Home Packages KEV Critical Insights Jobs Pricing

Loading…

Data from OSV.dev, CISA KEV, and FIRST EPSS.Sync status GitHub

Debian/modsecurity-apache — 20 CVEs · VulnScope

pkg:Debian/modsecurity-apache

20 total CVEsHIGH11MEDIUM3

✅ Check your installed version

All known vulnerabilities

HIGH7.5CVE-2025-48866modsecurity-apache - security update
from 0, < 2.9.3-3+deb11u4
HIGH7.5CVE-2025-48866modsecurity-apache - security update
from 0, < 2.9.3-3+deb11u4
HIGH7.5CVE-2025-47947modsecurity-apache - security update
from 0, < 2.9.3-3+deb11u3
HIGH7.5modsecurity-apache - security update
from 0, < 2.9.3-3+deb11u3
HIGH7.5modsecurity-apache - security update
from 0, < 2.9.7-1+deb12u1
HIGH7.5Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer ove…
from 0, < 2.9.3-3+deb11u2
HIGH7.5modsecurity-apache - security update
from 0, < 2.9.3-3+deb11u2
HIGH7.5modsecurity-apache - security update
from 0, < 2.9.3-1+deb10u2
HIGH7.5modsecurity-apache - security update
from 0, < 2.9.3-3+deb11u1
HIGH7.5modsecurity-apache - security update
from 0, < 2.9.3-1+deb10u1
HIGH7.5modsecurity-apache - security update
from 0, < 2.9.1-2+deb9u1
MEDIUM6.5ModSecurity empty XML tag causes segmentation fault
from 0, < 2.9.11-1
MEDIUM6.1modsecurity-apache - security update
from 0, < 2.9.3-3+deb11u5
MEDIUM6.1modsecurity-apache - security update
from 0, < 2.9.3-3+deb11u5
—modsecurity-apache - security update
from 0, < 2.7.7-1
—modsecurity-apache - security update
from 0, < 2.6.6-6+deb7u2
—The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereferen…
from 0, < 2.6.6-9
—libapache-mod-security - XML external entity processing vulnerability
from 0, < 2.6.6-6
—The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data t…
from 0, < 2.6.6-5
—libapache-mod-security - modsecurity bypass
from 0, < 2.6.6-1