[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-48279":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":31,"aliases":32,"duplicate_of":9,"upstream":33,"downstream":34,"duplicates":55,"related":56,"reserved_at":9,"published_at":62,"modified_at":63,"state":64,"summary":65,"references_raw":74,"kevs":118,"epss":119,"epss_history":122,"metrics":389,"affected":397},"CVE-2022-48279","In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed and could bypass the Web Application Firewall. NOTE: this is related to CVE-2022-39956 but can be considered independent changes to the ModSecurity (C language) codebase.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-436","Interpretation Conflict","Product A handles inputs or steps differently than Product B, which causes A to perform incorrect actions based on its perception of B's state.","weakness","Incomplete","Class",[19,23,27],{"id":20,"name":21,"techniques":22},"CAPEC-105","HTTP Request Splitting",[],{"id":24,"name":25,"techniques":26},"CAPEC-273","HTTP Response Smuggling",[],{"id":28,"name":29,"techniques":30},"CAPEC-34","HTTP Response Splitting",[],[],[],[],[35,37,39,41,43,45,47,49,51,53],{"_key":36},"SUSE-SU-2023:0317-1",{"_key":38},"SUSE-SU-2023:0318-1",{"_key":40},"SUSE-SU-2023:0314-1",{"_key":42},"OPENSUSE-SU-2025:14703-1",{"_key":44},"DLA-3283-1",{"_key":46},"RHSA-2023:4629",{"_key":48},"MGASA-2023-0175",{"_key":50},"UBUNTU-CVE-2022-48279",{"_key":52},"DEBIAN-CVE-2022-48279",{"_key":54},"USN-6370-1",[],[57,58,59,60,61],{"_key":36},{"_key":38},{"_key":40},{"_key":42},{"_key":48},"2023-01-20T00:00:00.000Z","2025-04-03T18:43:26.152Z","Modified",{"cisa_kev":66,"cisa_ransomware":66,"cisa_vendor":9,"epss_severity":67,"epss_score":68,"severity":69,"severity_score":70,"severity_version":71,"severity_source":72,"severity_vector":73,"severity_status":64},false,"low",0.00937,"high",7.5,"v3.1","cve.org","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",[75,82,87,91,95,100,105,110,114],{"url":76,"sources":77,"tags":79},"https://github.com/SpiderLabs/ModSecurity/releases/tag/v2.9.6",[72,78],"nvd",[80,81],"Release Notes","Third Party Advisory",{"url":83,"sources":84,"tags":85},"https://github.com/SpiderLabs/ModSecurity/pull/2797",[72,78],[86,81],"Patch",{"url":88,"sources":89,"tags":90},"https://github.com/SpiderLabs/ModSecurity/releases/tag/v3.0.8",[72,78],[80,81],{"url":92,"sources":93,"tags":94},"https://github.com/SpiderLabs/ModSecurity/pull/2795",[72,78],[86,81],{"url":96,"sources":97,"tags":98},"https://coreruleset.org/20220919/crs-version-3-3-3-and-3-2-2-covering-several-cves/",[72,78],[99],"Not Applicable",{"url":101,"sources":102,"tags":103},"https://lists.debian.org/debian-lts-announce/2023/01/msg00023.html",[72,78],[104,81],"Mailing List",{"url":106,"sources":107,"tags":108},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WCH6JM4I4MD4YABYFHSBDDOUFDGIFJKL/",[72,78],[109],"Vendor Advisory",{"url":111,"sources":112,"tags":113},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/52TGCZCOHYBDCVWJYNN2PS4QLOHCXWTQ/",[72,78],[109],{"url":115,"sources":116,"tags":117},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYRTXTOQQI6SB2TLI5QXU76DURSLS4XI/",[72,78],[109],[],{"date":120,"score":68,"percentile":121},"2026-06-04",0.76563,[123,127,130,133,136,139,141,143,146,149,152,155,158,162,165,169,172,175,178,181,184,187,190,193,196,199,202,205,208,211,214,217,220,222,225,228,231,234,237,240,243,246,249,251,254,257,260,263,265,268,271,274,277,280,283,286,289,292,295,298,301,304,307,310,313,316,319,322,325