCONTENT leads to web application firewall bypass...

9.8CVSS7.7AI score0.01169EPSS
Exploits0References2
OSV
OSV
added 2024/04/12 11:7 a.m.2 views

OESA-2024-1375 mod_security security update

This software is also called Modsec,it is an open-source web application firewall. It is designed for Apache HTTP Server.ModSecurity is commonly deployed to provide protections against generic classed of vulnerabilities.The install of this package is easy and you can read the README.TXT for more...

7.5CVSS7AI score0.01169EPSS
Exploits0References2
OSV
OSV
added 2024/03/29 11:7 a.m.2 views

OESA-2024-1334 mod_security security update

This software is also called Modsec,it is an open-source web application firewall. It is designed for Apache HTTP Server.ModSecurity is commonly deployed to provide protections against generic classed of vulnerabilities.The install of this package is easy and you can read the README.TXT for more...

7.5CVSS7AI score0.01169EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.21 views

openSUSE: Security Advisory for apache2 (SUSE-SU-2023:0314-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.7AI score0.01169EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2023/08/15 5:43 p.m.60 views

Moderate: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.57 security update

An update is now available for Red Hat JBoss Core Services. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links...

9.8CVSS6.6AI score0.57941EPSS
Exploits3References10
Tenable Nessus
Tenable Nessus
added 2023/08/15 12:0 a.m.58 views

RHEL 7 / 8 : Red Hat JBoss Core Services Apache HTTP Server 2.4.57 (RHSA-2023:4629)

The remote Redhat Enterprise Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4629 advisory. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP...

9.8CVSS7.1AI score0.57941EPSS
Exploits3References21
Amazon
Amazon
added 2023/06/27 12:0 a.m.37 views

Important: mod_security

Issue Overview: In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity C language codebase. CVE-2022-48279...

9.8CVSS7.3AI score0.01169EPSS
Exploits0
Amazon
Amazon
added 2023/06/27 12:0 a.m.41 views

Medium: mod24_security

Issue Overview: In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity C language codebase. CVE-2022-48279...

9.8CVSS8AI score0.01169EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/06/09 12:0 a.m.44 views

Amazon Linux AMI : mod_security (ALAS-2023-1763)

The version of modsecurity installed on the remote host is prior to 2.8.0-5.28. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1763 advisory. In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web...

7.5CVSS7.6AI score0.01169EPSS
Exploits0References4
Amazon
Amazon
added 2023/06/08 12:0 a.m.42 views

Medium: mod_security

Issue Overview: In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity C language codebase. CVE-2022-48279...

9.8CVSS8AI score0.01169EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/05/22 12:0 a.m.27 views

Mageia: Security Advisory (MGASA-2023-0175)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01169EPSS
Exploits0References5
Mageia
Mageia
added 2023/05/21 8:42 a.m.60 views

Updated apache-mod_security packages fix security vulnerability

HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall CVE-2022-48279 Incorrect handling of '\0' bytes in file uploads in ModSecurity may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules...

7.5CVSS7.2AI score0.01169EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.32 views

Fedora 38 : mod_security (2023-bc61f7a145)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-bc61f7a145 advisory. - new version 2.9.7 - switch to PCRE2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7AI score0.01169EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/04/24 12:0 a.m.52 views

Fedora 37 : mod_security (2023-09f0496e60)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-09f0496e60 advisory. - new version 2.9.7 - switch to PCRE2 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

7.5CVSS7AI score0.01169EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/04/23 12:0 a.m.27 views

Fedora: Security Advisory for mod_security (FEDORA-2023-09f0496e60)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01169EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/04/13 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for mod_security (EulerOS-SA-2023-1601)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.8AI score0.01169EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/04/13 12:0 a.m.33 views

EulerOS 2.0 SP8 : mod_security (EulerOS-SA-2023-1601)

According to the versions of the modsecurity package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application...

7.5CVSS7.1AI score0.01169EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/02/14 12:0 a.m.28 views

SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_security2 (SUSE-SU-2023:0314-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:0314-1 advisory. - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests bsc1207378. Tenable...

7.5CVSS7.2AI score0.01169EPSS
Exploits0References4
Rows per page
Query Builder