Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:25429
HistoryMay 15, 2020 - 2:23 a.m.

Open Redirection

2020-05-1502:23:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
16
httpd
open redirection
mod_rewrite
vulnerability
url validation

EPSS

0.003

Percentile

65.7%

httpd is vulnerable to open redirection. The mod_rewrite configurations is vulnerable to open redirect due to lack of validation in the URL.

Affected configurations

Vulners
Node
redhatmod_clusterMatch1.3.12_9.final_redhat_2.jbcs.el7
OR
redhatmod_clusterMatch1.3.5_13.final_redhat_1.jbcs.el6
OR
redhatmod_clusterMatch1.3.1_10.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.12_13.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.1_10.final_redhat_2.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_3.final_redhat_2.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_1.final_redhat_1.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_1.final_redhat_2.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_1.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.12_9.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.8_1.final_redhat_1.jbcs.el6
OR
redhatmod_clusterMatch1.3.5_13.final_redhat_1.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_3.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.12_13.final_redhat_2.jbcs.el7
OR
-jbcs-httpd24-mod_http2Match1.11.3_8.jbcs.el7
OR
-jbcs-httpd24-mod_http2Match1.11.3_8.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_114.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_102.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.23_122.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_120.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_41.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.29_41.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.6_77.sp1.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_17.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.37_33.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.6_75.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.6_77.sp1.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.29_35.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.29_40.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_125.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.37_41.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_122.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_40.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.37_33.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_35.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.6_75.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_17.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.23_102.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_114.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.23_120.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.37_41.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.23_125.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.1.1c_4.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2h_13.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2h_12.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2n_14.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2n_14.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2n_15.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2h_14.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2h_4.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2h_13.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2h_4.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2n_11.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2n_11.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.1.1c_4.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2h_14.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2h_12.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2n_15.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_63.jbcs.el6
OR
-jbcs-httpd24-aprMatch1.6.3_73.jbcs.el6
OR
-jbcs-httpd24-aprMatch1.6.3_31.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_14.jbcs.el6
OR
