Описание
ELSA-2022-1934: mod_auth_mellon security update (MODERATE)
[0.14.0-12.1]
- Resolves: rhbz#1986805 - CVE-2021-3639 mod_auth_mellon: Open Redirect vulnerability in logout URLs [rhel-8]
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
mod_auth_mellon
0.14.0-12.el8.1
mod_auth_mellon-diagnostics
0.14.0-12.el8.1
Oracle Linux x86_64
mod_auth_mellon
0.14.0-12.el8.1
mod_auth_mellon-diagnostics
0.14.0-12.el8.1
Связанные CVE
Связанные уязвимости
A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity.
A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity.
A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threat from this liability is to confidentiality and integrity.
A flaw was found in mod_auth_mellon where it does not sanitize logout ...
