7 matches found
openSUSE: Security Advisory for modsecurity (openSUSE-SU-2023:0257-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for modsecurity (openSUSE-SU-2023:0269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for modsecurity (moderate)
openSUSE Security Update: Security update for modsecurity Announcement ID: openSUSE-SU-2023:0257-1 Rating: moderate References: 1210993 1213702 Cross-References: CVE-2020-15598 CVE-2021-42717 CVE-2023-28882 CVE-2023-38285 CVSS scores: CVE-2020-15598 NVD : 7.5...
CVE-2023-28882 vulnerabilities
Vulnerabilities for packages: modsecurity...
CVE-2023-28882 vulnerabilities
Vulnerabilities for packages: modsecurity...
CVE-2023-28882
CVE-2023-28882 affects Trustwave ModSecurity 3.0.5–3.0.8; before 3.0.9, certain inputs can trigger a segfault in the Transaction class, causing worker crashes and server unresponsiveness (DoS) in affected configurations. The issue is mitigated by upgrading to ModSecurity 3.0.9 or applying the ven...
CVE-2023-28882
Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service worker crash and unresponsiveness because some inputs cause a segfault in the Transaction class for some configurations...