Incorrect handling of '\0' bytes in file uploads in ModSecurity before 2.9.7 may allow for Web Application Firewall bypasses and buffer over-reads on the Web Application Firewall when executing rules that read the FILES_TMP_CONTENT collection.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-01-20T00:00:00
Updated: 2023-04-22T00:00:00
Reserved: 2023-01-20T00:00:00
Link: CVE-2023-24021
JSON object: View
NVD Information
Status : Modified
Published: 2023-01-20T19:15:18.593
Modified: 2023-11-07T04:08:14.673
Link: CVE-2023-24021
JSON object: View
Redhat Information
No data.
CWE