Lucene search
K

48 matches found

RedHat Linux
RedHat Linux
added 2025/07/01 1:32 a.m.5 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 1:5 a.m.4 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:57 a.m.3 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:49 a.m.8 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:44 a.m.5 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:43 a.m.8 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2025/07/01 12:38 a.m.14 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.6 views

RHEL 8 : mod_auth_openidc:2.3 (RHSA-2025:10003)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:10003 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Conne...

7.5CVSS6.3AI score0.01214EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/07/01 12:0 a.m.20 views

RHEL 9 : mod_auth_openidc (RHSA-2025:10002)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2025:10002 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Conne...

7.5CVSS6.3AI score0.01214EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2025/06/23 4:2 p.m.6 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
OSV
OSV
added 2025/06/16 10:4 a.m.6 views

SUSE-SU-2025:01962-1 Security update for apache2-mod_auth_openidc

This update for apache2-modauthopenidc fixes the following issues: - CVE-2025-3891: Fixed denial of service via an empty POST request when OIDCPreservePost is enabled bsc1242015...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References3
SUSE Linux
SUSE Linux
added 2025/06/13 1:55 p.m.5 views

Security update for apache2-mod_auth_openidc

This update for apache2-modauthopenidc fixes the following issues: CVE-2025-3891: Fixed denial of service via an empty POST request when OIDCPreservePost is enabled bsc1242015. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

8.2CVSS6AI score0.01214EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/05/07 12:0 a.m.6 views

RHEL 8 : mod_auth_openidc:2.3 (RHSA-2025:4597)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:4597 advisory. The modauthopenidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connec...

7.5CVSS6.3AI score0.01214EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2025/05/06 8:23 p.m.6 views

mod_auth_openidc: DoS via Empty POST in mod_auth_openidc with OIDCPreservePost Enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.8AI score0.01214EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2025/04/29 12:15 p.m.2 views

CVE-2025-3891

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS6.5AI score0.01214EPSS
Exploits0References14Affected Software14
OSV
OSV
added 2025/04/29 12:15 p.m.2 views

DEBIAN-CVE-2025-3891

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS6AI score0.01214EPSS
Exploits0References1
OSV
OSV
added 2025/04/29 12:15 p.m.23 views

UBUNTU-CVE-2025-3891

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS7.1AI score0.01214EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/04/29 11:56 a.m.7 views

CVE-2025-3891 Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled

A flaw was found in the modauthopenidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability...

7.5CVSS5.3AI score0.01214EPSS
Exploits0References13
CNNVD
CNNVD
added 2025/04/29 12:0 a.m.4 views

Red Hat Enterprise Linux 7 安全漏洞

Red Hat Enterprise Linux 7 is a Linux operating system for business users from Red Hat, an American company. A security vulnerability exists in Red Hat Enterprise Linux 7 that originates from a crash when processing an empty POST request, which could result in a denial of service...

7.5CVSS5.5AI score0.01214EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.6 views

PT-2025-18145

Name of the Vulnerable Software and Affected Versions Apache httpd mod auth openidc module affected versions not specified Description A flaw in the mod auth openidc module for Apache httpd allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request...

7.8CVSS6.5AI score0.01214EPSS
Exploits0References75
Rows per page
Query Builder