| Package | modsecurity-apache |
|---|---|
| Version | 2.9.3-3+deb11u5~deb10u1 (buster) |
| Related CVEs | CVE-2025-54571 |
Cross-site scripting due to insufficient return value handling has been fixed in modsecurity-apache, a module for the Apache webserver to tighten Web application security.
For Debian 10 buster, these problems have been fixed in version 2.9.3-3+deb11u5~deb10u1.
We recommend that you upgrade your modsecurity-apache packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.