Back to bug 2131319
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Guilherme de Almeida Suckevicz | 2022-09-30 17:07:52 UTC | Depends On | 2131320 | |
| Guilherme de Almeida Suckevicz | 2022-09-30 18:16:26 UTC | Depends On | 2131349, 2131348 | |
| Guilherme de Almeida Suckevicz | 2022-10-06 18:51:21 UTC | Doc Text | A flaw was found in the OWASP ModSecurity Core Rule Set. A payload with a HTTP accept header field containing a charset that can't be decoded by the Web Application Firewall allows a response body bypass, resulting in access to restricted resources. | |
| Paige Jung | 2022-10-06 20:34:19 UTC | Doc Text | A flaw was found in the OWASP ModSecurity Core Rule Set. A payload with a HTTP accept header field containing a charset that can't be decoded by the Web Application Firewall allows a response body bypass, resulting in access to restricted resources. | A flaw was found in the OWASP ModSecurity Core Rule Set. A payload with a HTTP accept header field containing a charset that can't be decoded by the Web Application Firewall allows a response body bypass, resulting in access to restricted resources. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively. |
| Guilherme de Almeida Suckevicz | 2022-10-07 13:58:27 UTC | Doc Text | A flaw was found in the OWASP ModSecurity Core Rule Set. A payload with a HTTP accept header field containing a charset that can't be decoded by the Web Application Firewall allows a response body bypass, resulting in access to restricted resources. The legacy CRS versions 3.0.x and 3.1.x are affected, as well as the currently supported versions 3.2.1 and 3.3.2. Integrators and users are advised to upgrade to 3.2.2 and 3.3.3 respectively. | A flaw was found in the OWASP ModSecurity Core Rule Set. A payload with a HTTP accept header field containing a charset that can't be decoded by the Web Application Firewall allows a response body bypass, resulting in access to restricted resources. |
| Red Hat Bugzilla | 2023-07-07 08:31:56 UTC | Assignee | security-response-team | nobody |
Back to bug 2131319