FreeBSD : ModSecurity -- possible DoS vulnerability (fa1d42c8-42fe-11f0-a9fa-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fa1d42c8-42fe-11f0-a9fa-b42e991fc52e advisory. [email protected] reports: ModSecurity is an open source, cross platform web application...

CVE-2025-48866

ModSecurity (mod_security) WAF engine for Apache/Nginx/IIS is affected by CVE-2025-48866. In ModSecurity versions prior to 2.9.10, the sanitiseArg (and alias sanitizeArg) action can be abused to add an excessive number of arguments, leading to a denial of service. Astra Linux advisories confirm t...

CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...

CVE-2025-47947 ModSecurity Has Possible DoS Vulnerability

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case in stable released versions: when the payload's content type is application/json, and there is at...

ModSecurity -- possible DoS vulnerability

[email protected] reports: ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case in stable released versions: when the payload's content...