Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 nginx modsecurity waf r25 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2021-42717
ModSecurity 3.x up to and including 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy...