Lucene search
+L

24 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-39191

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users...

6.1CVSS6.3AI score0.0175EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.8 views

Fedora 37 : mod_auth_openidc (2022-714b48d4d5)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-714b48d4d5 advisory. Automatic update for modauthopenidc-2.4.9.4-1.fc37. Changelog Thu Mar 31 2022 Tomas Halman - 2.4.9.4-1 - Resolves: rhbz2001647 - CVE-2021-39191 modauthopenid...

6.1CVSS6.4AI score0.0175EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.19 views

Fedora: Security Advisory (FEDORA-2023-02c84fe305)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.02364EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.38 views

CentOS 9 : mod_auth_openidc-2.4.9.4-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the modauthopenidc-2.4.9.4-2.el9 build changelog. - open redirect by supplying a crafted URL in the targetlinkuri parameter CVE-2021-39191 - modauthopenidc is an OpenID Certified...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References3
Rosalinux
Rosalinux
added 2024/02/27 9:20 a.m.50 views

Advisory ROSA-SA-2024-2362

Software: modauthopenidc 2.3.7 OS: ROSA Virtualization 2.1 packageevrstring: modauthopenidc-2.3.7-11.rv3 CVE-ID: CVE-2019-14857 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is an open redirect issue in URLs with a slash at the end, similar to CVE-2019-3877 in modauthmellon. CVE-STATUS: Fixed...

6.1CVSS7.3AI score0.0175EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.29 views

Fedora 39 : mod_auth_openidc (2023-02c84fe305)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-02c84fe305 advisory. Automatic update for modauthopenidc-2.4.12.3-2.fc39. Changelog Tue Mar 7 2023 Tomas Halman - 2.4.12.3-2 migrated to SPDX license Tue Feb 28 2023 Tom...

6.1CVSS6.7AI score0.02364EPSS
Exploits2References6
CBLMariner
CBLMariner
added 2023/09/28 12:35 p.m.22 views

CVE-2021-39191 affecting package mod_auth_openidc for versions less than 2.4.14.2-1

CVE-2021-39191 affecting package modauthopenidc for versions less than 2.4.14.2-1. An upgraded version of the package is available that resolves this issue...

6.1CVSS6.5AI score0.0175EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/07/19 12:0 a.m.32 views

Debian dla-3499 : libapache2-mod-auth-openidc - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3499 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3499-1 [email protected]...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2023/07/19 12:0 a.m.27 views

Debian: Security Advisory (DLA-3499-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2023:0215-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2023/01/31 12:0 a.m.30 views

SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_auth_openidc (SUSE-SU-2023:0215-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0215-1 advisory. - CVE-2022-23527: Fixed open redirect in oidcvalidateredirecturl using tab character bsc1206441. - CVE-2021-39191:...

6.1CVSS6.7AI score0.0175EPSS
Exploits1References8
Tenable Nessus
Tenable Nessus
added 2022/05/12 12:0 a.m.40 views

AlmaLinux 8 : mod_auth_openidc:2.3 (ALSA-2022:1823)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:1823 advisory. modauthopenidc: open redirect in oidcvalidateredirecturl CVE-2021-32786 modauthopenidc: hardcoded static IV and AAD with a reused key in AES GCM encryptio...

6.1CVSS6.7AI score0.02364EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2022/05/10 1:36 p.m.44 views

Moderate: Red Hat Security Advisory: mod_auth_openidc:2.3 security update

An update for the modauthopenidc:2.3 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

6.1CVSS6.6AI score0.02364EPSS
Exploits2References6
OSV
OSV
added 2022/05/10 6:30 a.m.28 views

RLSA-2022:1823 Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: open redirect in oidcvalidateredirecturl CVE-2021-32786...

6.1CVSS6.6AI score0.02364EPSS
Exploits2References5
Rockylinux
Rockylinux
added 2022/05/10 6:30 a.m.29 views

mod_auth_openidc:2.3 security update

An update is available for modauthopenidc, cjose. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The modauthopenidc is an OpenID Connect authentication module f...

6.1CVSS6.6AI score0.02364EPSS
Exploits2
OSV
OSV
added 2022/05/10 6:30 a.m.38 views

ALSA-2022:1823 Moderate: mod_auth_openidc:2.3 security update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: open redirect in oidcvalidateredirecturl CVE-2021-32786...

6.1CVSS6.6AI score0.02364EPSS
Exploits2References5
OpenVAS
OpenVAS
added 2021/10/13 12:0 a.m.29 views

SUSE: Security Advisory (SUSE-SU-2021:3352-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.02731EPSS
Exploits2References8
Tenable Nessus
Tenable Nessus
added 2021/10/13 12:0 a.m.30 views

SUSE SLES12 Security Update : apache2-mod_auth_openidc (SUSE-SU-2021:3352-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3352-1 advisory. - CVE-2021-32785: format string bug via hiredis bsc1188638 - CVE-2021-32786: open redirect in logout functionality bsc1188639 -...

7.5CVSS6.7AI score0.02731EPSS
Exploits2References16
Circl
Circl
added 2021/09/03 6:37 p.m.6 views

CVE-2021-39191

creationtimestamp| type| source ---|---|--- 2021-09-03 18:37:10+00:00| seen| https://t.me/cibsecurity/28263...

6.1CVSS6.1AI score0.0175EPSS
Exploits1References1
OSV
OSV
added 2021/09/03 2:15 p.m.7 views

AZL-7289 CVE-2021-39191 affecting package mod_auth_openidc for versions less than 2.4.14.2-1

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9.4, the 3rd-party init SSO functionality of modauthopenidc was reported to ...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References1
Rows per page
Query Builder