10 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-38285
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity. CVE-2023-38285 Note that Nessus relies on the presence of the package as reporte...
openSUSE: Security Advisory for modsecurity (openSUSE-SU-2023:0269-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2023:0269-1 Security update for modsecurity
This update for modsecurity fixes the following issues: Update to version 3.0.10: Security impacting issue fix boo1213702, CVE-2023-38285 - Fix: worst-case time in implementation of four transformations - Additional information on this issue is available at...
OPENSUSE-SU-2023:0257-1 Security update for modsecurity
This update for modsecurity fixes the following issues: Update to version 3.0.10: Security impacting issue fix boo1213702, CVE-2023-38285 - Fix: worst-case time in implementation of four transformations - Additional information on this issue is available at...
Security update for modsecurity (moderate)
openSUSE Security Update: Security update for modsecurity Announcement ID: openSUSE-SU-2023:0257-1 Rating: moderate References: 1210993 1213702 Cross-References: CVE-2020-15598 CVE-2021-42717 CVE-2023-28882 CVE-2023-38285 CVSS scores: CVE-2020-15598 NVD : 7.5...
CVE-2023-38285
A vulnerability was found in Trustwave's ModSecurity project due to an inefficient algorithmic complexity flaw. This issue is present in four transformation actions: removeWhitespace, removeNull, replaceNull, and removeCommentsChar. By sending a maliciously crafted HTTP request, an attacker could...
CVE-2023-38285
Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...
CVE-2023-38285 vulnerabilities
Vulnerabilities for packages: modsecurity...
CVE-2023-38285
CVE-2023-38285 affects Trustwave ModSecurity 3.x prior to 3.0.10. The root cause is Inefficient Algorithmic Complexity in certain input handling, leading to potential denial of service with network-based exploitation. The CVSS indicates network attack vector, low attack complexity, and high avail...
CVE-2023-38285
Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity...