2 matches found
CVE-2019-11387
An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with nested repetition operators...
CVE-2019-11387
The CVE-2019-11387 entry describes a ReDOS vulnerability in OWASP ModSecurity Core Rule Set (CRS) up to version 3.1.0. Specifically, the rule file /rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf can be triggered to cause a denial of service by feeding a specially crafted string with nested repeti...