Known vulnerabilities in OWASP OWASP ModSecurity Core Rule Set (CRS)

Known vulnerabilities in OWASP OWASP ModSecurity Core Rule Set (CRS)

Vendor: OWASP

Website:

Total Security Bulletins: 6

Security bulletins (6)

Secuity bulletin	Severity	Status	Published
SB2026010786: Multipart bypass using multiple content-type parts in ModSecurity Core Rule Set	Medium	Patched	07.01.2026
SB2023072508: Type Confusion in coreruleset	Medium	Patched	25.07.2023
SB2023020956: Multiple vulnerabilities in OWASP ModSecurity Core Rule Set (CRS)	Medium	Patched	09.02.2023
SB2021070111: WAF ruleset bypass in OWASP ModSecurity Core Rule Set (CRS)	Medium	Patched	01.07.2021
SB2019072816: Denial of service in OWASP ModSecurity Core Rule Set (CRS)	Medium	Patched	28.07.2019
SB2019070929: File upload rules bypass in OWASP ModSecurity Core Rule Set (CRS)	Medium	Patched	09.07.2019