Lucene search
K

159 matches found

Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.21 views

Fedora 38 : mod_auth_openidc (2023-b534ca7056)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b534ca7056 advisory. Rebase to 2.4.13.2 version, fix CVE-2023-28625 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

7.5CVSS6.5AI score0.01327EPSS
Exploits0References2
F5 Networks
F5 Networks
added 2023/05/12 7:47 p.m.22 views

K000134597: mod_auth_openidc vulnerability CVE-2023-28625

Security Advisory Description modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer...

7.5CVSS6.7AI score0.01327EPSS
Exploits0
NVD
NVD
added 2023/04/03 2:15 p.m.20 views

CVE-2023-28625

modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer dereference would occur,...

7.5CVSS7.4AI score0.01327EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/01/31 12:0 a.m.30 views

SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_auth_openidc (SUSE-SU-2023:0215-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0215-1 advisory. - CVE-2022-23527: Fixed open redirect in oidcvalidateredirecturl using tab character bsc1206441. - CVE-2021-39191:...

6.1CVSS6.7AI score0.0175EPSS
Exploits1References8
Fedora
Fedora
added 2022/12/25 1:22 a.m.27 views

[SECURITY] Fedora 36 Update: mod_auth_openidc-2.4.12.2-1.fc36

This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server...

6.1CVSS1.8AI score0.00905EPSS
Exploits0
Fedora
Fedora
added 2022/12/25 1:8 a.m.36 views

[SECURITY] Fedora 37 Update: mod_auth_openidc-2.4.12.2-1.fc37

This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server...

6.1CVSS1.8AI score0.00905EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/12/25 12:0 a.m.25 views

Fedora: Security Advisory for mod_auth_openidc (FEDORA-2022-6beaa3bd0c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.9AI score0.00905EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/12/25 12:0 a.m.31 views

Fedora 36 : mod_auth_openidc (2022-6beaa3bd0c)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6beaa3bd0c advisory. CVE-2022-23527 modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character Tenable has extracted the preceding description block...

6.1CVSS6.5AI score0.00905EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2022/12/15 4:4 a.m.47 views

CVE-2022-23527

An open redirect vulnerability was found in modauthopenidc, an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. When providing a logout parameter to the redirect URI, the existing code in oidcvalidateredirecturl does not properly check for URLs that start...

6.1CVSS1AI score0.00905EPSS
Exploits0References4
Prion
Prion
added 2022/12/14 6:15 p.m.25 views

Open redirect

modauthopenidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidcvalidateredirecturl does not properly check fo...

5.8CVSS6.3AI score0.00905EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2022/12/14 5:22 p.m.26 views

CVE-2022-23527 Open Redirect in oidc_validate_redirect_url()

modauthopenidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidcvalidateredirecturl does not properly check fo...

4.7CVSS6.7AI score0.00905EPSS
Exploits0References3
OSV
OSV
added 2022/12/14 5:22 p.m.36 views

CVE-2022-23527 Open Redirect in oidc_validate_redirect_url()

modauthopenidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidcvalidateredirecturl does not properly check fo...

4.7CVSS6.3AI score0.00905EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/05/08 12:0 a.m.26 views

Fedora: Security Advisory for mod_auth_openidc (FEDORA-2022-814ee0c43b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/09/17 12:0 a.m.66 views

openSUSE 15 Security Update : apache2-mod_auth_openidc (openSUSE-SU-2021:1277-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1277-1 advisory. - modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party...

7.5CVSS6.8AI score0.02731EPSS
Exploits1References13
Tenable Nessus
Tenable Nessus
added 2021/09/14 12:0 a.m.37 views

openSUSE 15 Security Update : apache2-mod_auth_openidc (openSUSE-SU-2021:3020-1)

The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:3020-1 advisory. - modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party...

7.5CVSS6.8AI score0.02731EPSS
Exploits1References13
NVD
NVD
added 2021/09/03 2:15 p.m.20 views

CVE-2021-39191

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4, the 3rd-party init SSO functionality of modauthopenidc was reported to ...

6.1CVSS0.0175EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2021/09/03 2:15 p.m.55 views

CVE-2021-39191

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4, the 3rd-party init SSO functionality of modauthopenidc was reported to ...

6.1CVSS6.7AI score0.0175EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2021/08/13 12:0 a.m.23 views

Fedora: Security Advisory for mod_auth_openidc (FEDORA-2021-e3017c538a)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS6.9AI score0.02364EPSS
Exploits1References2
Fedora
Fedora
added 2021/08/08 1:8 a.m.29 views

[SECURITY] Fedora 33 Update: mod_auth_openidc-2.4.9-1.fc33

This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server...

6.1CVSS1.8AI score0.02364EPSS
Exploits1
Fedora
Fedora
added 2021/08/08 1:5 a.m.34 views

[SECURITY] Fedora 34 Update: mod_auth_openidc-2.4.9-1.fc34

This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server...

6.1CVSS1.8AI score0.02364EPSS
Exploits1
Rows per page
Query Builder