Simon Studer discovered that ModSecurity incorrectly handled certain JSON objects. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-47947)
It was discovered that ModSecurity incorrectly handled requests when parsing certain form data. An attacker could possibly use this issue to cause a denial of service. (CVE-2025-48866)
{ "availability": "Available with Ubuntu Pro with Legacy support add-on: https://ubuntu.com/pro", "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.7.7-2ubuntu0.1~esm2" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.7.7-2ubuntu0.1~esm2" }, { "binary_name": "libapache2-modsecurity", "binary_version": "2.7.7-2ubuntu0.1~esm2" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.9.0-1ubuntu0.1~esm2" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.9.0-1ubuntu0.1~esm2" }, { "binary_name": "libapache2-modsecurity", "binary_version": "2.9.0-1ubuntu0.1~esm2" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_name": "libapache2-mod-security2", "binary_version": "2.9.7-1ubuntu0.24.04.1~esm1" }, { "binary_name": "libapache2-mod-security2-dbgsym", "binary_version": "2.9.7-1ubuntu0.24.04.1~esm1" } ] }