Information on source package modsecurity-crs

Available versions

ReleaseVersion
buster3.1.0-1+deb10u2
buster (security)3.2.3-0+deb10u3
bullseye3.3.0-1+deb11u1
bookworm3.3.4-1
sid3.3.4-1

Open issues

BugbusterbullseyebookwormsidDescription
CVE-2022-39958fixedvulnerable (no DSA)fixedfixedThe OWASP ModSecurity Core Rule Set (CRS) is affected by a response bo ...
CVE-2022-39957fixedvulnerable (no DSA)fixedfixedThe OWASP ModSecurity Core Rule Set (CRS) is affected by a response bo ...
CVE-2022-39956fixedvulnerable (no DSA)fixedfixedThe OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rul ...
CVE-2022-39955fixedvulnerable (no DSA)fixedfixedThe OWASP ModSecurity Core Rule Set (CRS) is affected by a partial rul ...
CVE-2020-22669fixedvulnerable (no DSA)fixedfixedModsecurity owasp-modsecurity-crs 3.2.0 (Paranoia level at PL1) has a ...

Open unimportant issues

BugbusterbullseyebookwormsidDescription
CVE-2019-11391vulnerablevulnerablevulnerablevulnerableAn issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...
CVE-2019-11390vulnerablevulnerablevulnerablevulnerableAn issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...
CVE-2019-11389vulnerablevulnerablevulnerablevulnerableAn issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...
CVE-2019-11388vulnerablevulnerablevulnerablevulnerableAn issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...

Resolved issues

BugDescription
CVE-2021-35368OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1 ...
CVE-2019-13464An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2 ...
CVE-2019-11387An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...
CVE-2018-16384A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Co ...

Security announcements

DSA / DLADescription
DLA-3293-1modsecurity-crs - security update
Search for package or bug name: Reporting problems