12 matches found
Amazon Linux AMI : mod24_auth_mellon (ALAS-2023-1765)
The version of mod24authmellon installed on the remote host is prior to 0.14.0-2.10. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1765 advisory. A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attack...
Amazon Linux 2 : mod_auth_mellon (ALAS-2023-2077)
The version of modauthmellon installed on the remote host is prior to 0.14.0-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2077 advisory. A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker t...
CVE-2021-3639
A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threa...
CVE-2021-3639
A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threa...
Design/Logic Flaw
A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threa...
CVE-2021-3639
A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threa...
mod_auth_mellon security update
0.14.0-12.1 - Resolves: rhbz1986805 - CVE-2021-3639 modauthmellon: Open Redirect vulnerability in logout URLs rhel-8...
EulerOS 2.0 SP8 : mod_auth_mellon (EulerOS-SA-2022-1354)
According to the versions of the modauthmellon package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate...
EulerOS 2.0 SP5 : mod_auth_mellon (EulerOS-SA-2021-2511)
According to the versions of the modauthmellon package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate...
Ubuntu 21.04 : mod-auth-mellon vulnerability (USN-5069-2)
The remote Ubuntu 21.04 host has a package installed that is affected by a vulnerability as referenced in the USN-5069-2 advisory. USN-5069-1 fixed a vulnerability in mod-auth-mellon. This update provides the corresponding updates for Ubuntu 21.04. Tenable has extracted the preceding description...
CVE-2021-3639
A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threa...
CVE-2021-3639
A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threa...