pkg:Bitnami/modsecurity

All known vulnerabilities

• HIGH8.6CVE-2024-1019WAF bypass of the ModSecurity v3 release line
  >= 3.0.0, < 3.0.12
• HIGH7.5CVE-2026-42268ModSecurity: Unsigned integer underflow in @verifySSN / @verifyCPF / @verifySVNR operators
  >= 3.0.0, < 3.0.15
• HIGH7.5CVE-2026-30923libModSecurity3 denial of service via segfault when using t:hexDecode on single-character query strings
  >= 3.0.0, < 3.0.15
• HIGH7.5A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service (DoS) via a crafted input inserted into the name par…
  >= 3.0.12, < 3.0.13
• HIGH7.5modsecurity-apache - security update
  from 0, < 3.0.12
• HIGH7.5modsecurity-apache - security update
  from 0, < 3.0.12
• HIGH7.5Libmodsecurity3 has possible bypass of encoded HTML entities
  >= 3.0.13, < 3.0.14
• HIGH7.5Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity.
  >= 3.0.0, < 3.0.10
• HIGH7.5Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash and unresponsiveness) because some inputs c…
  >= 3.0.5, < 3.0.9
• HIGH7.5Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer ove…
  from 0, < 2.9.7
• HIGH7.5modsecurity-apache - security update
  from 0, < 2.9.6
• HIGH7.5modsecurity-apache - security update
  >= 2.0.0, < 2.9.5
• HIGH7.5modsecurity - security update
  >= 3.0.0, < 3.0.5
• MEDIUM6.5ModSecurity empty XML tag causes segmentation fault
  >= 2.9.8, < 3.0.12
• MEDIUM6.1modsecurity-apache - security update
  from 0, < 2.9.12