Release | Version |
---|---|
buster | 3.0.3-1+deb10u2 |
bullseye | 3.0.4-2 |
bookworm | 3.0.6-1 |
sid | 3.0.6-1 |
Bug | buster | bullseye | bookworm | sid | Description |
---|---|---|---|---|---|
CVE-2021-42717 | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objec ... |
CVE-2019-25043 | vulnerable (no DSA) | fixed | fixed | fixed | ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as dem ... |
Bug | Description |
---|---|
CVE-2020-15598 | ** DISPUTED ** Trustwave ModSecurity 3.x through 3.0.4 allows denial o ... |
CVE-2019-19886 | Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send c ... |
DSA / DLA | Description |
---|---|
DSA-4765-1 | modsecurity - security update |