BIT-MODSECURITY2-2026-30923 libModSecurity3 denial of service via segfault when using t:hexDecode on single-character query strings
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Libmodsecurity is one component of the ModSecurity v3 project. A segmentation fault occurs when a rule using the t:hexDecode transformation inspects a query string parameter containing a...