CVE-2019-13038

Опубликовано: 29 июн. 2019

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 6.1

Описание

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.

Релиз	Статус	Примечание
bionic	released	0.13.1-1ubuntu0.2
cosmic	ignored	end of life
devel	released	0.14.2-1ubuntu2
disco	ignored	end of life
eoan	released	0.14.2-1ubuntu1.19.10.1
esm-apps/xenial	needed
esm-infra-legacy/trusty	DNE
esm-infra/bionic	released	0.13.1-1ubuntu0.2
esm-infra/focal	released	0.14.2-1ubuntu2
focal	released	0.14.2-1ubuntu2

Показывать по

Ссылки на источники

EPSS

Процентиль: 31%

0.00116

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

Связанные уязвимости

CVE-2019-13038

CVSS3: 6.1

redhat

больше 6 лет назад

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.

CVE-2019-13038

CVSS3: 6.1

nvd

больше 6 лет назад

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.

CVE-2019-13038

CVSS3: 6.1

debian

больше 6 лет назад

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?Retu ...

GHSA-67h8-fxm4-vr72

CVSS3: 6.1

github

больше 3 лет назад

mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in the target URL.

ELSA-2020-1660

oracle-oval

почти 6 лет назад

ELSA-2020-1660: mod_auth_mellon security and bug fix update (MODERATE)

EPSS

Процентиль: 31%

0.00116

Низкий

4.3 Medium

CVSS2

6.1 Medium

CVSS3

CVE-2019-13038

Описание

Пакет libapache2-mod-auth-mellon

Ссылки на источники

Связанные уязвимости