VulnerableCode Package Details - pkg:deb/debian/modsecurity-apache@2.8.0-2~bpo70%2B1

Search for packages

Vulnerability	Summary	Fixed by
VCID-fc2s-mxh1-yfeh Aliases: CVE-2023-24021	modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass	2.9.3-3+deb11u2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-kg7a-8fqh-mffc Aliases: CVE-2021-42717	security update	2.9.3-1+deb10u1 Affected by 6 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 2.9.3-3+deb11u2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-qrsw-p6vk-pydk Aliases: CVE-2025-54571	mod_security: ModSecurity Content-Type Override Vulnerability	2.9.7-1+deb12u2 Affected by 0 other vulnerabilities.
VCID-sm3m-cydd-w3av Aliases: CVE-2025-48866	mod_security: ModSecurity Denial of Service Vulnerability	2.9.7-1+deb12u2 Affected by 0 other vulnerabilities.
VCID-tyyt-k2cb-dygb Aliases: CVE-2025-47947	modsecurity: ModSecurity Has Possible DoS Vulnerability	2.9.7-1+deb12u2 Affected by 0 other vulnerabilities.
VCID-y8ty-2cp5-y3gm Aliases: CVE-2022-48279	mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass	2.9.3-3+deb11u2 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-fc2s-mxh1-yfeh
Aliases:
CVE-2023-24021

modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass

2.9.3-3+deb11u2
Affected by 3 other vulnerabilities.

VCID-kg7a-8fqh-mffc
Aliases:
CVE-2021-42717

security update

2.9.3-1+deb10u1
Affected by 6 other vulnerabilities.

2.9.3-3+deb11u2
Affected by 3 other vulnerabilities.

VCID-qrsw-p6vk-pydk
Aliases:
CVE-2025-54571

mod_security: ModSecurity Content-Type Override Vulnerability

2.9.7-1+deb12u2
Affected by 0 other vulnerabilities.

VCID-sm3m-cydd-w3av
Aliases:
CVE-2025-48866

mod_security: ModSecurity Denial of Service Vulnerability

2.9.7-1+deb12u2
Affected by 0 other vulnerabilities.

VCID-tyyt-k2cb-dygb
Aliases:
CVE-2025-47947

modsecurity: ModSecurity Has Possible DoS Vulnerability

2.9.7-1+deb12u2
Affected by 0 other vulnerabilities.

VCID-y8ty-2cp5-y3gm
Aliases:
CVE-2022-48279

mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass

2.9.3-3+deb11u2
Affected by 3 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-4s75-8asy-wyb1	The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.	CVE-2013-2765
VCID-5gw3-jywd-2qb2	security update	CVE-2013-5705

Vulnerability

Summary

Aliases

VCID-4s75-8asy-wyb1

The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header.

CVE-2013-2765

VCID-5gw3-jywd-2qb2

security update

CVE-2013-5705

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T00:05:31.482260+00:00	Debian Oval Importer	Affected by	VCID-sm3m-cydd-w3av	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T23:18:59.355889+00:00	Debian Oval Importer	Affected by	VCID-qrsw-p6vk-pydk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:20:47.053856+00:00	Debian Oval Importer	Fixing	VCID-5gw3-jywd-2qb2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:57:54.048406+00:00	Debian Oval Importer	Affected by	VCID-kg7a-8fqh-mffc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:57:18.423725+00:00	Debian Oval Importer	Affected by	VCID-tyyt-k2cb-dygb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:02:51.337935+00:00	Debian Oval Importer	Affected by	VCID-fc2s-mxh1-yfeh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T18:05:47.137766+00:00	Debian Oval Importer	Affected by	VCID-y8ty-2cp5-y3gm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T17:23:36.806594+00:00	Debian Oval Importer	Fixing	VCID-4s75-8asy-wyb1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T15:12:19.123965+00:00	Debian Oval Importer	Affected by	VCID-kg7a-8fqh-mffc	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.4.0
2026-04-11T23:39:34.365531+00:00	Debian Oval Importer	Affected by	VCID-sm3m-cydd-w3av	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:54:36.903199+00:00	Debian Oval Importer	Affected by	VCID-qrsw-p6vk-pydk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:58:13.150846+00:00	Debian Oval Importer	Fixing	VCID-5gw3-jywd-2qb2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:36:10.965642+00:00	Debian Oval Importer	Affected by	VCID-kg7a-8fqh-mffc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:35:36.475711+00:00	Debian Oval Importer	Affected by	VCID-tyyt-k2cb-dygb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:42:59.813296+00:00	Debian Oval Importer	Affected by	VCID-fc2s-mxh1-yfeh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:51:26.302376+00:00	Debian Oval Importer	Affected by	VCID-y8ty-2cp5-y3gm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T17:10:01.602743+00:00	Debian Oval Importer	Fixing	VCID-4s75-8asy-wyb1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:00:37.720330+00:00	Debian Oval Importer	Affected by	VCID-kg7a-8fqh-mffc	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.3.0
2026-04-08T23:12:06.697880+00:00	Debian Oval Importer	Affected by	VCID-sm3m-cydd-w3av	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T22:29:01.014645+00:00	Debian Oval Importer	Affected by	VCID-qrsw-p6vk-pydk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:35:25.228273+00:00	Debian Oval Importer	Fixing	VCID-5gw3-jywd-2qb2	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:14:19.275496+00:00	Debian Oval Importer	Affected by	VCID-kg7a-8fqh-mffc	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:13:45.893171+00:00	Debian Oval Importer	Affected by	VCID-tyyt-k2cb-dygb	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:22:56.679231+00:00	Debian Oval Importer	Affected by	VCID-fc2s-mxh1-yfeh	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T17:38:27.801711+00:00	Debian Oval Importer	Affected by	VCID-y8ty-2cp5-y3gm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:59:05.550208+00:00	Debian Oval Importer	Fixing	VCID-4s75-8asy-wyb1	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T14:56:12.807722+00:00	Debian Oval Importer	Affected by	VCID-kg7a-8fqh-mffc	https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2	38.1.0