Modsecurity@* Security Vulnerabilities and Issues — Modsecurity@* CVE List

Lucene search

OwaspModsecurity*

3 matches found

CVE•added 2023/07/26 9:15 p.m.•340 views

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity.

7.5CVSS7.3AI score0.00311EPSS

CVE•added 2023/04/28 4:15 a.m.•330 views

CVE-2023-28882

Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash and unresponsiveness) because some inputs cause a segfault in the Transaction class for some configurations.

7.5CVSS7.2AI score0.00059EPSS

CVE•added 2023/01/20 7:15 p.m.•102 views

CVE-2022-48279

In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity (C language) codebase.

7.5CVSS8.4AI score0.00514EPSS