ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Versions prior to 2.9.10 contain a denial of service vulnerability similar to GHSA-859r-vvv8-rm8r/CVE-2025-47947. The sanitiseArg
(and sanitizeArg
- this is the same action but an alias) is vulnerable to adding an excessive number of arguments, thereby leading to denial of service. Version 2.9.10 fixes the issue. As a workaround, avoid using rules that contain the sanitiseArg
(or sanitizeArg
) action.
{ "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.7.7-2ubuntu0.1~esm2" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.7.7-2ubuntu0.1~esm2" }, { "binary_name": "libapache2-modsecurity", "binary_version": "2.7.7-2ubuntu0.1~esm2" } ], "availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.9.0-1ubuntu0.1~esm2" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.9.0-1ubuntu0.1~esm2" }, { "binary_name": "libapache2-modsecurity", "binary_version": "2.9.0-1ubuntu0.1~esm2" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.9.2-1ubuntu0.1~esm2" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.9.2-1ubuntu0.1~esm2" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.9.3-1ubuntu0.1+esm1" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.9.3-1ubuntu0.1+esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.9.5-1ubuntu0.1~esm2" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.9.5-1ubuntu0.1~esm2" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium" }
{ "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.9.7-1ubuntu0.24.04.1~esm1" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.9.7-1ubuntu0.24.04.1~esm1" } ], "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "ubuntu_priority": "medium" }