-jbcs-httpd24-aprMatch1.6.3_63.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_73.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_14.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_31.jbcs.el6
OR
-jbcs-httpd24-brotliMatch1.0.6_9.jbcs.el6
OR
-jbcs-httpd24-brotliMatch1.0.6_7.jbcs.el7
OR
-jbcs-httpd24-brotliMatch1.0.6_9.jbcs.el7
OR
-jbcs-httpd24-brotliMatch1.0.6_7.jbcs.el6
OR
-httpd24-httpdMatch2.4.34_7.el7.1
OR
-httpd24-httpdMatch2.4.25_9.el7
OR
-httpd24-httpdMatch2.4.25_9.el6
OR
-httpd24-httpdMatch2.4.34_15.el6
OR
-httpd24-httpdMatch2.4.34_7.el6
OR
-httpd24-httpdMatch2.4.25_8.el6
OR
-httpd24-httpdMatch2.4.27_8.el6
OR
-httpd24-httpdMatch2.4.34_15.el7
OR
-httpd24-httpdMatch2.4.34_8.el7.1
OR
-httpd24-httpdMatch2.4.6_22.el6
OR
-httpd24-httpdMatch2.4.6_18.el6
OR
-httpd24-httpdMatch2.4.18_10.el6
OR
-httpd24-httpdMatch2.4.34_8.el6.1
OR
-httpd24-httpdMatch2.4.27_8.el7.1
OR
-httpd24-httpdMatch2.4.34_7.el7
OR
-httpd24-httpdMatch2.4.12_3.el6
OR
-httpd24-httpdMatch2.4.18_11.el7
OR
-httpd24-httpdMatch2.4.25_9.el6.1
OR
-httpd24-httpdMatch2.4.27_8.el6.1
OR
-httpd24-httpdMatch2.4.6_16.el6
OR
-httpd24-httpdMatch2.4.12_4.el6.2
OR
-httpd24-httpdMatch2.4.18_11.el6
OR
-httpd24-httpdMatch2.4.34_7.el6.1
OR
-httpd24-httpdMatch2.4.18_10.el7
OR
-httpd24-httpdMatch2.4.12_6.el7.1
OR
-httpd24-httpdMatch2.4.27_8.el7
OR
-apache2\Matchxenial2.4.18-2ubuntu3
OR
-apache2\Matchbionic2.4.29-1ubuntu4
OR
-apache2\Matchfocal2.4.41-4ubuntu3
OR
httpdMatch2.4.6_80.el7.centos.1
OR
httpdMatch2.4.6_89.el7.centos
OR
httpdMatch2.4.6_89.el7.centos.1
OR
httpdMatch2.4.6_80.el7.centos
OR
httpdMatch2.4.6_93.el7.centos
OR
httpdMatch2.4.6_31.ael7b_1.1
OR
httpdMatch2.4.6_90.el7.centos
OR
httpdMatch2.4.6_88.el7.centos
OR
-apache2\Matchedge2.4.41-r0
OR
-apache2\Matchstretch2.4.25-3+deb9u9
OR
redhatmod_clusterMatch1.3.12_9.final_redhat_2.jbcs.el7
OR
redhatmod_clusterMatch1.3.5_13.final_redhat_1.jbcs.el6
OR
redhatmod_clusterMatch1.3.1_10.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.12_13.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.1_10.final_redhat_2.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_3.final_redhat_2.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_1.final_redhat_1.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_1.final_redhat_2.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_1.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.12_9.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.8_1.final_redhat_1.jbcs.el6
OR
redhatmod_clusterMatch1.3.5_13.final_redhat_1.jbcs.el7
OR
redhatmod_clusterMatch1.3.8_3.final_redhat_2.jbcs.el6
OR
redhatmod_clusterMatch1.3.12_13.final_redhat_2.jbcs.el7
OR
-jbcs-httpd24-mod_http2Match1.11.3_8.jbcs.el7
OR
-jbcs-httpd24-mod_http2Match1.11.3_8.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_114.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_102.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.23_122.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_120.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_41.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.29_41.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.6_77.sp1.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_17.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.37_33.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.6_75.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.6_77.sp1.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.29_35.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.29_40.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_125.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.37_41.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_122.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_40.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.37_33.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_35.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.6_75.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.29_17.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.23_102.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.23_114.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.23_120.jbcs.el6
OR
-jbcs-httpd24-httpdMatch2.4.37_41.jbcs.el7
OR
