Published: 28/04/2023 Updated: 04/05/2023

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 0

Trustwave ModSecurity 3.0.5 up to and including 3.0.8 prior to 3.0.9 allows a denial of service (worker crash and unresponsiveness) because some inputs cause a segfault in the Transaction class for some configurations.

Vulnerable Product	Search on Vulmon	Subscribe to Product
trustwave modsecurity

Debian Bug report logs - #1035083 modsecurity: CVE-2023-28882 Package: src:modsecurity; Maintainer for src:modsecurity is Alberto Gonzalez Iniesta <agi@inittaborg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Sat, 29 Apr 2023 08:09:02 UTC Severity: grave Tags: security, upstream Found in version mod ...

DescriptionThe MITRE CVE dictionary describes this issue as: Trustwave ModSecurity 305 through 308 before 309 allows a denial of service (worker crash and unresponsiveness) because some inputs cause a segfault in the Transaction class for some configurations ...

CWE-400 https://www.trustwave.com/en-us/resources/security-resources/software-updates/announcing-modsecurity-version-309/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1035083 https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2023-28882

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-28882

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect