Описание
ELSA-2020-3970: mod_auth_openidc security update (LOW)
[1.8.8-7]
- Fix a regression in the previous patches
- Related: rhbz#1805748 - CVE-2019-20479 mod_auth_openidc: open redirect issue exists in URLs with slash and backslash [rhel-7]
[1.8.8-6]
- Resolves: rhbz#1805748 - CVE-2019-20479 mod_auth_openidc: open redirect issue exists in URLs with slash and backslash [rhel-7]
- Resolves: rhbz#1805067 - CVE-2019-14857 mod_auth_openidc: Open redirect in logout url when using URLs with leading slashes [rhel-7]
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
mod_auth_openidc
1.8.8-7.el7
Oracle Linux x86_64
mod_auth_openidc
1.8.8-7.el7
Связанные CVE
Связанные уязвимости
oracle-oval
почти 5 лет назад
ELSA-2020-3032: mod_auth_openidc:2.3 security and bug fix update (MODERATE)
CVSS3: 6.1
ubuntu
больше 5 лет назад
A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning.
CVSS3: 6.1
redhat
больше 5 лет назад
A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning.
CVSS3: 6.1
nvd
больше 5 лет назад
A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning.