AlmaLinux 9 : mod_auth_openidc (ALSA-2025:9396)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:9396 advisory. modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled CVE-2025-3891 Tenable has extracted the preceding description block directly fro...

AlmaLinux 8 : mod_auth_openidc:2.3 (ALSA-2025:4597)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:4597 advisory. modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled CVE-2025-3891 Tenable has extracted the preceding description block directly fro...

RockyLinux 8 : mod_auth_openidc:2.3 (RLSA-2024:5289)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2024:5289 advisory. modauthopenidc: DoS when using OIDCSessionType client-cookie and manipulating cookies CVE-2024-24814 Tenable has extracted the preceding description block directl...

USN-7446-1: mod_auth_openidc vulnerability

It was discovered that modauthopenidc incorrectly handled certain POST requests. An attacker could possibly use this issue to obtain sensitive information...