Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2019/10/28 12:0 a.m.25 views

Fedora 29 : mod_auth_openidc (2019-23638d42f3)

Upgrade to latest upstream which fixes some CVEs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

8.6CVSS6.4AI score0.05177EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2019/10/28 12:0 a.m.47 views

Fedora 30 : mod_auth_openidc (2019-7b06f18a10)

Upgrade to latest upstream which fixes some CVEs Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C...

8.6CVSS6.4AI score0.05177EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2017/03/02 6:59 a.m.30 views

CVE-2017-6062

The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" aka modauthopenidc module before 2.1.5 for the Apache HTTP Server does not skip OIDCCLAIM and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass authentication via crafted HT...

8.6CVSS7.3AI score0.03633EPSS
Exploits0References2
OSV
OSV
added 2017/03/02 6:59 a.m.1 views

DEBIAN-CVE-2017-6062

The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" aka modauthopenidc module before 2.1.5 for the Apache HTTP Server does not skip OIDCCLAIM and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass authentication via crafted HT...

8.6CVSS8AI score0.03633EPSS
Exploits0References1
NVD
NVD
added 2017/03/02 6:59 a.m.19 views

CVE-2017-6062

The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" aka modauthopenidc module before 2.1.5 for the Apache HTTP Server does not skip OIDCCLAIM and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass authentication via crafted HT...

8.6CVSS8.2AI score0.03633EPSS
Exploits0References6
CVE
CVE
added 2017/03/02 6:0 a.m.56 views

CVE-2017-6062

Summary (CVE-2017-6062): The Apache module mod_auth_openidc (OpenID Connect Relying Party/OAuth 2.0 Resource Server) prior to version 2.1.5 does not skip OIDC_CLAIM_ and OIDCAuthNHeader headers in an OIDCUnAuthAction pass. This can allow remote attackers to bypass authentication via crafted HTTP ...

8.6CVSS7.9AI score0.03633EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2017/03/02 6:0 a.m.27 views

CVE-2017-6062

The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" aka modauthopenidc module before 2.1.5 for the Apache HTTP Server does not skip OIDCCLAIM and OIDCAuthNHeader headers in an "OIDCUnAuthAction pass" configuration, which allows remote attackers to bypass authentication via crafted HT...

8.6CVSS8.7AI score0.03633EPSS
Exploits0
Rows per page
Query Builder