AZL-73204 CVE-2025-68973 affecting package gnupg2 for versions less than 2.4.9-1

In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions...

libexpat 资源管理错误漏洞

libexpat is a streaming XML parser written in C. It has a vulnerability in its xmlparse.c component that stems from a post-release reuse of the doContent function. A security vulnerability exists in versions of libexpat prior to 2.4.9, which stems from post-release reuse of the doContent function...

PT-2021-6525 · Unknown +5 · Mod Auth Openidc +5

Name of the Vulnerable Software and Affected Versions: mod auth openidc versions prior to 2.4.9 Description: The issue is related to an XSS vulnerability in mod auth openidc when using OIDCPreservePost On. This vulnerability allows a remote attacker to impact the integrity of data. The estimated...

AZL-6479 CVE-2021-32785 affecting package httpd for versions less than 2.4.52-1

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...

DEBIAN-CVE-2021-32785

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When modauthopenidc versions prior to 2.4.9 are configured to use an unencrypted Redis cache...