-jbcs-httpd24-httpdMatch2.4.23_125.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.1.1c_4.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2h_13.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2h_12.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2n_14.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2n_14.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2n_15.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2h_14.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2h_4.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2h_13.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2h_4.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2n_11.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2n_11.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.1.1c_4.jbcs.el7
OR
-jbcs-httpd24-opensslMatch1.0.2h_14.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2h_12.jbcs.el6
OR
-jbcs-httpd24-opensslMatch1.0.2n_15.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_63.jbcs.el6
OR
-jbcs-httpd24-aprMatch1.6.3_73.jbcs.el6
OR
-jbcs-httpd24-aprMatch1.6.3_31.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_14.jbcs.el6
OR
-jbcs-httpd24-aprMatch1.6.3_63.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_73.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_14.jbcs.el7
OR
-jbcs-httpd24-aprMatch1.6.3_31.jbcs.el6
OR
-jbcs-httpd24-brotliMatch1.0.6_9.jbcs.el6
OR
-jbcs-httpd24-brotliMatch1.0.6_7.jbcs.el7
OR
-jbcs-httpd24-brotliMatch1.0.6_9.jbcs.el7
OR
-jbcs-httpd24-brotliMatch1.0.6_7.jbcs.el6
OR
-httpd24-httpdMatch2.4.34_7.el7.1
OR
-httpd24-httpdMatch2.4.25_9.el7
OR
-httpd24-httpdMatch2.4.25_9.el6
OR
-httpd24-httpdMatch2.4.34_15.el6
OR
-httpd24-httpdMatch2.4.34_7.el6
OR
-httpd24-httpdMatch2.4.25_8.el6
OR
-httpd24-httpdMatch2.4.27_8.el6
OR
-httpd24-httpdMatch2.4.34_15.el7
OR
-httpd24-httpdMatch2.4.34_8.el7.1
OR
-httpd24-httpdMatch2.4.6_22.el6
OR
-httpd24-httpdMatch2.4.6_18.el6
OR
-httpd24-httpdMatch2.4.18_10.el6
OR
-httpd24-httpdMatch2.4.34_8.el6.1
OR
-httpd24-httpdMatch2.4.27_8.el7.1
OR
-httpd24-httpdMatch2.4.34_7.el7
OR
-httpd24-httpdMatch2.4.12_3.el6
OR
-httpd24-httpdMatch2.4.18_11.el7
OR
-httpd24-httpdMatch2.4.25_9.el6.1
OR
-httpd24-httpdMatch2.4.27_8.el6.1
OR
-httpd24-httpdMatch2.4.6_16.el6
OR
-httpd24-httpdMatch2.4.12_4.el6.2
OR
-httpd24-httpdMatch2.4.18_11.el6
OR
-httpd24-httpdMatch2.4.34_7.el6.1
OR
-httpd24-httpdMatch2.4.18_10.el7
OR
-httpd24-httpdMatch2.4.12_6.el7.1
OR
-httpd24-httpdMatch2.4.27_8.el7
OR
-apache2\Matchxenial2.4.18-2ubuntu3
OR
-apache2\Matchbionic2.4.29-1ubuntu4
OR
-apache2\Matchfocal2.4.41-4ubuntu3
OR
httpdMatch2.4.6_80.el7.centos.1
OR
httpdMatch2.4.6_89.el7.centos
OR
httpdMatch2.4.6_89.el7.centos.1
OR
httpdMatch2.4.6_80.el7.centos
OR
httpdMatch2.4.6_93.el7.centos
OR
httpdMatch2.4.6_31.ael7b_1.1
OR
httpdMatch2.4.6_90.el7.centos
OR
httpdMatch2.4.6_88.el7.centos
OR
-apache2\Matchedge2.4.41-r0
OR
-apache2\Matchstretch2.4.25-3+deb9u9
OR
-apache2\Matchbuster2.4.38-3+deb10u5
OR
-apache2\Matchbuster2.4.38-3+deb10u4
VendorProductVersionCPE
redhatmod_cluster1.3.12_9.final_redhat_2.jbcs.el7cpe:2.3:a:redhat:mod_cluster:1.3.12_9.final_redhat_2.jbcs.el7:*:*:*:*:*:*:*
redhatmod_cluster1.3.5_13.final_redhat_1.jbcs.el6cpe:2.3:a:redhat:mod_cluster:1.3.5_13.final_redhat_1.jbcs.el6:*:*:*:*:*:*:*
redhatmod_cluster1.3.1_10.final_redhat_2.jbcs.el6cpe:2.3:a:redhat:mod_cluster:1.3.1_10.final_redhat_2.jbcs.el6:*:*:*:*:*:*:*
redhatmod_cluster1.3.12_13.final_redhat_2.jbcs.el6cpe:2.3:a:redhat:mod_cluster:1.3.12_13.final_redhat_2.jbcs.el6:*:*:*:*:*:*:*
redhatmod_cluster1.3.1_10.final_redhat_2.jbcs.el7cpe:2.3:a:redhat:mod_cluster:1.3.1_10.final_redhat_2.jbcs.el7:*:*:*:*:*:*:*
redhatmod_cluster1.3.8_3.final_redhat_2.jbcs.el7cpe:2.3:a:redhat:mod_cluster:1.3.8_3.final_redhat_2.jbcs.el7:*:*:*:*:*:*:*
redhatmod_cluster1.3.8_1.final_redhat_1.jbcs.el7cpe:2.3:a:redhat:mod_cluster:1.3.8_1.final_redhat_1.jbcs.el7:*:*:*:*:*:*:*
redhatmod_cluster1.3.8_1.final_redhat_2.jbcs.el7cpe:2.3:a:redhat:mod_cluster:1.3.8_1.final_redhat_2.jbcs.el7:*:*:*:*:*:*:*
redhatmod_cluster1.3.8_1.final_redhat_2.jbcs.el6cpe:2.3:a:redhat:mod_cluster:1.3.8_1.final_redhat_2.jbcs.el6:*:*:*:*:*:*:*
redhatmod_cluster1.3.12_9.final_redhat_2.jbcs.el6cpe:2.3:a:redhat:mod_cluster:1.3.12_9.final_redhat_2.jbcs.el6:*:*:*:*:*:*:*
Rows per page:
1-10 of 1111

References