VDB

GCVE-110-MAGEIA-2021-576

GCVE-110-MAGEIA-2021-576
Advisory Published
Vulnetix · Advisory published December 21, 2021
Updated apache-mod_security packages fix security vulnerability: ModSecurity mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy one of the limited NGINX worker processes for minutes and consume almost all of the available CPU on the machine (CVE-2021-42717).

Affected Products

VendorProductVersionsPlatforms
Mageiaapache-mod_security2.9.5-1.mga8 (unaffected), 0 (affected)

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›