,327,329,332,334,337,341,344,347,350,353,356,359,362,365,368,371,375,378,380,383,386],{"date":124,"score":125,"percentile":126},"2025-11-04",0.00316,0.54124,{"date":128,"score":125,"percentile":129},"2025-11-05",0.54085,{"date":131,"score":125,"percentile":132},"2025-11-06",0.54101,{"date":134,"score":125,"percentile":135},"2025-11-07",0.54126,{"date":137,"score":125,"percentile":138},"2025-11-08",0.54127,{"date":140,"score":125,"percentile":135},"2025-11-09",{"date":142,"score":125,"percentile":132},"2025-11-10",{"date":144,"score":125,"percentile":145},"2025-11-11",0.54114,{"date":147,"score":125,"percentile":148},"2025-11-12",0.54141,{"date":150,"score":125,"percentile":151},"2025-11-13",0.54151,{"date":153,"score":125,"percentile":154},"2025-11-14",0.54152,{"date":156,"score":125,"percentile":157},"2025-11-15",0.54148,{"date":159,"score":160,"percentile":161},"2025-11-16",0.00337,0.55925,{"date":163,"score":160,"percentile":164},"2025-11-17",0.55916,{"date":166,"score":167,"percentile":168},"2025-11-18",0.02445,0.83869,{"date":170,"score":167,"percentile":171},"2025-11-19",0.83871,{"date":173,"score":167,"percentile":174},"2025-11-20",0.83879,{"date":176,"score":160,"percentile":177},"2025-11-21",0.55927,{"date":179,"score":160,"percentile":180},"2025-11-22",0.55923,{"date":182,"score":160,"percentile":183},"2025-11-23",0.55896,{"date":185,"score":160,"percentile":186},"2025-11-24",0.55892,{"date":188,"score":160,"percentile":189},"2025-11-25",0.55897,{"date":191,"score":160,"percentile":192},"2025-11-26",0.559,{"date":194,"score":160,"percentile":195},"2025-11-27",0.55902,{"date":197,"score":160,"percentile":198},"2025-11-28",0.55876,{"date":200,"score":160,"percentile":201},"2025-11-29",0.55862,{"date":203,"score":160,"percentile":204},"2025-11-30",0.55849,{"date":206,"score":160,"percentile":207},"2025-12-01",0.56008,{"date":209,"score":160,"percentile":210},"2025-12-02",0.56021,{"date":212,"score":160,"percentile":213},"2025-12-03",0.56017,{"date":215,"score":160,"percentile":216},"2025-12-04",0.55852,{"date":218,"score":160,"percentile":219},"2025-12-05",0.55868,{"date":221,"score":160,"percentile":219},"2025-12-06",{"date":223,"score":160,"percentile":224},"2025-12-07",0.55863,{"date":226,"score":160,"percentile":227},"2025-12-08",0.55866,{"date":229,"score":160,"percentile":230},"2025-12-09",0.55881,{"date":232,"score":160,"percentile":233},"2025-12-10",0.5594,{"date":235,"score":160,"percentile":236},"2025-12-11",0.55963,{"date":238,"score":160,"percentile":239},"2025-12-12",0.55986,{"date":241,"score":160,"percentile":242},"2025-12-13",0.55978,{"date":244,"score":160,"percentile":245},"2025-12-14",0.55975,{"date":247,"score":160,"percentile":248},"2025-12-15",0.55961,{"date":250,"score":160,"percentile":245},"2025-12-16",{"date":252,"score":160,"percentile":253},"2025-12-17",0.55994,{"date":255,"score":160,"percentile":256},"2025-12-18",0.56034,{"date":258,"score":160,"percentile":259},"2025-12-19",0.56038,{"date":261,"score":160,"percentile":262},"2025-12-20",0.5603,{"date":264,"score":160,"percentile":207},"2025-12-21",{"date":266,"score":160,"percentile":267},"2025-12-22",0.5599,{"date":269,"score":160,"percentile":270},"2025-12-23",0.55997,{"date":272,"score":160,"percentile":273},"2025-12-24",0.56004,{"date":275,"score":160,"percentile":276},"2025-12-25",0.56053,{"date":278,"score":160,"percentile":279},"2025-12-26",0.56048,{"date":281,"score":160,"percentile":282},"2025-12-27",0.561,{"date":284,"score":160,"percentile":285},"2025-12-28",0.56012