modsecurity-crs:buster is vulnerable to Denial of Service (DoS) attacks. /rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf
allows remote attackers to cause a denial of service (ReDOS) by entering a specially crafted string with nested repetition operators.
CPE | Name | Operator | Version |
---|---|---|---|
modsecurity-crs:buster | eq | 3.1.0-1+deb10u1 | |
modsecurity-crs:buster | eq | 3.1.0-1+deb10u1 |