Lucene search
+L

26 matches found

OSV
OSV
added 2025/07/29 2:44 p.m.9 views

CLSA-2025-1753800294 mod_auth_openidc: Fix of CVE-2022-23527

CVE-2022-23527: fix open redirect vulnerability caused by improper URL validation...

6.1CVSS6.6AI score0.00905EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: mod_auth_openidc:2.3 (TSSA-2023:0283)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0283 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6.5AI score0.01327EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.13 views

Fedora 37 : mod_auth_openidc (2022-e139408490)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-e139408490 advisory. CVE-2022-23527 modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character Tenable has extracted the preceding description block...

6.1CVSS6.5AI score0.00905EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.10 views

Fedora 38 : mod_auth_openidc (2022-105be2997e)

The remote Fedora 38 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-105be2997e advisory. Automatic update for modauthopenidc-2.4.12.2-1.fc38. Changelog Fri Dec 16 2022 Tomas Halman - 2.4.12.2-1 Rebase to 2.4.12.2 version - Resolves: rhbz2153658 -...

6.1CVSS6.5AI score0.00905EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/09/10 12:0 a.m.19 views

Fedora: Security Advisory (FEDORA-2023-02c84fe305)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.02364EPSS
Exploits2References20
Tenable Nessus
Tenable Nessus
added 2024/02/29 12:0 a.m.38 views

CentOS 9 : mod_auth_openidc-2.4.9.4-2.el9

The remote CentOS Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the modauthopenidc-2.4.9.4-2.el9 build changelog. - open redirect by supplying a crafted URL in the targetlinkuri parameter CVE-2021-39191 - modauthopenidc is an OpenID Certified...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/11/21 12:0 a.m.40 views

Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2023-6940)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6940 advisory. - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz2223308...

8.6CVSS6.7AI score0.01327EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2023/11/18 12:0 a.m.36 views

mod_auth_openidc:2.3 security and bug fix update

cjose 0.6.1-4 - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz2223308 modauthopenidc 2.4.9.4-5 Related: rhbz2141850 - fix cjose version dependency 2.4.9.4-4 Resolves: rhbz2141850 - authopenidc.conf mode 0640 by...

8.6CVSS7.6AI score0.01327EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/14 12:0 a.m.51 views

RHEL 8 : mod_auth_openidc:2.3 (RHSA-2023:6940)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6940 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an Open...

7.5CVSS6.6AI score0.01327EPSS
Exploits0References10
OSV
OSV
added 2023/11/14 12:0 a.m.30 views

ALSA-2023:6940 Moderate: mod_auth_openidc:2.3 security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS6.4AI score0.01327EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/11/14 12:0 a.m.55 views

Moderate: mod_auth_openidc:2.3 security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS7.1AI score0.01327EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.31 views

Fedora 39 : mod_auth_openidc (2023-02c84fe305)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-02c84fe305 advisory. Automatic update for modauthopenidc-2.4.12.3-2.fc39. Changelog Tue Mar 7 2023 Tomas Halman - 2.4.12.3-2 migrated to SPDX license Tue Feb 28 2023 Tom...

6.1CVSS6.7AI score0.02364EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.27 views

RHEL 9 : mod_auth_openidc (RHSA-2023:6365)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6365 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an Open...

7.5CVSS6.6AI score0.01327EPSS
Exploits0References9
OSV
OSV
added 2023/11/07 12:0 a.m.47 views

ALSA-2023:6365 Moderate: mod_auth_openidc security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS6.4AI score0.01327EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.63 views

Moderate: mod_auth_openidc security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS7.2AI score0.01327EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/07/19 12:0 a.m.32 views

Debian dla-3499 : libapache2-mod-auth-openidc - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3499 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3499-1 [email protected]...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2023/07/19 12:0 a.m.27 views

Debian: Security Advisory (DLA-3499-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/05/05 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2023:1837-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.01327EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/01/31 12:0 a.m.30 views

SUSE SLES15 / openSUSE 15 Security Update : apache2-mod_auth_openidc (SUSE-SU-2023:0215-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0215-1 advisory. - CVE-2022-23527: Fixed open redirect in oidcvalidateredirecturl using tab character bsc1206441. - CVE-2021-39191:...

6.1CVSS6.7AI score0.0175EPSS
Exploits1References8
OpenVAS
OpenVAS
added 2023/01/31 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2023:0215-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.0175EPSS
Exploits1References2
Rows per page
Query Builder