OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Owasp_modsecurity_core_rule_set | Owasp | 3.1.0 (including) | 3.1.2 (excluding) |
Owasp_modsecurity_core_rule_set | Owasp | 3.2.0 (including) | 3.2.1 (excluding) |
Owasp_modsecurity_core_rule_set | Owasp | 3.3.0 (including) | 3.3.2 (excluding) |
Modsecurity-crs | Ubuntu | bionic | * |
Modsecurity-crs | Ubuntu | hirsute | * |
Modsecurity-crs | Ubuntu | impish | * |
Modsecurity-crs | Ubuntu | kinetic | * |
Modsecurity-crs | Ubuntu | lunar | * |
Modsecurity-crs | Ubuntu | mantic | * |
Modsecurity-crs | Ubuntu | trusty | * |
Modsecurity-crs | Ubuntu | xenial | * |