Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
Typedeb
Namespacedebian
Namemodsecurity-apache
Version2.9.11-1+deb13u1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2.9.12-2
Latest_non_vulnerable_version2.9.12-2
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3vdu-xbqh-7ud6
vulnerability_id VCID-3vdu-xbqh-7ud6
summary ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks via a single quote in a request parameter in the Content-Disposition field of a request with a multipart/form-data Content-Type header.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2009-5031
reference_id
reference_type
scores
0
value 0.00795
scoring_system epss
scoring_elements 0.73921
published_at 2026-04-01T12:55:00Z
1
value 0.00795
scoring_system epss
scoring_elements 0.73931
published_at 2026-04-02T12:55:00Z
2
value 0.00795
scoring_system epss
scoring_elements 0.73956
published_at 2026-04-04T12:55:00Z
3
value 0.00795
scoring_system epss
scoring_elements 0.73927
published_at 2026-04-07T12:55:00Z
4
value 0.00795
scoring_system epss
scoring_elements 0.73962
published_at 2026-04-08T12:55:00Z
5
value 0.00795
scoring_system epss
scoring_elements 0.73976
published_at 2026-04-09T12:55:00Z
6
value 0.00795
scoring_system epss
scoring_elements 0.73999
published_at 2026-04-11T12:55:00Z
7
value 0.00795
scoring_system epss
scoring_elements 0.73981
published_at 2026-04-12T12:55:00Z
8
value 0.00795
scoring_system epss
scoring_elements 0.73973
published_at 2026-04-13T12:55:00Z
9
value 0.00795
scoring_system epss
scoring_elements 0.74013
published_at 2026-04-16T12:55:00Z
10
value 0.00795
scoring_system epss
scoring_elements 0.74022
published_at 2026-04-18T12:55:00Z
11
value 0.00795
scoring_system epss
scoring_elements 0.74014
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2009-5031
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@0?distro=trixie
purl pkg:deb/debian/modsecurity-apache@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@0%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2009-5031
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3vdu-xbqh-7ud6
1
url VCID-4s75-8asy-wyb1
vulnerability_id VCID-4s75-8asy-wyb1
summary The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.
references
0
reference_url http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html
reference_id
reference_type
scores
url http://archives.neohapsis.com/archives/bugtraq/2013-05/0125.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-2765
reference_id
reference_type
scores
0
value 0.05375
scoring_system epss
scoring_elements 0.90113
published_at 2026-04-21T12:55:00Z
1
value 0.05375
scoring_system epss
scoring_elements 0.90056
published_at 2026-04-01T12:55:00Z
2
value 0.05375
scoring_system epss
scoring_elements 0.90059
published_at 2026-04-02T12:55:00Z
3
value 0.05375
scoring_system epss
scoring_elements 0.90071
published_at 2026-04-04T12:55:00Z
4
value 0.05375
scoring_system epss
scoring_elements 0.90076
published_at 2026-04-07T12:55:00Z
5
value 0.05375
scoring_system epss
scoring_elements 0.90091
published_at 2026-04-08T12:55:00Z
6
value 0.05375
scoring_system epss
scoring_elements 0.90098
published_at 2026-04-09T12:55:00Z
7
value 0.05375
scoring_system epss
scoring_elements 0.90106
published_at 2026-04-11T12:55:00Z
8
value 0.05375
scoring_system epss
scoring_elements 0.90104
published_at 2026-04-12T12:55:00Z
9
value 0.05375
scoring_system epss
scoring_elements 0.90099
published_at 2026-04-13T12:55:00Z
10
value 0.05375
scoring_system epss
scoring_elements 0.90116
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-2765
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=967615
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=967615
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2765
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2765
7
reference_url https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py
reference_id
reference_type
scores
url https://github.com/shookalabs/exploits/blob/master/modsecurity_cve_2013_2765_check.py
8
reference_url https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba
reference_id
reference_type
scores
url https://github.com/SpiderLabs/ModSecurity/commit/0840b13612a0b7ef1ce7441cf811dcfc6b463fba
9
reference_url http://sourceforge.net/mailarchive/message.php?msg_id=30900019
reference_id
reference_type
scores
url http://sourceforge.net/mailarchive/message.php?msg_id=30900019
10
reference_url https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES
reference_id
reference_type
scores
url https://raw.github.com/SpiderLabs/ModSecurity/master/CHANGES
11
reference_url http://www.modsecurity.org/
reference_id
reference_type
scores
url http://www.modsecurity.org/
12
reference_url http://www.shookalabs.com/
reference_id
reference_type
scores
url http://www.shookalabs.com/
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710217
reference_id 710217
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=710217
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-2765
reference_id CVE-2013-2765
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2013-2765
20
reference_url http://packetstormsecurity.com/files/121815/modsecurity_cve_2013_2765_check.py.txt
reference_id CVE-2013-2765;OSVDB-93687
reference_type exploit
scores
url http://packetstormsecurity.com/files/121815/modsecurity_cve_2013_2765_check.py.txt
21
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/25852.py
