Information on source package modsecurity-crs

Available versions

ReleaseVersion
bullseye3.3.0-1+deb11u1
bullseye (security)3.3.4-1~deb11u1
bookworm3.3.4-1
trixie3.3.7-1
forky3.3.7-1
sid3.3.7-1

Open issues

BugbullseyebookwormtrixieforkysidDescription
CVE-2023-38199vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedcoreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does n ...

Open unimportant issues

BugbullseyebookwormtrixieforkysidDescription
CVE-2019-11391vulnerablevulnerablevulnerablevulnerablevulnerableAn issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...
CVE-2019-11390vulnerablevulnerablevulnerablevulnerablevulnerableAn issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...
CVE-2019-11389vulnerablevulnerablevulnerablevulnerablevulnerableAn issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...

Resolved issues

BugDescription
CVE-2022-39958The OWASP ModSecurity Core Rule Set (CRS) is affected by a response bo ...
CVE-2022-39957The OWASP ModSecurity Core Rule Set (CRS) is affected by a response bo ...
CVE-2022-39956The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rul ...
CVE-2022-39955The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rul ...
CVE-2021-35368OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1 ...
CVE-2020-22669Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a ...
CVE-2019-13464An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2 ...
CVE-2019-11388An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...
CVE-2019-11387An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...
CVE-2018-16384A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Co ...

Security announcements

DSA / DLADescription
DLA-4265-1modsecurity-crs - security update
DLA-3293-1modsecurity-crs - security update
Search for package or bug name: Reporting problems