Lucene search
K

25 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 9 : mod_auth_openidc-2.4.10-1.el9 (AXSA:2024-9233:01)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2024-9233:01 advisory. modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating cookies CVE-2024-24814 Tenable has extracted the preceding description block...

7.5CVSS5.6AI score0.01261EPSS
Exploits1References2
OSV
OSV
added 2025/05/07 9:56 p.m.7 views

CLSA-2025-1746655009 mod_auth_openidc: Fix of CVE-2024-24814

CVE-2024-24814: fix DoS when OIDCSessionType client-cookie is set and a crafted Cookie header is supplied...

7.5CVSS6.8AI score0.01261EPSS
Exploits1References1
OSV
OSV
added 2025/05/07 7:11 p.m.5 views

RLSA-2024:5289 Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating...

7.5CVSS8.1AI score0.01261EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.9 views

RockyLinux 8 : mod_auth_openidc:2.3 (RLSA-2024:5289)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5289 advisory. modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating cookies CVE-2024-24814 Tenable has extracted the preceding description block directl...

7.5CVSS6.6AI score0.01261EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2025/02/25 12:0 a.m.3 views

openSUSE Security Advisory (SUSE-SU-2024:0757-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2024/11/12 8:48 a.m.25 views

Moderate: Red Hat Security Advisory: mod_auth_openidc security update

An update for modauthopenidc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

7.5CVSS6.8AI score0.01261EPSS
Exploits1References4
AlmaLinux
AlmaLinux
added 2024/11/12 12:0 a.m.20 views

Moderate: mod_auth_openidc security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating...

7.5CVSS6.7AI score0.01261EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/08/14 12:0 a.m.19 views

Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2024-5289)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-5289 advisory. cjose modauthopenidc 2.4.9.4-6 - Resolves: RHEL-36492 Race condition in modauthopenidc filecache - Resolves: RHEL-25421 modauthopenidc: DoS when using...

7.5CVSS6.6AI score0.01261EPSS
Exploits1References2
OSV
OSV
added 2024/08/13 12:0 a.m.17 views

ALSA-2024:5289 Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating...

7.5CVSS7.7AI score0.01261EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/07/10 12:0 a.m.12 views

openSUSE Security Advisory (SUSE-SU-2024:2299-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2024/07/05 12:0 a.m.16 views

SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_auth_openidc (SUSE-SU-2024:2299-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:2299-1 advisory. - CVE-2024-24814: Fixed a bug that can led to DoS when OIDCSessionType client-cookie is set and a crafted Cookie header is...

7.5CVSS6.6AI score0.01261EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2024/04/05 12:0 a.m.15 views

Mageia: Security Advisory (MGASA-2024-0081)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.01261EPSS
Exploits1References5
Mageia
Mageia
added 2024/03/22 12:19 a.m.47 views

Updated apache-mod_auth_openidc packages fix security vulnerability

Missing input validation on modauthopenidcsessionchunks cookie value makes the server vulnerable to DoS attack. CVE-2024-24814...

7.5CVSS6.9AI score0.01261EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.23 views

SUSE SLES12 Security Update : apache2-mod_auth_openidc (SUSE-SU-2024:0758-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0758-1 advisory. - CVE-2024-24814: Fixed a denial of service when using OIDCSessionType client-cookie and manipulating cookies bsc1219911. Tenable has...

7.5CVSS6.8AI score0.01261EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/03/06 12:0 a.m.21 views

SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_auth_openidc (SUSE-SU-2024:0757-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2024:0757-1 advisory. - CVE-2024-24814: Fixed a denial of service when using OIDCSessionType client-cookie and manipulating cookies bsc1219911...

7.5CVSS6.8AI score0.01261EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/03/06 12:0 a.m.18 views

Debian: Security Advisory (DLA-3751-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/03/06 12:0 a.m.10 views

SUSE: Security Advisory (SUSE-SU-2024:0757-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2024/03/06 12:0 a.m.8 views

SUSE: Security Advisory (SUSE-SU-2024:0758-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.01261EPSS
Exploits1References4
Debian
Debian
added 2024/03/05 6:16 p.m.23 views

[SECURITY] [DLA 3751-1] libapache2-mod-auth-openidc security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3751-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb March 05, 2024 https://wiki.debian.org/LTS -...

7.5CVSS7.4AI score0.01261EPSS
Exploits1
OSV
OSV
added 2024/03/05 9:25 a.m.2 views

SUSE-SU-2024:0757-1 Security update for apache2-mod_auth_openidc

This update for apache2-modauthopenidc fixes the following issues: - CVE-2024-24814: Fixed a denial of service when using OIDCSessionType client-cookie and manipulating cookies bsc1219911...

7.5CVSS7.3AI score0.01261EPSS
Exploits1References3
Rows per page
Query Builder