reference_id CVE-2013-2765;OSVDB-93687
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/25852.py
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.6.6-9?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.6.6-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.6.6-9%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2013-2765
risk_score 9.0
exploitability 2.0
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4s75-8asy-wyb1
2
url VCID-5gw3-jywd-2qb2
vulnerability_id VCID-5gw3-jywd-2qb2
summary security update
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5705.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-5705.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-5705
reference_id
reference_type
scores
0
value 0.00842
scoring_system epss
scoring_elements 0.74691
published_at 2026-04-01T12:55:00Z
1
value 0.00842
scoring_system epss
scoring_elements 0.74694
published_at 2026-04-07T12:55:00Z
2
value 0.00842
scoring_system epss
scoring_elements 0.74721
published_at 2026-04-04T12:55:00Z
3
value 0.00842
scoring_system epss
scoring_elements 0.74727
published_at 2026-04-08T12:55:00Z
4
value 0.00842
scoring_system epss
scoring_elements 0.74741
published_at 2026-04-09T12:55:00Z
5
value 0.00842
scoring_system epss
scoring_elements 0.74764
published_at 2026-04-11T12:55:00Z
6
value 0.00842
scoring_system epss
scoring_elements 0.74743
published_at 2026-04-12T12:55:00Z
7
value 0.00842
scoring_system epss
scoring_elements 0.74734
published_at 2026-04-13T12:55:00Z
8
value 0.00842
scoring_system epss
scoring_elements 0.74771
published_at 2026-04-16T12:55:00Z
9
value 0.00842
scoring_system epss
scoring_elements 0.74779
published_at 2026-04-18T12:55:00Z
10
value 0.00842
scoring_system epss
scoring_elements 0.74769
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-5705
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5705
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5705
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1082904
reference_id 1082904
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1082904
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.7.7-1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.7.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.7.7-1%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2013-5705
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5gw3-jywd-2qb2
3
url VCID-b7s9-yu8p-hbhj
vulnerability_id VCID-b7s9-yu8p-hbhj
summary The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093011.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2012-November/093011.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
2
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
4
reference_url http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/CHANGES
reference_id
reference_type
scores
url http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/branches/2.7.x/CHANGES
5
reference_url http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?sortby=date&r1=2081&r2=2080&pathrev=2081
reference_id
reference_type
scores
url http://mod-security.svn.sourceforge.net/viewvc/mod-security/m2/trunk/apache2/msc_multipart.c?sortby=date&r1=2081&r2=2080&pathrev=2081
6
reference_url http://mod-security.svn.sourceforge.net/viewvc/mod-security?view=revision&sortby=date&revision=2081
reference_id
reference_type
scores
url http://mod-security.svn.sourceforge.net/viewvc/mod-security?view=revision&sortby=date&revision=2081
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-4528
reference_id
reference_type
scores
0
value 0.11456
scoring_system epss
scoring_elements 0.93627
published_at 2026-04-21T12:55:00Z
1
value 0.11456
scoring_system epss
scoring_elements 0.93561
published_at 2026-04-01T12:55:00Z
2
value 0.11456
scoring_system epss
scoring_elements 0.9357
published_at 2026-04-02T12:55:00Z
3
value 0.11456
scoring_system epss
scoring_elements 0.93578
published_at 2026-04-04T12:55:00Z
4
value 0.11456
scoring_system epss
scoring_elements 0.93579
published_at 2026-04-07T12:55:00Z
5
value 0.11456
scoring_system epss
scoring_elements 0.93588
published_at 2026-04-08T12:55:00Z
6
value 0.11456
scoring_system epss
scoring_elements 0.9359
published_at 2026-04-09T12:55:00Z
7
value 0.11456
scoring_system epss
scoring_elements 0.93596
published_at 2026-04-12T12:55:00Z
8
value 0.11456
scoring_system epss
scoring_elements 0.93597
published_at 2026-04-13T12:55:00Z
9
value 0.11456
scoring_system epss
scoring_elements 0.93616
published_at 2026-04-16T12:55:00Z
10
value 0.11456
scoring_system epss
scoring_elements 0.93623
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-4528
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4528
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4528
9
reference_url http://seclists.org/fulldisclosure/2012/Oct/113
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2012/Oct/113
10
reference_url https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txt
reference_id
reference_type
scores
url https://www.sec-consult.com/fxdata/seccons/prod/temedia/advisories_txt/20121017-0_mod_security_ruleset_bypass.txt
11
reference_url http://www.openwall.com/lists/oss-security/2012/10/18/14
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2012/10/18/14
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691146
reference_id 691146
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691146
