Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP4 package modsecurity, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2020-15598 — CVSS 7.5 (high): Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special request. NOTE: The discoverer reports "Trustwave has…
CVE-2021-42717 — CVSS 7.5 (high): ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could…
CVE-2023-28882 — CVSS 7.5 (high): Trustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash and unresponsiveness) because some inputs…