Debian 11 modsecurity-crs Moderate Content-Type Attack Bypass DLA-4488-1

Debian 11 modsecurity-crs Moderate Content-Type Attack Bypass DLA-4488-1

SecurityVulns
Yanac

Multiple issues have been fixed in modsecurity-crs, a set of generic attack detection rules for use with ModSecurity. CVE-2023-38199 Coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms. ThisLinuxSecurity – Security AdvisoriesRead More