Lucene search
+L

29 matches found

Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.4 views

TencentOS Server 3: mod_auth_openidc:2.3 (TSSA-2023:0283)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0283 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

7.5CVSS6.5AI score0.01327EPSS
Exploits0References3
OSV
OSV
added 2025/04/29 4:44 p.m.10 views

CLSA-2025-1745945082 mod_auth_openidc: Fix of CVE-2023-28625

CVE-2023-28625: fix NULL pointer dereference causing segmentation fault...

7.5CVSS6.7AI score0.01327EPSS
Exploits0References1
Rosalinux
Rosalinux
added 2024/02/27 9:20 a.m.50 views

Advisory ROSA-SA-2024-2362

Software: modauthopenidc 2.3.7 OS: ROSA Virtualization 2.1 packageevrstring: modauthopenidc-2.3.7-11.rv3 CVE-ID: CVE-2019-14857 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: There is an open redirect issue in URLs with a slash at the end, similar to CVE-2019-3877 in modauthmellon. CVE-STATUS: Fixed...

6.1CVSS7.3AI score0.0175EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/21 12:0 a.m.40 views

Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2023-6940)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-6940 advisory. - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz2223308...

8.6CVSS6.7AI score0.01327EPSS
Exploits1References3
Oracle linux
Oracle linux
added 2023/11/18 12:0 a.m.36 views

mod_auth_openidc:2.3 security and bug fix update

cjose 0.6.1-4 - CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual Authentication Tag provided in the JWE Resolves: rhbz2223308 modauthopenidc 2.4.9.4-5 Related: rhbz2141850 - fix cjose version dependency 2.4.9.4-4 Resolves: rhbz2141850 - authopenidc.conf mode 0640 by...

8.6CVSS7.6AI score0.01327EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2023/11/14 12:0 a.m.51 views

RHEL 8 : mod_auth_openidc:2.3 (RHSA-2023:6940)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6940 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an Open...

7.5CVSS6.6AI score0.01327EPSS
Exploits0References10
OSV
OSV
added 2023/11/14 12:0 a.m.30 views

ALSA-2023:6940 Moderate: mod_auth_openidc:2.3 security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS6.4AI score0.01327EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/11/14 12:0 a.m.55 views

Moderate: mod_auth_openidc:2.3 security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS7.1AI score0.01327EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2023/11/11 12:0 a.m.28 views

mod_auth_openidc security and bug fix update

2.4.9.4-4 Resolves: rhbz2189268 - authopenidc.conf mode 0640 by default 2.4.9.4-3 - Resolves: rhbz2184145 - CVE-2023-28625 NULL pointer dereference when OIDCStripCookies is set and a crafted Cookie header is supplied 2.4.9.4-2 - Resolves: rhbz2153656 - CVE-2022-23527 - Open Redirect in...

7.5CVSS7.6AI score0.01327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.27 views

RHEL 9 : mod_auth_openidc (RHSA-2023:6365)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:6365 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an Open...

7.5CVSS6.6AI score0.01327EPSS
Exploits0References9
OSV
OSV
added 2023/11/07 12:0 a.m.47 views

ALSA-2023:6365 Moderate: mod_auth_openidc security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS6.4AI score0.01327EPSS
Exploits0References6
AlmaLinux
AlmaLinux
added 2023/11/07 12:0 a.m.63 views

Moderate: mod_auth_openidc security and bug fix update

The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fixes: modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character...

7.5CVSS7.2AI score0.01327EPSS
Exploits0References6
CBLMariner
CBLMariner
added 2023/09/28 12:35 p.m.23 views

CVE-2023-28625 affecting package mod_auth_openidc for versions less than 2.4.14.2-1

CVE-2023-28625 affecting package modauthopenidc for versions less than 2.4.14.2-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.6AI score0.01327EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/05/31 12:0 a.m.22 views

Fedora 38 : mod_auth_openidc (2023-b534ca7056)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b534ca7056 advisory. Rebase to 2.4.13.2 version, fix CVE-2023-28625 Tenable has extracted the preceding description block directly from the Fedora security advisory. Not...

7.5CVSS6.5AI score0.01327EPSS
Exploits0References2
Debian
Debian
added 2023/05/18 1:12 p.m.38 views

[SECURITY] [DSA 5405-1] libapache2-mod-auth-openidc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5405-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 18, 2023 https://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.01327EPSS
Exploits0
F5 Networks
F5 Networks
added 2023/05/12 7:47 p.m.23 views

K000134597: mod_auth_openidc vulnerability CVE-2023-28625

Security Advisory Description modauthopenidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer...

7.5CVSS6.7AI score0.01327EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/05/05 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2023:1837-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.01327EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2023/05/01 12:0 a.m.27 views

Debian: Security Advisory (DLA-3409-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.02731EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/05/01 12:0 a.m.43 views

Debian dla-3409 : libapache2-mod-auth-openidc - security update

The remote Debian 10 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-3409 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3409-1 [email protected]...

7.5CVSS6.7AI score0.02731EPSS
Exploits1References14
Debian
Debian
added 2023/04/30 9:14 p.m.92 views

[SECURITY] [DLA 3409-1] libapache2-mod-auth-openidc security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3409-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk April 30, 2023 https://wiki.debian.org/LTS -...

7.5CVSS7.3AI score0.02731EPSS
Exploits1
Rows per page
Query Builder