F5 Networks Nginx Modsecurity Waf
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in F5 Networks Nginx Modsecurity Waf.
Recent F5 Networks Nginx Modsecurity Waf Security Advisories
| Advisory | Title | Published |
|---|---|---|
| K50839343 | K50839343: NGINX ModSecurity WAF vulnerability CVE-2021-42717 | December 3, 2021 |
By the Year
In 2025 there have been 0 vulnerabilities in F5 Networks Nginx Modsecurity Waf. Nginx Modsecurity Waf did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 7.50 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Nginx Modsecurity Waf vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent F5 Networks Nginx Modsecurity Waf Security Vulnerabilities
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects
CVE-2021-42717
7.5 - High
- December 07, 2021
ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being unable to service legitimate requests. Even a moderately large (e.g., 300KB) HTTP request can occupy one of the limited NGINX worker processes for minutes and consume almost all of the available CPU on the machine. Modsecurity 2 is similarly vulnerable: the affected versions include 2.8.0 through 2.9.4.
Stack Exhaustion
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for OWASP Modsecurity or by F5 Networks? Click the Watch button to subscribe.
