Medium: mod_security_crs

Issue Overview: Whitespace padding in filenames bypasses file upload extension checks NOTE: https://github.com/coreruleset/coreruleset/security/advisories/GHSA-rw5f-9w43-gv2w CVE-2026-33691 Affected Packages: modsecuritycrs Issue Correction: Run dnf update modsecuritycrs --releasever...

Important: mod_security_crs

Issue Overview: The OWASP core rule set CRS is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when processing multipart requests with multiple parts. When the first rule in a chain...

Amazon Linux 2023 : mod_security_crs (ALAS2023-2026-1399)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1399 advisory. The OWASP core rule set CRS is a set of generic attack detection rules for use with compatible web application firewalls. Prior to versions 4.22.0 and 3.3.8, the current rule 922110 has a bug when...

RHEL 8 : mod_security_crs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - modsecuritycrs: Content-Type or Content-Transfer-Encoding MIME header fields abuse CVE-2022-39956 - The...

RHEL 9 : mod_security_crs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - modsecuritycrs: Content-Type or Content-Transfer-Encoding MIME header fields abuse CVE-2022-39956 - The...

RHEL 7 : mod_security_crs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - modsecuritycrs: Content-Type or Content-Transfer-Encoding MIME header fields abuse CVE-2022-39956 - The...

Fedora: Security Advisory for mod_security_crs (FEDORA-2022-1fd73a5285)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 37 Update: mod_security_crs-3.3.4-1.fc37

This package provides the base rules for modsecurity...

Fedora: Security Advisory for mod_security_crs (FEDORA-2022-85a85c84b3)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for mod_security_crs (FEDORA-2022-90708b46e3)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: mod_security_crs-3.3.4-1.fc36

This package provides the base rules for modsecurity...

new packages: mod_security_crs

An update is available for modsecuritycrs. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

mod_security_crs bug fix and enhancement update

An update is available for modsecuritycrs. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

mod_security_crs bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

ALEA-2021:4277 mod_security_crs bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

Fedora Update for mod_security_crs FEDORA-2012-18315

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for mod_security_crs FEDORA-2012-18315

Check for the Version of modsecuritycrs OpenVAS Vulnerability Test Fedora Update for modsecuritycrs FEDORA-2012-18315 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

[SECURITY] Fedora 17 Update: mod_security_crs-2.2.6-3.fc17

This package provides the base rules for modsecurity...

Fedora 18 : mod_security-2.7.1-3.fc18 / mod_security_crs-2.2.6-3.fc18 (2012-18278)

Update to 2.7.1 - Update Core rules set to 2.2.6 - Fix build against libxml2 = 2.9 upstreamed - Add some missing directives RHBZ 569360 - Fix multipart/invalid part ruleset bypass issue CVE-2012-4528 RHBZ 867424, 867773, 867774 Note that Tenable Network Security has extracted the preceding...

[SECURITY] Fedora 18 Update: mod_security_crs-2.2.6-3.fc18

This package provides the base rules for modsecurity...