Fedora: Security Advisory (FEDORA-2024-8ba5080dfa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2024:12937-1 libmodsecurity3-3.0.9-1.1 on GA media

These are all security issues fixed in the libmodsecurity3-3.0.9-1.1 package on the GA media of openSUSE Tumbleweed...

Fedora 40 : libmodsecurity (2024-2314613d77)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2314613d77 advisory. Automatic update for libmodsecurity-3.0.12-1.fc40. Changelog Sun Feb 11 2024 Mikel Olasagasti Uranga - 3.0.12-1 - Update to 3.0.12 rhbz2253518 - Fix...

BIT-MODSECURITY2-2024-1019 WAF bypass of the ModSecurity v3 release line

ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3 decodes percent-encoded characters present in request URLs before it separates the URL path component from the optional query string...

[SECURITY] Fedora 39 Update: libmodsecurity-3.0.12-1.fc39

Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity...

[SECURITY] Fedora 38 Update: libmodsecurity-3.0.12-1.fc38

Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity...

Fedora: Security Advisory for libmodsecurity (FEDORA-2024-698e541c52)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2024-4645d0fdef)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : libmodsecurity (2024-698e541c52)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-698e541c52 advisory. - Update to 3.0.12 - Security fix for CVE-2024-1019 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...

DEBIAN-CVE-2024-1019

ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3 decodes percent-encoded characters present in request URLs before it separates the URL path component from the optional query string...

CVE-2024-1019

CVE-2024-1019 affects ModSecurity/libModSecurity versions 3.0.0 through 3.0.11. The root cause is that request URLs are percent-decoded before separating the path and query string, causing an impedance mismatch with RFC-compliant back-ends and allowing an attacker to hide a payload in the URL pat...

CVE-2024-1019 WAF bypass of the ModSecurity v3 release line

ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3 decodes percent-encoded characters present in request URLs before it separates the URL path component from the optional query string...

ModSecurity Security Vulnerabilities

ModSecurity is an intrusion detection and blocking engine that can be run as a module of the Apache Web Server or as a standalone application to enhance the security of Web applications and protect them from known and unknown attacks. A security vulnerability exists in ModSecurity libModSecurity...

Fedora: Security Advisory for libmodsecurity (FEDORA-2022-90453044f3)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 37 Update: libmodsecurity-3.0.8-1.fc37

Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity...

Fedora: Security Advisory for libmodsecurity (FEDORA-2022-afa1e7b6c4)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: libmodsecurity-3.0.8-1.fc36

Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity...

[SECURITY] Fedora 31 Update: libmodsecurity-3.0.3-6.fc31

Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity...

[SECURITY] Fedora 30 Update: libmodsecurity-3.0.2-6.fc30

Libmodsecurity is one component of the ModSecurity v3 project. The library codebase serves as an interface to ModSecurity Connectors taking in web traffic and applying traditional ModSecurity processing. In general, it provides the capability to load/interpret rules written in the ModSecurity...

Fedora: Security Advisory for libmodsecurity (FEDORA-2020-dc9aee5510)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...