3 matches found
DEBIAN-CVE-2019-11391
An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with $a at the beginning and nested repetition operators. NOTE: the softwa...
CVE-2019-11391
An issue was discovered in OWASP ModSecurity Core Rule Set CRS through 3.1.0. /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf allows remote attackers to cause a denial of service ReDOS by entering a specially crafted string with $a at the beginning and nested repetition operators. NOTE: the softwa...
CVE-2019-11391
The CVE-2019-11391 entry concerns OWASP ModSecurity Core Rule Set (CRS) up to version 3.1.0. The vulnerability is tied to /rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf, where a specially crafted string beginning with $a# and containing nested repetition operators could cause a denial of service ...