Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
purl pkg:deb/debian/modsecurity-apache@2.9.12-2?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (13)
Vulnerability Summary Aliases
VCID-3vdu-xbqh-7ud6 ModSecurity before 2.5.11 treats request parameter values containing single quotes as files, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks via a single quote in a request parameter in the Content-Disposition field of a request with a multipart/form-data Content-Type header. CVE-2009-5031
VCID-4s75-8asy-wyb1 The ModSecurity module before 2.7.4 for the Apache HTTP Server allows remote attackers to cause a denial of service (NULL pointer dereference, process crash, and disk consumption) via a POST request with a large body and a crafted Content-Type header. CVE-2013-2765
VCID-5gw3-jywd-2qb2 security update CVE-2013-5705
VCID-b7s9-yu8p-hbhj The mod_security2 module before 2.7.0 for the Apache HTTP Server allows remote attackers to bypass rules, and deliver arbitrary POST data to a PHP application, via a multipart request in which an invalid part precedes the crafted data. CVE-2012-4528
VCID-fc2s-mxh1-yfeh modsecurity: lacking the complete content in FILES_TMP_CONTENT leads to web application firewall bypass CVE-2023-24021
VCID-j7n8-xubx-pqfe ModSecurity before 2.6.6, when used with PHP, does not properly handle single quotes not at the beginning of a request parameter value in the Content-Disposition field of a request with a multipart/form-data Content-Type header, which allows remote attackers to bypass filtering rules and perform other attacks such as cross-site scripting (XSS) attacks. NOTE: this vulnerability exists because of an incomplete fix for CVE-2009-5031. CVE-2012-2751
VCID-k3vz-b9ar-37hq mod_security: ModSecurity segmentation fault CVE-2025-52891
VCID-kg7a-8fqh-mffc security update CVE-2021-42717
VCID-qrsw-p6vk-pydk mod_security: ModSecurity Content-Type Override Vulnerability CVE-2025-54571
VCID-sm3m-cydd-w3av mod_security: ModSecurity Denial of Service Vulnerability CVE-2025-48866
VCID-tyyt-k2cb-dygb modsecurity: ModSecurity Has Possible DoS Vulnerability CVE-2025-47947
VCID-y2r9-myqj-yye3 ModSecurity before 2.7.3 allows remote attackers to read arbitrary files, send HTTP requests to intranet servers, or cause a denial of service (CPU and memory consumption) via an XML external entity declaration in conjunction with an entity reference, aka an XML External Entity (XXE) vulnerability. CVE-2013-1915
VCID-y8ty-2cp5-y3gm mod_security: incorrect parsing of HTTP multipart requests leads to web application firewall bypass CVE-2022-48279

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:59:05.452132+00:00 Debian Importer Fixing VCID-tyyt-k2cb-dygb https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:53:21.528750+00:00 Debian Importer Fixing VCID-j7n8-xubx-pqfe https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T12:21:49.595886+00:00 Debian Importer Fixing VCID-sm3m-cydd-w3av https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:57:57.479153+00:00 Debian Importer Fixing VCID-5gw3-jywd-2qb2 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:56:44.280256+00:00 Debian Importer Fixing VCID-b7s9-yu8p-hbhj https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:40:23.737240+00:00 Debian Importer Fixing VCID-4s75-8asy-wyb1 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T11:00:59.221450+00:00 Debian Importer Fixing VCID-k3vz-b9ar-37hq https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:49:31.043456+00:00 Debian Importer Fixing VCID-fc2s-mxh1-yfeh https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:47:59.010810+00:00 Debian Importer Fixing VCID-qrsw-p6vk-pydk https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:06:51.942989+00:00 Debian Importer Fixing VCID-y2r9-myqj-yye3 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:45:18.607464+00:00 Debian Importer Fixing VCID-kg7a-8fqh-mffc https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:28:59.219166+00:00 Debian Importer Fixing VCID-3vdu-xbqh-7ud6 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T09:06:24.407267+00:00 Debian Importer Fixing VCID-y8ty-2cp5-y3gm https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:55:15.992057+00:00 Debian Importer Fixing VCID-tyyt-k2cb-dygb https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:50:56.239498+00:00 Debian Importer Fixing VCID-j7n8-xubx-pqfe https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:27:34.252278+00:00 Debian Importer Fixing VCID-sm3m-cydd-w3av https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:10:10.483301+00:00 Debian Importer Fixing VCID-5gw3-jywd-2qb2 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T08:09:15.409941+00:00 Debian Importer Fixing VCID-b7s9-yu8p-hbhj https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:57:10.872212+00:00 Debian Importer Fixing VCID-4s75-8asy-wyb1 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:28:39.027024+00:00 Debian Importer Fixing VCID-k3vz-b9ar-37hq https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:19:42.622191+00:00 Debian Importer Fixing VCID-fc2s-mxh1-yfeh https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:18:31.732609+00:00 Debian Importer Fixing VCID-qrsw-p6vk-pydk https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:47:29.496452+00:00 Debian Importer Fixing VCID-y2r9-myqj-yye3 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T06:30:40.466724+00:00 Debian Importer Fixing VCID-kg7a-8fqh-mffc https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:19:24.553910+00:00 Debian Importer Fixing VCID-3vdu-xbqh-7ud6 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T18:06:04.085649+00:00 Debian Importer Fixing VCID-y8ty-2cp5-y3gm https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:46:03.038780+00:00 Debian Importer Fixing VCID-qrsw-p6vk-pydk https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.979409+00:00 Debian Importer Fixing VCID-k3vz-b9ar-37hq https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.920779+00:00 Debian Importer Fixing VCID-sm3m-cydd-w3av https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.853696+00:00 Debian Importer Fixing VCID-tyyt-k2cb-dygb https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.794367+00:00 Debian Importer Fixing VCID-fc2s-mxh1-yfeh https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.745500+00:00 Debian Importer Fixing VCID-y8ty-2cp5-y3gm https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.703516+00:00 Debian Importer Fixing VCID-kg7a-8fqh-mffc https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.654031+00:00 Debian Importer Fixing VCID-5gw3-jywd-2qb2 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.610122+00:00 Debian Importer Fixing VCID-4s75-8asy-wyb1 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.559344+00:00 Debian Importer Fixing VCID-y2r9-myqj-yye3 https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.508631+00:00 Debian Importer Fixing VCID-b7s9-yu8p-hbhj https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.458684+00:00 Debian Importer Fixing VCID-j7n8-xubx-pqfe https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.408933+00:00 Debian Importer Fixing VCID-3vdu-xbqh-7ud6 https://security-tracker.debian.org/tracker/data/json 38.1.0