libmodsecurity3 CVE-2023-38285 affecting CRS users

Many CRS users have probably read Trustwave's recent announcement about the new version of libmodsecurity3 (aka ModSecurity v3) and the reason for the release: https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-v3-dos-vulnerability-in-four-transformations-cve-2023-38285/ The new version of the WAF library fixes a CVE described issue, namely: "DoS Vulnerability in Four Transformations". We would like to draw the attention of all CRS users who […]

libmodsecurity3 CVE-2023-38285 affecting CRS users Read More »