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/detail/CVE-2012-4528
reference_id CVE-2012-4528
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2012-4528
19
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/37949.txt
reference_id CVE-2012-4528;OSVDB-86408
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/37949.txt
20
reference_url https://www.securityfocus.com/bid/56096/info
reference_id CVE-2012-4528;OSVDB-86408
reference_type exploit
scores
url https://www.securityfocus.com/bid/56096/info
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.6.6-5?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.6.6-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.6.6-5%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2012-4528
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b7s9-yu8p-hbhj
4
url VCID-fc2s-mxh1-yfeh
vulnerability_id VCID-fc2s-mxh1-yfeh
summary modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24021.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-24021.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-24021
reference_id
reference_type
scores
0
value 0.001
scoring_system epss
scoring_elements 0.27829
published_at 2026-04-02T12:55:00Z
1
value 0.001
scoring_system epss
scoring_elements 0.27619
published_at 2026-04-21T12:55:00Z
2
value 0.001
scoring_system epss
scoring_elements 0.2787
published_at 2026-04-04T12:55:00Z
3
value 0.001
scoring_system epss
scoring_elements 0.27661
published_at 2026-04-07T12:55:00Z
4
value 0.001
scoring_system epss
scoring_elements 0.27729
published_at 2026-04-08T12:55:00Z
5
value 0.001
scoring_system epss
scoring_elements 0.27772
published_at 2026-04-09T12:55:00Z
6
value 0.001
scoring_system epss
scoring_elements 0.27778
published_at 2026-04-11T12:55:00Z
7
value 0.001
scoring_system epss
scoring_elements 0.27735
published_at 2026-04-12T12:55:00Z
8
value 0.001
scoring_system epss
scoring_elements 0.27676
published_at 2026-04-13T12:55:00Z
9
value 0.001
scoring_system epss
scoring_elements 0.27684
published_at 2026-04-16T12:55:00Z
10
value 0.001
scoring_system epss
scoring_elements 0.27658
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-24021
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24021
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-24021
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029329
reference_id 1029329
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1029329
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2163615
reference_id 2163615
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2163615
6
reference_url https://github.com/SpiderLabs/ModSecurity/pull/2857
reference_id 2857
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-02T16:17:41Z/
url https://github.com/SpiderLabs/ModSecurity/pull/2857
7
reference_url https://github.com/SpiderLabs/ModSecurity/pull/2857/commits/4324f0ac59f8225aa44bc5034df60dbeccd1d334
reference_id 4324f0ac59f8225aa44bc5034df60dbeccd1d334
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-02T16:17:41Z/
url https://github.com/SpiderLabs/ModSecurity/pull/2857/commits/4324f0ac59f8225aa44bc5034df60dbeccd1d334
8
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/52TGCZCOHYBDCVWJYNN2PS4QLOHCXWTQ/
reference_id 52TGCZCOHYBDCVWJYNN2PS4QLOHCXWTQ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-02T16:17:41Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/52TGCZCOHYBDCVWJYNN2PS4QLOHCXWTQ/
9
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00023.html
reference_id msg00023.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-02T16:17:41Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00023.html
10
reference_url https://access.redhat.com/errata/RHSA-2023:4628
reference_id RHSA-2023:4628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4628
11
reference_url https://access.redhat.com/errata/RHSA-2023:4629
reference_id RHSA-2023:4629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4629
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYRTXTOQQI6SB2TLI5QXU76DURSLS4XI/
reference_id SYRTXTOQQI6SB2TLI5QXU76DURSLS4XI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-02T16:17:41Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYRTXTOQQI6SB2TLI5QXU76DURSLS4XI/
13
reference_url https://usn.ubuntu.com/6370-1/
reference_id USN-6370-1
reference_type
scores
url https://usn.ubuntu.com/6370-1/
14
reference_url https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.7
reference_id v2.9.7
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-02T16:17:41Z/
url https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.7
15
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCH6JM4I4MD4YABYFHSBDDOUFDGIFJKL/
reference_id WCH6JM4I4MD4YABYFHSBDDOUFDGIFJKL
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-02T16:17:41Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCH6JM4I4MD4YABYFHSBDDOUFDGIFJKL/
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.7-1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2023-24021
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fc2s-mxh1-yfeh
5
url VCID-j7n8-xubx-pqfe
vulnerability_id VCID-j7n8-xubx-pqfe
summary ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-2751
reference_id
reference_type
scores
0
value 0.01943
scoring_system epss
scoring_elements 0.83373
published_at 2026-04-01T12:55:00Z
1
value 0.01943
scoring_system epss
scoring_elements 0.83387
