Yoloflz101

**Name of the Vulnerable Software and Affected Versions** ModSecurity versions 3.0.12 and earlier **Description** A buffer overflow in ModSecurity allows attackers to cause a Denial of Service (DoS) via a crafted input inserted into the `name` parameter. The issue is disputed by the supplier as it cannot be reproduced, and the product's documentation indicates that it is not guaranteed to be usable with very large values of `SecRequestBodyNoFilesLimit`, which are required by the claimed issue. **Recommendations** For ModSecurity version 3.0.12, update to the latest release to mitigate risks. For all other affected versions, update to the latest version as detailed in the official documentation. As a temporary workaround, consider restricting the use of the `name` parameter to minimize the risk of exploitation.