Lucene search
K

36 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 7 : mod_auth_openidc-1.8.8-7.el7 (AXSA:2020-741:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-741:01 advisory. modauthopenidc: Open redirect in logout url when using URLs with leading slashes CVE-2019-14857 modauthopenidc: Open redirect issue exists in URLs wi...

6.1CVSS6.4AI score0.01893EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/05/14 12:0 a.m.9 views

Alibaba Cloud Linux 3 : 0052: mod_auth_openidc:2.3 (ALINUX3-SA-2022:0052)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0052 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-14857: A flaw was found in...

6.1CVSS6.6AI score0.01893EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2024/02/27 9:20 a.m.50 views

Advisory ROSA-SA-2024-2362

Software: modauthopenidc 2.3.7 OS: ROSA Virtualization 2.1 packageevrstring: modauthopenidc-2.3.7-11.rv3 CVE-ID: CVE-2019-14857 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is an open redirect issue in URLs with a slash at the end, similar to CVE-2019-3877 in modauthmellon. CVE-STATUS: Fixed...

6.1CVSS7.3AI score0.0175EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.18 views

SUSE: Security Advisory (SUSE-SU-2019:2934-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.01535EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.24 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : mod_auth_openidc Multiple Vulnerabilities (NS-SA-2021-0039)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has modauthopenidc packages installed that are affected by multiple vulnerabilities: - A flaw was found in modauthopenidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning...

6.1CVSS6.5AI score0.01893EPSS
Exploits0References3
Amazon
Amazon
added 2020/11/18 12:0 a.m.26 views

Medium: mod24_auth_openidc

Issue Overview: An open redirect flaw was discovered in modauthopenidc, where it handles logout redirection. The module does not correctly validate the URL, allowing a URL with leading slashes to bypass the protection checks. A victim user may be tricked into visiting a trusted vulnerable web sit...

6.1CVSS6.4AI score0.01893EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/11/18 12:0 a.m.28 views

Amazon Linux AMI : mod24_auth_openidc (ALAS-2020-1448)

The version of mod24authopenidc installed on the remote host is prior to 1.8.8-7.6. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1448 advisory. An open redirect flaw was discovered in modauthopenidc, where it handles logout redirection. The module does not...

6.1CVSS6.7AI score0.01893EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2020/10/28 12:0 a.m.27 views

Amazon Linux 2 : mod_auth_openidc (ALAS-2020-1538)

The version of modauthopenidc installed on the remote host is prior to 1.8.8-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1538 advisory. An open redirect flaw was discovered in modauthopenidc, where it handles logout redirection. The module does not...

6.1CVSS6.7AI score0.01893EPSS
Exploits0References5
Amazon
Amazon
added 2020/10/27 12:0 a.m.57 views

Low: mod_auth_openidc

Issue Overview: An open redirect flaw was discovered in modauthopenidc, where it handles logout redirection. The module does not correctly validate the URL, allowing a URL with leading slashes to bypass the protection checks. A victim user may be tricked into visiting a trusted vulnerable web sit...

6.1CVSS6.4AI score0.01893EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.28 views

Scientific Linux Security Update : mod_auth_openidc on SL7.x x86_64 (20201001)

Security Fixes : - modauthopenidc: Open redirect in logout url when using URLs with leading slashes CVE-2019-14857 - modauthopenidc: Open redirect issue exists in URLs with slash and backslash CVE-2019-20479 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...

6.1CVSS6.4AI score0.01893EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/10/07 12:0 a.m.35 views

Oracle Linux 7 : mod_auth_openidc (ELSA-2020-3970)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-3970 advisory. - Related: rhbz1805748 - CVE-2019-20479 modauthopenidc: open redirect issue exists in URLs with slash and backslash rhel-7 - Resolves: rhbz1805748 -...

6.1CVSS6.6AI score0.01893EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2020/10/06 12:0 a.m.42 views

mod_auth_openidc security update

1.8.8-7 - Fix a regression in the previous patches - Related: rhbz1805748 - CVE-2019-20479 modauthopenidc: open redirect issue exists in URLs with slash and backslash rhel-7 1.8.8-6 - Resolves: rhbz1805748 - CVE-2019-20479 modauthopenidc: open redirect issue exists in URLs with slash and backslas...

6.1CVSS1.4AI score0.01893EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/09/29 7:31 p.m.46 views

Low: Red Hat Security Advisory: mod_auth_openidc security update

An update for modauthopenidc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

6.1CVSS6.5AI score0.01893EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/09/29 12:0 a.m.33 views

RHEL 7 : mod_auth_openidc (RHSA-2020:3970)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:3970 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an Open...

6.1CVSS6.7AI score0.01893EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2020/08/28 12:0 a.m.33 views

Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2020-3032)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-3032 advisory. - Related: rhbz1820666 - CVE-2019-14857 modauthopenidc:2.3/modauthopenidc: Open redirect in logout url when using URLs with leading slashes rhel-8.2.0....

6.1CVSS6.6AI score0.01893EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/07/30 12:0 a.m.35 views

Debian DLA-2298-1 : libapache2-mod-auth-openidc security update

Several issues have been found in libapache2-mod-auth-openidc, the OpenID Connect authentication module for the Apache HTTP server. CVE-2019-14857 Insufficient validation of URLs leads to an Open Redirect vulnerability. An attacker may trick a victim into providing credentials for an OpenID...

6.1CVSS6.6AI score0.01893EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2020/07/30 12:0 a.m.24 views

Debian: Security Advisory (DLA-2298-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.7AI score0.01893EPSS
Exploits0References4
Oracle linux
Oracle linux
added 2020/07/29 12:0 a.m.49 views

mod_auth_openidc:2.3 security and bug fix update

cjose 0.6.1-2 - fix concatkdf big endian architecture problem. Upstream issue 77. 0.6.1-1 - upgrade to latest upstream 0.6.1 0.5.1-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora29MassRebuild 0.5.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora28MassRebuild 0.5.1-1 - Initial packagin...

6.1CVSS0.01893EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2020/07/21 2:52 p.m.58 views

Moderate: Red Hat Security Advisory: mod_auth_openidc:2.3 security and bug fix update

An update for the modauthopenidc:2.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.1CVSS6.5AI score0.01893EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2020/07/21 2:12 p.m.33 views

Moderate: mod_auth_openidc:2.3 security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open redirect in logout url when using URLs with leading slashes...

6.1CVSS7AI score0.01893EPSS
Exploits0References3
Rows per page
Query Builder