published_at 2026-04-02T12:55:00Z
2
value 0.01943
scoring_system epss
scoring_elements 0.83401
published_at 2026-04-04T12:55:00Z
3
value 0.01943
scoring_system epss
scoring_elements 0.834
published_at 2026-04-07T12:55:00Z
4
value 0.01943
scoring_system epss
scoring_elements 0.83424
published_at 2026-04-08T12:55:00Z
5
value 0.01943
scoring_system epss
scoring_elements 0.83434
published_at 2026-04-09T12:55:00Z
6
value 0.01943
scoring_system epss
scoring_elements 0.83449
published_at 2026-04-11T12:55:00Z
7
value 0.01943
scoring_system epss
scoring_elements 0.83443
published_at 2026-04-12T12:55:00Z
8
value 0.01943
scoring_system epss
scoring_elements 0.83438
published_at 2026-04-13T12:55:00Z
9
value 0.01943
scoring_system epss
scoring_elements 0.83474
published_at 2026-04-16T12:55:00Z
10
value 0.01943
scoring_system epss
scoring_elements 0.83476
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-2751
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2751
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2751
2
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678527
reference_id 678527
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=678527
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.6.6-1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.6.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.6.6-1%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2012-2751
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j7n8-xubx-pqfe
6
url VCID-k3vz-b9ar-37hq
vulnerability_id VCID-k3vz-b9ar-37hq
summary mod_security: ModSecurity segmentation fault
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52891.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-52891.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-52891
reference_id
reference_type
scores
0
value 0.00073
scoring_system epss
scoring_elements 0.22163
published_at 2026-04-21T12:55:00Z
1
value 0.00073
scoring_system epss
scoring_elements 0.22208
published_at 2026-04-18T12:55:00Z
2
value 0.00078
scoring_system epss
scoring_elements 0.23396
published_at 2026-04-02T12:55:00Z
3
value 0.00078
scoring_system epss
scoring_elements 0.23345
published_at 2026-04-09T12:55:00Z
4
value 0.00078
scoring_system epss
scoring_elements 0.23365
published_at 2026-04-11T12:55:00Z
5
value 0.00078
scoring_system epss
scoring_elements 0.23328
published_at 2026-04-12T12:55:00Z
6
value 0.00078
scoring_system epss
scoring_elements 0.23271
published_at 2026-04-13T12:55:00Z
7
value 0.00078
scoring_system epss
scoring_elements 0.23288
published_at 2026-04-16T12:55:00Z
8
value 0.00078
scoring_system epss
scoring_elements 0.23437
published_at 2026-04-04T12:55:00Z
9
value 0.00078
scoring_system epss
scoring_elements 0.23222
published_at 2026-04-07T12:55:00Z
10
value 0.00078
scoring_system epss
scoring_elements 0.23295
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-52891
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108715
reference_id 1108715
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108715
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2375926
reference_id 2375926
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2375926
5
reference_url https://github.com/owasp-modsecurity/ModSecurity/commit/ecd7b9736836eee391d25f35d5bd06a3ce35a45d
reference_id ecd7b9736836eee391d25f35d5bd06a3ce35a45d
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:24:24Z/
url https://github.com/owasp-modsecurity/ModSecurity/commit/ecd7b9736836eee391d25f35d5bd06a3ce35a45d
6
reference_url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-gw9c-4wfm-vj3x
reference_id GHSA-gw9c-4wfm-vj3x
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T15:24:24Z/
url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-gw9c-4wfm-vj3x
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@0?distro=trixie
purl pkg:deb/debian/modsecurity-apache@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@0%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2025-52891
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-k3vz-b9ar-37hq
7
url VCID-kg7a-8fqh-mffc
vulnerability_id VCID-kg7a-8fqh-mffc
summary security update
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-42717
reference_id
reference_type
scores
0
value 0.0204
scoring_system epss
scoring_elements 0.8386
published_at 2026-04-21T12:55:00Z
1
value 0.0204
scoring_system epss
scoring_elements 0.83765
published_at 2026-04-01T12:55:00Z
2
value 0.0204
scoring_system epss
scoring_elements 0.83778
published_at 2026-04-02T12:55:00Z
3
value 0.0204
scoring_system epss
scoring_elements 0.83792
published_at 2026-04-04T12:55:00Z
4
value 0.0204
scoring_system epss
scoring_elements 0.83793
published_at 2026-04-07T12:55:00Z
5
value 0.0204
scoring_system epss
scoring_elements 0.83817
published_at 2026-04-08T12:55:00Z
6
value 0.0204
scoring_system epss
scoring_elements 0.83823
published_at 2026-04-09T12:55:00Z
7
value 0.0204
scoring_system epss
scoring_elements 0.83839
published_at 2026-04-11T12:55:00Z
8
value 0.0204
scoring_system epss
scoring_elements 0.83833
published_at 2026-04-12T12:55:00Z
9
value 0.0204
scoring_system epss
scoring_elements 0.83828
published_at 2026-04-13T12:55:00Z
10
value 0.0204
scoring_system epss
scoring_elements 0.83862
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-42717
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42717
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-42717