,{"date":287,"score":160,"percentile":288},"2025-12-29",0.55996,{"date":290,"score":160,"percentile":291},"2025-12-30",0.55991,{"date":293,"score":160,"percentile":294},"2025-12-31",0.56003,{"date":296,"score":160,"percentile":297},"2026-01-01",0.56171,{"date":299,"score":160,"percentile":300},"2026-01-02",0.56151,{"date":302,"score":160,"percentile":303},"2026-01-03",0.56141,{"date":305,"score":160,"percentile":306},"2026-01-04",0.55969,{"date":308,"score":160,"percentile":309},"2026-01-05",0.55959,{"date":311,"score":160,"percentile":312},"2026-01-06",0.55967,{"date":314,"score":160,"percentile":315},"2026-01-07",0.55995,{"date":317,"score":160,"percentile":318},"2026-01-08",0.56016,{"date":320,"score":160,"percentile":321},"2026-01-09",0.56013,{"date":323,"score":160,"percentile":324},"2026-01-10",0.56011,{"date":326,"score":160,"percentile":239},"2026-01-11",{"date":328,"score":160,"percentile":233},"2026-01-12",{"date":330,"score":160,"percentile":331},"2026-01-13",0.55917,{"date":333,"score":160,"percentile":248},"2026-01-14",{"date":335,"score":160,"percentile":336},"2026-01-15",0.55968,{"date":338,"score":339,"percentile":340},"2026-01-16",0.00548,0.67329,{"date":342,"score":339,"percentile":343},"2026-01-17",0.67318,{"date":345,"score":339,"percentile":346},"2026-01-18",0.67303,{"date":348,"score":339,"percentile":349},"2026-01-19",0.67287,{"date":351,"score":339,"percentile":352},"2026-01-20",0.67299,{"date":354,"score":339,"percentile":355},"2026-01-21",0.6731,{"date":357,"score":339,"percentile":358},"2026-01-22",0.6732,{"date":360,"score":339,"percentile":361},"2026-01-23",0.67351,{"date":363,"score":339,"percentile":364},"2026-01-24",0.6736,{"date":366,"score":339,"percentile":367},"2026-01-25",0.67328,{"date":369,"score":339,"percentile":370},"2026-01-26",0.67319,{"date":372,"score":373,"percentile":374},"2026-01-27",0.00608,0.69129,{"date":376,"score":373,"percentile":377},"2026-01-28",0.69141,{"date":379,"score":373,"percentile":377},"2026-01-29",{"date":381,"score":373,"percentile":382},"2026-01-30",0.69147,{"date":384,"score":373,"percentile":385},"2026-01-31",0.69154,{"date":387,"score":373,"percentile":388},"2026-02-01",0.69301,[390,395],{"source":72,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":391,"cvss_v4_0":9},{"baseScore":70,"baseSeverity":392,"vectorString":73,"impactScore":393,"exploitabilityScore":394},"HIGH",6,10,{"source":78,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":396,"cvss_v4_0":9},{"baseScore":70,"baseSeverity":392,"vectorString":73,"impactScore":393,"exploitabilityScore":394},[398,407,419],{"ecosystem":9,"name":399,"vendor":400,"product":401,"cpe_part":402,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":403},"debian linux","debian","debian_linux","o",[404],{"version":405,"is_range":66,"range_type":406,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":408,"vendor":409,"product":408,"cpe_part":410,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":411},"modsecurity","owasp","a",[412],{"version":413,"is_range":414,"range_type":406,"version_start":415,"version_start_type":416,"version_end":417,"version_end_type":418,"fixed_in":9},"gte3.0.0_lt3.0.8",true,"3.0.0","including","3.0.8","excluding",{"ecosystem":9,"name":408,"vendor":420,"product":408,"cpe_part":410,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":421},"trustwave",[422],{"version":423,"is_range":414,"range_type":406,"version_start":9,"version_start_type":9,"version_end":424,"version_end_type":418,"fixed_in":9},"lt2.9.6","2.9.6"]