VYPR

rpm package

suse/apache2-mod_security2&distro=SUSE Linux Enterprise Server 12 SP5-LTSS

pkg:rpm/suse/apache2-mod_security2&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Vulnerabilities (2)

  • CVE-2025-48866Jun 2, 2025
    affected < 2.8.0-7.9.1fixed 2.8.0-7.9.1

    ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The `sanitiseArg` (and `sanitizeArg` - this is the same

  • CVE-2025-47947May 21, 2025
    affected < 2.8.0-7.9.1fixed 2.8.0-7.9.1

    ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions up to and including 2.9.8 are vulnerable to denial of service in one special case (in stable released versions): when the payload's content type is `application