Lucene search
+L

24 matches found

OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.19 views

Fedora: Security Advisory (FEDORA-2023-02c84fe305)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.02364EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.29 views

Fedora 39 : mod_auth_openidc (2023-02c84fe305)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-02c84fe305 advisory. Automatic update for modauthopenidc-2.4.12.3-2.fc39. Changelog Tue Mar 7 2023 Tomas Halman - 2.4.12.3-2 migrated to SPDX license Tue Feb 28 2023 Tom...

6.1CVSS6.7AI score0.02364EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2023/05/01 12:0 a.m.27 views

Debian: Security Advisory (DLA-3409-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.02731EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/05/01 12:0 a.m.42 views

Debian dla-3409 : libapache2-mod-auth-openidc - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3409 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3409-1 [email protected]...

7.5CVSS6.7AI score0.02731EPSS
Exploits1References14
Debian
Debian
added 2023/04/30 9:14 p.m.92 views

[SECURITY] [DLA 3409-1] libapache2-mod-auth-openidc security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3409-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 30, 2023 https://wiki.debian.org/LTS -...

7.5CVSS7.3AI score0.02731EPSS
Exploits1
F5 Networks
F5 Networks
added 2023/02/21 6:53 p.m.45 views

K41454238: Apache mod_auth_openidc vulnerabilities CVE-2021-32785 CVE-2021-32786 CVE-2021-32792

Security Advisory Description CVE-2021-32785 modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configur...

7.5CVSS6.5AI score0.02731EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.40 views

AlmaLinux 8 : mod_auth_openidc:2.3 (ALSA-2022:1823)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1823 advisory. modauthopenidc: open redirect in oidcvalidateredirecturl CVE-2021-32786 modauthopenidc: hardcoded static IV and AAD with a reused key in AES GCM encryptio...

6.1CVSS6.7AI score0.02364EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2022/05/10 1:36 p.m.44 views

Moderate: Red Hat Security Advisory: mod_auth_openidc:2.3 security update

An update for the modauthopenidc:2.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.1CVSS6.6AI score0.02364EPSS
Exploits2References6
OSV
OSV
added 2022/05/10 6:30 a.m.28 views

RLSA-2022:1823 Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: open redirect in oidcvalidateredirecturl CVE-2021-32786...

6.1CVSS6.6AI score0.02364EPSS
Exploits2References5
OSV
OSV
added 2022/05/10 6:30 a.m.38 views

ALSA-2022:1823 Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: open redirect in oidcvalidateredirecturl CVE-2021-32786...

6.1CVSS6.6AI score0.02364EPSS
Exploits2References5
Rockylinux
Rockylinux
added 2022/05/10 6:30 a.m.29 views

mod_auth_openidc:2.3 security update

An update is available for modauthopenidc, cjose. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modauthopenidc is an OpenID Connect authentication module f...

6.1CVSS6.6AI score0.02364EPSS
Exploits2
CBLMariner
CBLMariner
added 2022/04/09 6:51 a.m.33 views

CVE-2021-32792 affecting package httpd for versions less than 2.4.52-1

CVE-2021-32792 affecting package httpd for versions less than 2.4.52-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS6.4AI score0.01523EPSS
Exploits0
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2021-0452)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS5.7AI score0.02731EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.30 views

SUSE SLES12 Security Update : apache2-mod_auth_openidc (SUSE-SU-2021:3352-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3352-1 advisory. - CVE-2021-32785: format string bug via hiredis bsc1188638 - CVE-2021-32786: open redirect in logout functionality bsc1188639 -...

7.5CVSS6.7AI score0.02731EPSS
Exploits2References16
OpenVAS
OpenVAS
added 2021/10/13 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2021:3352-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.02731EPSS
Exploits2References8
Mageia
Mageia
added 2021/10/02 6:57 p.m.55 views

Updated apache-mod_auth_openidc packages fix security vulnerability

In versions prior to 2.4.9, oidcvalidateredirecturl does not parse URLs the same way as most browsers do. As a result, this function can be bypassed and leads to an Open Redirect vulnerability in the logout functionality. CVE-2021-32786 In modauthopenidc before version 2.4.9, the AES GCM encrypti...

7.5CVSS2.6AI score0.02731EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/09/23 12:0 a.m.28 views

SUSE: Security Advisory (SUSE-SU-2021:3020-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.02731EPSS
Exploits1References2
OSV
OSV
added 2021/09/16 10:7 a.m.11 views

OPENSUSE-SU-2021:1277-1 Security update for apache2-mod_auth_openidc

This update for apache2-modauthopenidc fixes the following issues: - CVE-2021-32785: format string bug via hiredis bsc1188638 - CVE-2021-32786: open redirect in logout functionality bsc1188639 - CVE-2021-32791: Hardcoded static IV and AAD with a reused key in AES GCM encryption bsc1188849 -...

7.5CVSS6AI score0.02731EPSS
Exploits1References9
OPENSUSE Linux
OPENSUSE Linux
added 2021/09/16 12:0 a.m.52 views

Security update for apache2-mod_auth_openidc (moderate)

openSUSE Security Update: Security update for apache2-modauthopenidc Announcement ID: openSUSE-SU-2021:1277-1 Rating: moderate References: 1188638 1188639 1188848 1188849 Cross-References: CVE-2021-32785 CVE-2021-32786 CVE-2021-32791 CVE-2021-32792 CVSS scores: CVE-2021-32785 SUSE: 5.3...

5.9CVSS6.4AI score0.02731EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2021/09/14 12:0 a.m.29 views

openSUSE: Security Advisory for apache2-mod_auth_openidc (openSUSE-SU-2021:3020-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.5AI score0.02731EPSS
Exploits1References2
Rows per page
Query Builder