Lucene search
+L

10 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2023-38285

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity. CVE-2023-38285 Note that Nessus relies on the presence of the package as reporte...

7.5CVSS7AI score0.00771EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2024/03/04 12:0 a.m.27 views

openSUSE: Security Advisory for modsecurity (openSUSE-SU-2023:0269-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.03206EPSS
Exploits4References2
OSV
OSV
added 2023/09/25 10:1 p.m.6 views

OPENSUSE-SU-2023:0269-1 Security update for modsecurity

This update for modsecurity fixes the following issues: Update to version 3.0.10: Security impacting issue fix boo1213702, CVE-2023-38285 - Fix: worst-case time in implementation of four transformations - Additional information on this issue is available at...

7.5CVSS7.7AI score0.03206EPSS
Exploits4References7
OSV
OSV
added 2023/09/25 12:2 p.m.10 views

OPENSUSE-SU-2023:0257-1 Security update for modsecurity

This update for modsecurity fixes the following issues: Update to version 3.0.10: Security impacting issue fix boo1213702, CVE-2023-38285 - Fix: worst-case time in implementation of four transformations - Additional information on this issue is available at...

7.5CVSS7.7AI score0.03206EPSS
Exploits4References7
OPENSUSE Linux
OPENSUSE Linux
added 2023/09/25 12:0 a.m.9 views

Security update for modsecurity (moderate)

openSUSE Security Update: Security update for modsecurity Announcement ID: openSUSE-SU-2023:0257-1 Rating: moderate References: 1210993 1213702 Cross-References: CVE-2020-15598 CVE-2021-42717 CVE-2023-28882 CVE-2023-38285 CVSS scores: CVE-2020-15598 NVD : 7.5...

7.5CVSS7.4AI score0.03206EPSS
Exploits4References2
RedhatCVE
RedhatCVE
added 2023/07/28 5:49 a.m.19 views

CVE-2023-38285

A vulnerability was found in Trustwave's ModSecurity project due to an inefficient algorithmic complexity flaw. This issue is present in four transformation actions: removeWhitespace, removeNull, replaceNull, and removeCommentsChar. By sending a maliciously crafted HTTP request, an attacker could...

7.5CVSS6AI score0.00771EPSS
Exploits0References4
NVD
NVD
added 2023/07/26 9:15 p.m.28 views

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...

7.5CVSS7.5AI score0.00771EPSS
Exploits0References2
Wolfi
Wolfi
added 2023/07/26 9:15 p.m.30 views

CVE-2023-38285 vulnerabilities

Vulnerabilities for packages: modsecurity...

7.5CVSS7.7AI score0.00771EPSS
Exploits0
CVE
CVE
added 2023/07/26 12:0 a.m.418 views

CVE-2023-38285

CVE-2023-38285 affects Trustwave ModSecurity 3.x prior to 3.0.10. The root cause is Inefficient Algorithmic Complexity in certain input handling, leading to potential denial of service with network-based exploitation. The CVSS indicates network attack vector, low attack complexity, and high avail...

7.5CVSS7.3AI score0.00771EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/07/26 12:0 a.m.29 views

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...

7.6AI score0.00771EPSS
Exploits0References2
Rows per page
Query Builder