Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OWASP — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting OWASP. AI-powered Chinese analysis, POCs, and references for each vulnerability.

OWASP focuses on improving software security through open-source documentation, tools, and community collaboration. The organization tracks vulnerabilities across applications, with historically common classes including remote code execution, cross-site scripting, and privilege escalation. While OWASP itself hasn't experienced major security incidents, its resources like the Top 10 list have become industry standards for identifying critical risks. Currently, the organization has 7 CVEs on record, primarily related to documentation and tooling vulnerabilities rather than core platform compromises. OWASP's collaborative approach helps developers address security proactively, reducing the prevalence of exploitable weaknesses in web applications and APIs.

Found 4 results / 7Clear Filters
Top products by OWASP: ModSecurity Core Rule Set NodeGoat java-html-sanitizer DefectDojo
CVE IDTitleCVSSSeverityPublished
CVE-2022-39955 Partial rule set bypass in OWASP ModSecurity Core Rule Set by submitting a specially crafted HTTP Content-Type header — ModSecurity Core Rule SetCWE-863 7.3 High2022-09-20
CVE-2022-39956 Partial rule set bypass in OWASP ModSecurity Core Rule Set for HTTP multipart requests using character encoding in the Content-Type or Content-Transfer-Encoding header — ModSecurity Core Rule SetCWE-863 7.3 High2022-09-20
CVE-2022-39957 Response body bypass in OWASP ModSecurity Core Rule Set via a specialy crafted charset in the HTTP Accept header — ModSecurity Core Rule SetCWE-693 7.3 High2022-09-20
CVE-2022-39958 Response body bypass in OWASP ModSecurity Core Rule Set via repeated HTTP Range header submission with a small byte range — ModSecurity Core Rule SetCWE-863 7.5 High2022-09-20

This page lists every published CVE security advisory associated with OWASP. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.