CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-28882

Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash and unresponsiveness) because some inputs cause a segfault in the Transaction class for some configurations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 18.8%

CVSS Severity

CVSS v3 Score 7.5

References

https://www.trustwave.com/en-us/resources/security-resources/software-updates/announcing-modsecurity-version-309/
https://www.trustwave.com/en-us/resources/security-resources/software-updates/announcing-modsecurity-version-309/

Products affected by CVE-2023-28882

Owasp » Modsecurity » Version: 3.0.5

cpe:2.3:a:owasp:modsecurity:3.0.5
Owasp » Modsecurity » Version: 3.0.6

cpe:2.3:a:owasp:modsecurity:3.0.6
Owasp » Modsecurity » Version: 3.0.8

cpe:2.3:a:owasp:modsecurity:3.0.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-28882

Products

Pricing

Contact Us