Mod Auth Openidc@2.0.0 Security Vulnerabilities and Issues — Mod Auth Openidc@2.0.0 CVE List

Lucene search

OpenidcMod Auth Openidc2.0.0

2 matches found

CVE•added 2023/04/03 2:15 p.m.•207 views

CVE-2023-28625

mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 through 2.4.13.1, when OIDCStripCookies is set and a crafted cookie supplied, a NULL pointer dereference would occur, resul...

7.5CVSS7.5AI score0.00103EPSS

CVE•added 2024/02/13 7:15 p.m.•100 views

CVE-2024-24814

mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable t...

7.5CVSS7.4AI score0.00205EPSS