Download
| Alert*
oval:org.secpod.oval:def:3300194
SUSE Security Update: Security update for apache2-mod_security2 oval:org.secpod.oval:def:1601725 In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity codebase oval:org.secpod.oval:def:1601734 In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity codebase oval:org.secpod.oval:def:89048244 This update for apache2-mod_security2 fixes the following issues: - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests . oval:org.secpod.oval:def:89048243 This update for apache2-mod_security2 fixes the following issues: - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests . oval:org.secpod.oval:def:89048241 This update for apache2-mod_security2 fixes the following issues: - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests . oval:org.secpod.oval:def:125636 ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. oval:org.secpod.oval:def:1701400 In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity codebase. In ModSecurity before 2.9.7, FILES_TMP_CONT ... oval:org.secpod.oval:def:125341 ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. oval:org.secpod.oval:def:125336 ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella - shielding web applications from attacks. oval:org.secpod.oval:def:708436 modsecurity-apache: Tighten web applications security for Apache Several security issues were fixed in ModSecurity. oval:org.secpod.oval:def:93897 modsecurity-apache: Tighten web applications security for Apache Several security issues were fixed in ModSecurity. |