Hello,
The OWASP ModSecurity Core Rule Set (CRS) team is pleased to announce the release of CRS v3.3.5.
This is a security release which fixes the recently announced CVE-2023-38199, whereby it is possible to cause an impedance mismatch on some platforms running CRS v3.3.4 and earlier by submitting a request with multiple Content-Type headers.
coreruleset.org
Fix coming via easy apache
github.com
The OWASP ModSecurity Core Rule Set (CRS) team is pleased to announce the release of CRS v3.3.5.
This is a security release which fixes the recently announced CVE-2023-38199, whereby it is possible to cause an impedance mismatch on some platforms running CRS v3.3.4 and earlier by submitting a request with multiple Content-Type headers.
CRS version 3.3.5 released – OWASP ModSecurity Core Rule Set
coreruleset.org
Fix coming via easy apache
GitHub - CpanelInc/ea-modsec2-rules-owasp-crs
Contribute to CpanelInc/ea-modsec2-rules-owasp-crs development by creating an account on GitHub.
github.com
Last edited by a moderator:
