vulnerability
Amazon Linux 2023: CVE-2025-48866: Important priority package update for mod_security
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:N/AC:M/Au:N/C:N/I:N/A:C) | Jun 2, 2025 | Jun 24, 2025 | Jul 17, 2025 |
Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
Jun 2, 2025
Added
Jun 24, 2025
Modified
Jul 17, 2025
Description
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The `sanitiseArg` (and `sanitizeArg` - this is the same action but an alias) is vulnerable to adding an excessive number of arguments, thereby leading to denial of service. Version 2.9.10 fixes the issue. As a workaround, avoid using rules that contain the `sanitiseArg` (or `sanitizeArg`) action.
A denial of service flaw was found in ModSecurity. This vulnerability is present in the `sanitiseArg`/`sanitizeArg` function can be overloaded with a large number of arguments which will lead to excessive memory usage when processing json values. This may lead to a denial of service in the affected web server should memory limits be exceeded.
A denial of service flaw was found in ModSecurity. This vulnerability is present in the `sanitiseArg`/`sanitizeArg` function can be overloaded with a large number of arguments which will lead to excessive memory usage when processing json values. This may lead to a denial of service in the affected web server should memory limits be exceeded.
Solutions
amazon-linux-2023-upgrade-mod-securityamazon-linux-2023-upgrade-mod-security-debuginfoamazon-linux-2023-upgrade-mod-security-debugsourceamazon-linux-2023-upgrade-mod-security-mlogcamazon-linux-2023-upgrade-mod-security-mlogc-debuginfo
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.