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://usn.ubuntu.com/6370-1/
reference_id USN-6370-1
reference_type
scores
url https://usn.ubuntu.com/6370-1/
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.5-1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.5-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.5-1%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2021-42717
risk_score 1.9
exploitability 0.5
weighted_severity 3.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kg7a-8fqh-mffc
8
url VCID-qrsw-p6vk-pydk
vulnerability_id VCID-qrsw-p6vk-pydk
summary mod_security: ModSecurity Content-Type Override Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54571.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-54571.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-54571
reference_id
reference_type
scores
0
value 0.00054
scoring_system epss
scoring_elements 0.17166
published_at 2026-04-02T12:55:00Z
1
value 0.00054
scoring_system epss
scoring_elements 0.17218
published_at 2026-04-04T12:55:00Z
2
value 0.00054
scoring_system epss
scoring_elements 0.16999
published_at 2026-04-07T12:55:00Z
3
value 0.00054
scoring_system epss
scoring_elements 0.17089
published_at 2026-04-08T12:55:00Z
4
value 0.00054
scoring_system epss
scoring_elements 0.17146
published_at 2026-04-09T12:55:00Z
5
value 0.00059
scoring_system epss
scoring_elements 0.185
published_at 2026-04-12T12:55:00Z
6
value 0.00059
scoring_system epss
scoring_elements 0.18392
published_at 2026-04-16T12:55:00Z
7
value 0.00059
scoring_system epss
scoring_elements 0.18405
published_at 2026-04-18T12:55:00Z
8
value 0.00059
scoring_system epss
scoring_elements 0.18548
published_at 2026-04-11T12:55:00Z
9
value 0.00059
scoring_system epss
scoring_elements 0.1845
published_at 2026-04-13T12:55:00Z
10
value 0.00089
scoring_system epss
scoring_elements 0.2527
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-54571
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54571
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-54571
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110480
reference_id 1110480
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110480
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2386666
reference_id 2386666
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2386666
6
reference_url https://github.com/owasp-modsecurity/ModSecurity/issues/2514
reference_id 2514
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:31:25Z/
url https://github.com/owasp-modsecurity/ModSecurity/issues/2514
7
reference_url https://github.com/owasp-modsecurity/ModSecurity/commit/6d7e8eb18f2d7d368fb8e29516fcdeaeb8d349b8
reference_id 6d7e8eb18f2d7d368fb8e29516fcdeaeb8d349b8
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:31:25Z/
url https://github.com/owasp-modsecurity/ModSecurity/commit/6d7e8eb18f2d7d368fb8e29516fcdeaeb8d349b8
8
reference_url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-cg44-9m43-3f9v
reference_id GHSA-cg44-9m43-3f9v
reference_type
scores
0
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-08-06T20:31:25Z/
url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-cg44-9m43-3f9v
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u5?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u5%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2025-54571
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qrsw-p6vk-pydk
9
url VCID-sm3m-cydd-w3av
vulnerability_id VCID-sm3m-cydd-w3av
summary mod_security: ModSecurity Denial of Service Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48866.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-48866.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-48866
reference_id
reference_type
scores
0
value 0.0107
scoring_system epss
scoring_elements 0.77679
published_at 2026-04-02T12:55:00Z
1
value 0.0107
scoring_system epss
scoring_elements 0.77762
published_at 2026-04-21T12:55:00Z
2
value 0.0107
scoring_system epss
scoring_elements 0.77706
published_at 2026-04-04T12:55:00Z
3
value 0.0107
scoring_system epss
scoring_elements 0.77689
published_at 2026-04-07T12:55:00Z
4
value 0.0107
scoring_system epss
scoring_elements 0.77718
published_at 2026-04-08T12:55:00Z
5
value 0.0107
scoring_system epss
scoring_elements 0.77723
published_at 2026-04-09T12:55:00Z
6
value 0.0107
scoring_system epss
scoring_elements 0.77749
published_at 2026-04-11T12:55:00Z
7
value 0.0107
scoring_system epss
scoring_elements 0.77733
published_at 2026-04-12T12:55:00Z
8
value 0.0107
scoring_system epss
scoring_elements 0.77732
published_at 2026-04-13T12:55:00Z
9
value 0.0107
scoring_system epss
scoring_elements 0.7777
published_at 2026-04-16T12:55:00Z
10
value 0.0107
scoring_system epss
scoring_elements 0.77768
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-48866
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48866
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-48866
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107196
reference_id 1107196
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1107196
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2369827
reference_id 2369827
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2369827
6
reference_url https://github.com/owasp-modsecurity/ModSecurity/commit/3a54ccea62d3f7151bb08cb78d60c5e90b53ca2e
reference_id 3a54ccea62d3f7151bb08cb78d60c5e90b53ca2e
