Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/modsecurity@3.0.4-1?distro=trixie
purl pkg:deb/debian/modsecurity@3.0.4-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-cq83-mkc9-g3e2 Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of Service) because of a flaw in Transaction::addRequestHeader in transaction.cc. CVE-2019-19886
VCID-m634-5nyb-skeu ModSecurity 3.x before 3.0.4 mishandles key-value pair parsing, as demonstrated by a "string index out of range" error and worker-process crash for a "Cookie: =abc" header. CVE-2019-25043

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T10:08:00.652068+00:00 Debian Importer Fixing VCID-m634-5nyb-skeu https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T08:55:36.123954+00:00 Debian Importer Fixing VCID-cq83-mkc9-g3e2 https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T06:48:20.653597+00:00 Debian Importer Fixing VCID-m634-5nyb-skeu https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-11T17:59:25.974974+00:00 Debian Importer Fixing VCID-cq83-mkc9-g3e2 https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-03T07:46:02.082587+00:00 Debian Importer Fixing VCID-m634-5nyb-skeu https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-03T07:46:02.044435+00:00 Debian Importer Fixing VCID-cq83-mkc9-g3e2 https://security-tracker.debian.org/tracker/data/json 38.1.0