Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
openidc mod auth openidc vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-32785
mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions before 2.4.9 are configured to use an unencrypted R...
Openidc Mod Auth Openidc
Netapp Cloud Backup -
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2019-1010247
ZmartZone IAM mod_auth_openidc 2.3.10.1 and previous versions is affected by: Cross Site Scripting (XSS). The impact is: Redirecting the user to a phishing page or interacting with the application on behalf of the user. The component is: File: src/mod_auth_openidc.c, Line: 3109. ...
Openidc Mod Auth Openidc
NA
CVE-2024-24814
mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In affected versions missing input validation on mod_auth_openidc_session_chunks cookie value make...
NA
CVE-2023-28625
mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. In versions 2.0.0 up to and including 2.4.13.1, when `OIDCStripCookies` is set and a crafted cookie supplied, a NULL point...
Openidc Mod Auth Openidc
NA
CVE-2022-23527
mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions before 2.4.12.2 are vulnerable to Open Redirect. When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url(...
Openidc Mod Auth Openidc
Debian Debian Linux 10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2