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-02T15:52:43Z/
url https://github.com/owasp-modsecurity/ModSecurity/commit/3a54ccea62d3f7151bb08cb78d60c5e90b53ca2e
7
reference_url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-859r-vvv8-rm8r
reference_id GHSA-859r-vvv8-rm8r
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-02T15:52:43Z/
url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-859r-vvv8-rm8r
8
reference_url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-f82j-8pp7-cw2w
reference_id GHSA-f82j-8pp7-cw2w
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-02T15:52:43Z/
url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-f82j-8pp7-cw2w
9
reference_url https://github.com/owasp-modsecurity/ModSecurity/wiki/Reference-Manual-(v2.x)#sanitisearg
reference_id Reference-Manual-(v2.x)#sanitisearg
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-02T15:52:43Z/
url https://github.com/owasp-modsecurity/ModSecurity/wiki/Reference-Manual-(v2.x)#sanitisearg
10
reference_url https://access.redhat.com/errata/RHSA-2025:12838
reference_id RHSA-2025:12838
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:12838
11
reference_url https://access.redhat.com/errata/RHSA-2025:13670
reference_id RHSA-2025:13670
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13670
12
reference_url https://access.redhat.com/errata/RHSA-2025:13716
reference_id RHSA-2025:13716
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13716
13
reference_url https://access.redhat.com/errata/RHSA-2025:13775
reference_id RHSA-2025:13775
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13775
14
reference_url https://usn.ubuntu.com/7567-1/
reference_id USN-7567-1
reference_type
scores
url https://usn.ubuntu.com/7567-1/
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u4?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u4%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.10-1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.10-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.10-1%3Fdistro=trixie
5
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
6
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2025-48866
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sm3m-cydd-w3av
10
url VCID-tyyt-k2cb-dygb
vulnerability_id VCID-tyyt-k2cb-dygb
summary modsecurity: ModSecurity Has Possible DoS Vulnerability
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47947.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-47947.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-47947
reference_id
reference_type
scores
0
value 0.00513
scoring_system epss
scoring_elements 0.66477
published_at 2026-04-02T12:55:00Z
1
value 0.00513
scoring_system epss
scoring_elements 0.66474
published_at 2026-04-07T12:55:00Z
2
value 0.00513
scoring_system epss
scoring_elements 0.66537
published_at 2026-04-09T12:55:00Z
3
value 0.00513
scoring_system epss
scoring_elements 0.66556
published_at 2026-04-11T12:55:00Z
4
value 0.00513
scoring_system epss
scoring_elements 0.66543
published_at 2026-04-12T12:55:00Z
5
value 0.00513
scoring_system epss
scoring_elements 0.66512
published_at 2026-04-13T12:55:00Z
6
value 0.00513
scoring_system epss
scoring_elements 0.66547
published_at 2026-04-16T12:55:00Z
7
value 0.00513
scoring_system epss
scoring_elements 0.66564
published_at 2026-04-18T12:55:00Z
8
value 0.00513
scoring_system epss
scoring_elements 0.66503
published_at 2026-04-04T12:55:00Z
9
value 0.00513
scoring_system epss
scoring_elements 0.66523
published_at 2026-04-08T12:55:00Z
10
value 0.00615
scoring_system epss
scoring_elements 0.69925
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-47947
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47947
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-47947
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106286
reference_id 1106286
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106286
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2367903
reference_id 2367903
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2367903
6
reference_url https://github.com/owasp-modsecurity/ModSecurity/pull/3389
reference_id 3389
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-22T15:51:29Z/
url https://github.com/owasp-modsecurity/ModSecurity/pull/3389
7
reference_url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-859r-vvv8-rm8r
reference_id GHSA-859r-vvv8-rm8r
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-05-22T15:51:29Z/
url https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-859r-vvv8-rm8r
8
reference_url https://access.redhat.com/errata/RHSA-2025:13680
reference_id RHSA-2025:13680
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13680
9
reference_url https://access.redhat.com/errata/RHSA-2025:13681
reference_id RHSA-2025:13681
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:13681
10
reference_url https://access.redhat.com/errata/RHSA-2025:8605
reference_id RHSA-2025:8605
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8605
11
reference_url https://access.redhat.com/errata/RHSA-2025:8626
reference_id RHSA-2025:8626
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8626
12
reference_url https://access.redhat.com/errata/RHSA-2025:8627
reference_id RHSA-2025:8627
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8627
13
reference_url https://access.redhat.com/errata/RHSA-2025:8674
reference_id RHSA-2025:8674
