vulnerability

Debian: CVE-2021-35368: modsecurity-crs -- security update

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:P/I:P/A:P)	Nov 5, 2021	Jul 30, 2024	Mar 30, 2026

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:P)

Published

Nov 5, 2021

Added

Jul 30, 2024

Modified

Mar 30, 2026

Description

OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname.

Solution

debian-upgrade-modsecurity-crs

References

CVE-2021-35368
https://attackerkb.com/topics/CVE-2021-35368
EUVD-EUVD-2021-22011
https://euvd.enisa.europa.eu/vulnerability/EUVD-2021-22011

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report