Release | Version |
---|---|
buster | 3.1.0-1+deb10u2 |
buster (security) | 3.2.3-0+deb10u3 |
bullseye | 3.3.0-1+deb11u1 |
bookworm | 3.3.4-1 |
sid | 3.3.4-1 |
Bug | buster | bullseye | bookworm | sid | Description |
---|---|---|---|---|---|
CVE-2022-39958 | fixed | vulnerable (no DSA) | fixed | fixed | The OWASP ModSecurity Core Rule Set (CRS) is affected by a response bo ... |
CVE-2022-39957 | fixed | vulnerable (no DSA) | fixed | fixed | The OWASP ModSecurity Core Rule Set (CRS) is affected by a response bo ... |
CVE-2022-39956 | fixed | vulnerable (no DSA) | fixed | fixed | The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rul ... |
CVE-2022-39955 | fixed | vulnerable (no DSA) | fixed | fixed | The OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rul ... |
CVE-2020-22669 | fixed | vulnerable (no DSA) | fixed | fixed | Modsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a ... |
Bug | buster | bullseye | bookworm | sid | Description |
---|---|---|---|---|---|
CVE-2019-11391 | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... |
CVE-2019-11390 | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... |
CVE-2019-11389 | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... |
CVE-2019-11388 | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... |
Bug | Description |
---|---|
CVE-2021-35368 | OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1 ... |
CVE-2019-13464 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2 ... |
CVE-2019-11387 | An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ... |
CVE-2018-16384 | A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Co ... |
DSA / DLA | Description |
---|---|
DLA-3293-1 | modsecurity-crs - security update |