CVE-2014-5266

Free Modsecurity rules - Comodo Web Application Fi
1

Hello,

Does the ruleset protect against CVE-2014-5266 ?
If yes, since which version ?

Thank you.

2

This is “XML Quadratic Blowup Attack”. It is covered by rules v.1.17 for Apache (latest at this moment).

3

Thank you, its a very serious exploit and it needs to be covered.
I am updating to the newest ruleset now :slight_smile: