6 matches found
MGASA-2025-0192 Updated apache-mod_security packages fix security vulnerabilities
ModSecurity Has Possible DoS Vulnerability. CVE-2025-47947 ModSecurity has possible DoS vulnerability in sanitiseArg action. CVE-2025-48866...
FreeBSD : ModSecurity -- possible DoS vulnerability (fa1d42c8-42fe-11f0-a9fa-b42e991fc52e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fa1d42c8-42fe-11f0-a9fa-b42e991fc52e advisory. [email protected] reports: ModSecurity is an open source, cross platform web application...
BIT-MODSECURITY-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...
CVE-2025-48866
ModSecurity (mod_security) WAF engine for Apache/Nginx/IIS is affected by CVE-2025-48866. In ModSecurity versions prior to 2.9.10, the sanitiseArg (and alias sanitizeArg) action can be abused to add an excessive number of arguments, leading to a denial of service. Astra Linux advisories confirm t...
CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...
CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...