CVE-2019-14857

Опубликовано: 26 нояб. 2019

Источник: debian

EPSS Низкий

Описание

A flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_mellon.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
libapache2-mod-auth-openidc	fixed	2.4.0.3-1		package
libapache2-mod-auth-openidc	fixed	2.3.10.2-1+deb10u1	buster	package

Примечания

https://github.com/zmartzone/mod_auth_openidc/commit/5c15dfb08106c2451c2c44ce7ace6813c216ba75
https://github.com/zmartzone/mod_auth_openidc/commit/ce37080c6aea30aabae8b4a9b4eea7808445cc8e
https://github.com/zmartzone/mod_auth_openidc/pull/451
https://groups.google.com/forum/#!topic/mod_auth_openidc/boy1Ba3Gdk4

EPSS

Процентиль: 43%

0.00201

Низкий

Связанные уязвимости

CVE-2019-14857

CVSS3: 6.1

ubuntu

больше 5 лет назад

A flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_mellon.

CVE-2019-14857

CVSS3: 6.1

redhat

больше 5 лет назад

A flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_mellon.

CVE-2019-14857

CVSS3: 6.1

nvd

больше 5 лет назад

A flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_mellon.

openSUSE-SU-2019:2499-1

suse-cvrf

больше 5 лет назад

Security update for apache2-mod_auth_openidc

SUSE-SU-2019:2935-1

suse-cvrf

больше 5 лет назад

Security update for apache2-mod_auth_openidc

EPSS

Процентиль: 43%

0.00201

Низкий