High severity7.5NVD Advisory· Published Apr 12, 2017· Updated May 13, 2026
CVE-2017-6059
CVE-2017-6059
Description
Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- github.com/pingidentity/mod_auth_openidc/commit/612e309bfffd6f9b8ad7cdccda3019fc0865f3b4nvdPatchThird Party Advisory
- github.com/pingidentity/mod_auth_openidc/issues/212nvdIssue TrackingPatchThird Party Advisory
- github.com/pingidentity/mod_auth_openidc/releases/tag/v2.1.4nvdPatchRelease NotesThird Party Advisory
- www.openwall.com/lists/oss-security/2017/02/17/6nvdMailing ListThird Party Advisory
- www.securityfocus.com/bid/96299nvdThird Party AdvisoryVDB Entry
- access.redhat.com/errata/RHSA-2019:2112nvdThird Party Advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2V3HIGXMUKJGOBMAQAQPGC7G5YYWSUVA/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EJXBG3DG2FUYFGTUTSJFMPIINVFKKB4Z/nvd
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WTWUMQ46GZY3O4WU4JCF333LN53R2XQH/nvd
News mentions
0No linked articles in our index yet.