Skip to content

Issues: owasp-modsecurity/ModSecurity

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort

Issues list

Memory Leak with nginx 1.26 3.x Related to ModSecurity version 3.x
#3303 opened Nov 14, 2024 by nedngo
Segmentation fault in ModSecurity 2.9 for Apache 2.x Related to ModSecurity version 2.x
#3300 opened Nov 13, 2024 by vizovitin
SecRuleUpdateActionById directive with a range 3.x Related to ModSecurity version 3.x
#3297 opened Nov 12, 2024 by oceanmancuonh
Operator @rx has different flags in two engines 2.x Related to ModSecurity version 2.x
#3295 opened Nov 7, 2024 by airween
Unicode encoding (table) problem on engine level leading to CRS false positives (U+062F and U+D8AF resolving to slash) 2.x Related to ModSecurity version 2.x 3.x Related to ModSecurity version 3.x
#3294 opened Nov 4, 2024 by dune73
Segment error occurs after calling msc_set_log_cb set callback function 3.x Related to ModSecurity version 3.x
#3292 opened Nov 1, 2024 by dkwang2024
How to Add UNIQUE_ID to Response Headers? 3.x Related to ModSecurity version 3.x
#3290 opened Oct 30, 2024 by meguoe
using iptables marks or ipsets 2.x Related to ModSecurity version 2.x
#3289 opened Oct 29, 2024 by f1-outsourcing
Custom Response Body Rule Not Blocking for Responses Larger Than 1KB 3.x Related to ModSecurity version 3.x
#3282 opened Oct 18, 2024 by Dr-Lazarus-V2
setvar never increments 3.x Related to ModSecurity version 3.x
#3278 opened Oct 15, 2024 by sharmashivanand
About CVE-2024-46292 3.x Related to ModSecurity version 3.x
#3274 opened Oct 12, 2024 by airween
SSL cert entry logs are not present in /var/logs/modsec_auddit.log file. 3.x Related to ModSecurity version 3.x
#3272 opened Oct 9, 2024 by vivekch0976
Inconsistent use of SecArgumentsLimit in Recommended Rules 2.x Related to ModSecurity version 2.x config Related to default config
#3261 opened Sep 25, 2024 by studersi
Escape double quotation mark character in non-regex operator 3.x Related to ModSecurity version 3.x bug It is a confirmed bug
#3252 opened Sep 10, 2024 by capy3ra
An error occurred when compiling and installing modsecurity 3.x Related to ModSecurity version 3.x
#3242 opened Aug 27, 2024 by yancong303
rx: regex error 'MATCH_LIMIT' for pattern 3.x Related to ModSecurity version 3.x
#3237 opened Aug 23, 2024 by Lathanderjk
Review and document multi-threading support and limitations 3.x Related to ModSecurity version 3.x
#3215 opened Aug 7, 2024 by eduar-hte
libModSecurity3: all triggered rule IDs sometimes won't be logged with anomaly scoring 3.x Related to ModSecurity version 3.x bug It is a confirmed bug
#3204 opened Aug 2, 2024 by EsadCetiner
Discussion about 'hostname' field in log 3.x Related to ModSecurity version 3.x
#3200 opened Jul 29, 2024 by airween
ProTip! Adding no:label will show everything without a label.