Lucene search
K

6 matches found

OSV
OSV
added 2025/06/25 5:31 a.m.5 views

MGASA-2025-0192 Updated apache-mod_security packages fix security vulnerabilities

ModSecurity Has Possible DoS Vulnerability. CVE-2025-47947 ModSecurity has possible DoS vulnerability in sanitiseArg action. CVE-2025-48866...

7.5CVSS7.1AI score0.0076EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2025/06/07 12:0 a.m.9 views

FreeBSD : ModSecurity -- possible DoS vulnerability (fa1d42c8-42fe-11f0-a9fa-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fa1d42c8-42fe-11f0-a9fa-b42e991fc52e advisory. [email protected] reports: ModSecurity is an open source, cross platform web application...

7.5CVSS7.7AI score0.0076EPSS
Exploits2References3
OSV
OSV
added 2025/06/04 2:47 p.m.8 views

BIT-MODSECURITY-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...

7.5CVSS7.3AI score0.0076EPSS
Exploits1References6
CVE
CVE
added 2025/06/02 3:46 p.m.116 views

CVE-2025-48866

ModSecurity (mod_security) WAF engine for Apache/Nginx/IIS is affected by CVE-2025-48866. In ModSecurity versions prior to 2.9.10, the sanitiseArg (and alias sanitizeArg) action can be abused to add an excessive number of arguments, leading to a denial of service. Astra Linux advisories confirm t...

7.5CVSS7.4AI score0.0076EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/06/02 3:46 p.m.18 views

CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...

7.5CVSS6.1AI score0.0076EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/02 3:46 p.m.16 views

CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action

ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...

7.5CVSS0.0076EPSS
Exploits1References4
Rows per page
Query Builder