7 matches found
BIT-MODSECURITY2-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...
AZL-62229 CVE-2025-48866 affecting package mod_security 2.9.4-1
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...
AZL-62231 CVE-2025-48866 affecting package mod_security 2.9.7-8
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...
DEBIAN-CVE-2025-48866
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...
CVE-2025-48866 ModSecurity has possible DoS vulnerability in sanitiseArg action
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg - this is the same action but an alias is...
ModSecurity -- possible DoS vulnerability
[email protected] reports: ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg and sanitizeArg -...
PT-2025-23533 · Unknown +4 · Modsecurity +4
Name of the Vulnerable Software and Affected Versions: ModSecurity versions prior to 2.9.10 Description: The issue is a denial of service vulnerability. It affects the sanitiseArg and its alias sanitizeArg action, which is vulnerable to adding an excessive number of arguments, leading to denial o...