4 matches found
Fedora 40 : libmodsecurity (2024-2314613d77)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2314613d77 advisory. Automatic update for libmodsecurity-3.0.12-1.fc40. Changelog Sun Feb 11 2024 Mikel Olasagasti Uranga - 3.0.12-1 - Update to 3.0.12 rhbz2253518 - Fix...
Fedora 38 : libmodsecurity (2024-698e541c52)
The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-698e541c52 advisory. - Update to 3.0.12 - Security fix for CVE-2024-1019 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note th...
CVE-2024-1019
ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3 decodes percent-encoded characters present in request URLs before it separates the URL path component from the optional query string...
CVE-2024-1019 WAF bypass of the ModSecurity v3 release line
ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3 decodes percent-encoded characters present in request URLs before it separates the URL path component from the optional query string...