VYPR

rpm package

opensuse/apache2-mod_auth_openidc&distro=openSUSE Leap 15.2

pkg:rpm/opensuse/apache2-mod_auth_openidc&distro=openSUSE%20Leap%2015.2

Vulnerabilities (4)

  • CVE-2021-32792LowJul 26, 2021
    affected < 2.3.8-lp152.5.6.1fixed 2.3.8-lp152.5.6.1

    mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, there is an XSS vulnerability in when us

  • CVE-2021-32791MedJul 26, 2021
    affected < 2.3.8-lp152.5.6.1fixed 2.3.8-lp152.5.6.1

    mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openi

  • CVE-2021-32786MedJul 22, 2021
    affected < 2.3.8-lp152.5.6.1fixed 2.3.8-lp152.5.6.1

    mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In versions prior to 2.4.9, `oidc_validate_redirect_url()` does not parse URLs the

  • CVE-2021-32785MedJul 22, 2021
    affected < 2.3.8-lp152.5.6.1fixed 2.3.8-lp152.5.6.1

    mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. When mod_auth_openidc versions prior to 2.4.9 are configured to use an unencrypted