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8674
14
reference_url https://access.redhat.com/errata/RHSA-2025:8837
reference_id RHSA-2025:8837
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8837
15
reference_url https://access.redhat.com/errata/RHSA-2025:8844
reference_id RHSA-2025:8844
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8844
16
reference_url https://access.redhat.com/errata/RHSA-2025:8917
reference_id RHSA-2025:8917
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8917
17
reference_url https://access.redhat.com/errata/RHSA-2025:8922
reference_id RHSA-2025:8922
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8922
18
reference_url https://access.redhat.com/errata/RHSA-2025:8937
reference_id RHSA-2025:8937
reference_type
scores
url https://access.redhat.com/errata/RHSA-2025:8937
19
reference_url https://usn.ubuntu.com/7567-1/
reference_id USN-7567-1
reference_type
scores
url https://usn.ubuntu.com/7567-1/
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u3%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u1%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.9-1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.9-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.9-1%3Fdistro=trixie
5
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
6
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2025-47947
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tyyt-k2cb-dygb
11
url VCID-y2r9-myqj-yye3
vulnerability_id VCID-y2r9-myqj-yye3
summary ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) vulnerability.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101898.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101898.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101911.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2013-April/101911.html
2
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102616.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102616.html
3
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00020.html
4
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00025.html
5
reference_url http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
reference_id
reference_type
scores
url http://lists.opensuse.org/opensuse-updates/2013-08/msg00031.html
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-1915
reference_id
reference_type
scores
0
value 0.04848
scoring_system epss
scoring_elements 0.89549
published_at 2026-04-21T12:55:00Z
1
value 0.04848
scoring_system epss
scoring_elements 0.89501
published_at 2026-04-01T12:55:00Z
2
value 0.04848
scoring_system epss
scoring_elements 0.89505
published_at 2026-04-02T12:55:00Z
3
value 0.04848
scoring_system epss
scoring_elements 0.89517
published_at 2026-04-07T12:55:00Z
4
value 0.04848
scoring_system epss
scoring_elements 0.89533
published_at 2026-04-08T12:55:00Z
5
value 0.04848
scoring_system epss
scoring_elements 0.89537
published_at 2026-04-09T12:55:00Z
6
value 0.04848
scoring_system epss
scoring_elements 0.89544
published_at 2026-04-11T12:55:00Z
7
value 0.04848
scoring_system epss
scoring_elements 0.89541
published_at 2026-04-12T12:55:00Z
8
value 0.04848
scoring_system epss
scoring_elements 0.89536
published_at 2026-04-13T12:55:00Z
9
value 0.04848
scoring_system epss
scoring_elements 0.8955
published_at 2026-04-16T12:55:00Z
10
value 0.04848
scoring_system epss
scoring_elements 0.89552
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-1915
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=947842
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=947842
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1915
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1915
9
reference_url http://secunia.com/advisories/52847
reference_id
reference_type
scores
url http://secunia.com/advisories/52847
10
reference_url http://secunia.com/advisories/52977
reference_id
reference_type
scores
url http://secunia.com/advisories/52977
11
reference_url https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES
reference_id
reference_type
scores
url https://github.com/SpiderLabs/ModSecurity/blob/master/CHANGES
12
reference_url https://github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fe
reference_id
reference_type
scores
url https://github.com/SpiderLabs/ModSecurity/commit/d4d80b38aa85eccb26e3c61b04d16e8ca5de76fe
13
reference_url http://www.debian.org/security/2013/dsa-2659
reference_id
reference_type
scores
url http://www.debian.org/security/2013/dsa-2659
14
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2013:156
reference_id
reference_type
scores
url http://www.mandriva.com/security/advisories?name=MDVSA-2013:156
15
reference_url http://www.openwall.com/lists/oss-security/2013/04/03/7
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2013/04/03/7
16
reference_url http://www.securityfocus.com/bid/58810
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/58810
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704625
reference_id 704625
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=704625
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:trustwave:modsecurity:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:17:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:18:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:19:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_id cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-1915
