📦 Modsecurity

Name: Modsecurity
Author: Owasp

by Owasp

🔍 What is Modsecurity?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-1019

HIGH CVSS 8.6 Jan 30, 2024

CVE-2024-1019 is a WAF bypass vulnerability in ModSecurity v3 that allows attackers to hide malicious payloads in URL paths by using percent-encoded characters. This bypasses security rules that inspe...

CVE-2023-38285

HIGH CVSS 7.5 Jul 26, 2023

CVE-2023-38285 is a denial-of-service vulnerability in Trustwave ModSecurity 3.x caused by inefficient algorithmic complexity in four transformation functions. Attackers can exploit this by sending sp...

CVE-2023-28882

HIGH CVSS 7.5 Apr 28, 2023

This vulnerability in Trustwave ModSecurity allows attackers to cause a denial of service by triggering a segmentation fault in the Transaction class, leading to worker crashes and service unresponsiv...

CVE-2021-42717

HIGH CVSS 7.5 Dec 7, 2021

CVE-2021-42717 is a denial-of-service vulnerability in ModSecurity's JSON parser where excessively nested JSON objects cause excessive CPU consumption and process blocking. This affects ModSecurity 2....