rpm package
suse/apache2-mod_auth_mellon&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP5
pkg:rpm/suse/apache2-mod_auth_mellon&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-3639 | Med | 6.1 | < 0.16.0-8.6.1 | 0.16.0-8.6.1 | Aug 22, 2022 | A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server |
- affected < 0.16.0-8.6.1fixed 0.16.0-8.6.1
A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server