reference_id CVE-2013-1915
reference_type
scores
0
value 7.5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:P/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2013-1915
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.6.6-6?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.6.6-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.6.6-6%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2013-1915
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y2r9-myqj-yye3
12
url VCID-y8ty-2cp5-y3gm
vulnerability_id VCID-y8ty-2cp5-y3gm
summary mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48279.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-48279.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-48279
reference_id
reference_type
scores
0
value 0.00649
scoring_system epss
scoring_elements 0.7075
published_at 2026-04-02T12:55:00Z
1
value 0.00649
scoring_system epss
scoring_elements 0.70825
published_at 2026-04-21T12:55:00Z
2
value 0.00649
scoring_system epss
scoring_elements 0.70768
published_at 2026-04-04T12:55:00Z
3
value 0.00649
scoring_system epss
scoring_elements 0.70743
published_at 2026-04-07T12:55:00Z
4
value 0.00649
scoring_system epss
scoring_elements 0.70788
published_at 2026-04-08T12:55:00Z
5
value 0.00649
scoring_system epss
scoring_elements 0.70804
published_at 2026-04-09T12:55:00Z
6
value 0.00649
scoring_system epss
scoring_elements 0.70827
published_at 2026-04-11T12:55:00Z
7
value 0.00649
scoring_system epss
scoring_elements 0.70811
published_at 2026-04-12T12:55:00Z
8
value 0.00649
scoring_system epss
scoring_elements 0.70795
published_at 2026-04-13T12:55:00Z
9
value 0.00649
scoring_system epss
scoring_elements 0.70841
published_at 2026-04-16T12:55:00Z
10
value 0.00649
scoring_system epss
scoring_elements 0.70847
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-48279
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48279
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-48279
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2163622
reference_id 2163622
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2163622
5
reference_url https://github.com/SpiderLabs/ModSecurity/pull/2795
reference_id 2795
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://github.com/SpiderLabs/ModSecurity/pull/2795
6
reference_url https://github.com/SpiderLabs/ModSecurity/pull/2797
reference_id 2797
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://github.com/SpiderLabs/ModSecurity/pull/2797
7
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/52TGCZCOHYBDCVWJYNN2PS4QLOHCXWTQ/
reference_id 52TGCZCOHYBDCVWJYNN2PS4QLOHCXWTQ
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/52TGCZCOHYBDCVWJYNN2PS4QLOHCXWTQ/
8
reference_url https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves/
reference_id crs-version-3-3-3-and-3-2-2-covering-several-cves
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves/
9
reference_url https://lists.debian.org/debian-lts-announce/2023/01/msg00023.html
reference_id msg00023.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://lists.debian.org/debian-lts-announce/2023/01/msg00023.html
10
reference_url https://access.redhat.com/errata/RHSA-2023:4628
reference_id RHSA-2023:4628
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4628
11
reference_url https://access.redhat.com/errata/RHSA-2023:4629
reference_id RHSA-2023:4629
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:4629
12
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYRTXTOQQI6SB2TLI5QXU76DURSLS4XI/
reference_id SYRTXTOQQI6SB2TLI5QXU76DURSLS4XI
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYRTXTOQQI6SB2TLI5QXU76DURSLS4XI/
13
reference_url https://usn.ubuntu.com/6370-1/
reference_id USN-6370-1
reference_type
scores
url https://usn.ubuntu.com/6370-1/
14
reference_url https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.6
reference_id v2.9.6
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.6
15
reference_url https://github.com/SpiderLabs/ModSecurity/releases/tag/v3.0.8
reference_id v3.0.8
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://github.com/SpiderLabs/ModSecurity/releases/tag/v3.0.8
16
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCH6JM4I4MD4YABYFHSBDDOUFDGIFJKL/
reference_id WCH6JM4I4MD4YABYFHSBDDOUFDGIFJKL
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-04-03T18:41:41Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCH6JM4I4MD4YABYFHSBDDOUFDGIFJKL/
fixed_packages
0
url pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.3-3%2Bdeb11u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.3-3%252Bdeb11u2%3Fdistro=trixie
1
url pkg:deb/debian/modsecurity-apache@2.9.6-1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.6-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.6-1%3Fdistro=trixie
2
url pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.7-1%2Bdeb12u2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.7-1%252Bdeb12u2%3Fdistro=trixie
3
url pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.11-1%2Bdeb13u1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie
4
url pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.12-2%3Fdistro=trixie
aliases CVE-2022-48279
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y8ty-2cp5-y3gm
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/modsecurity-apache@2.9.11-1%252Bdeb13u1%3Fdistro=trixie