Download
| Alert*
oval:org.secpod.oval:def:503822
The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix: * mod_auth_openidc: Open redirect in logout url when using URLs with leading slashes ... oval:org.secpod.oval:def:66563 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix: * mod_auth_openidc: Open redirect in logout url when using URLs with leading slashes ... oval:org.secpod.oval:def:89050445 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-20479: Fixed an open redirect issue in URLs with slash and backslash . oval:org.secpod.oval:def:1601216 An open redirect flaw was discovered in mod_auth_openidc, where it handles logout redirection. The module does not correctly validate the URL, allowing a URL with leading slashes to bypass the protection checks. A victim user may be tricked into visiting a trusted vulnerable web site, which would re ... oval:org.secpod.oval:def:118337 This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. oval:org.secpod.oval:def:118341 This module enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. oval:org.secpod.oval:def:89000360 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-20479: Fixed an open redirect issue in URLs with slash and backslash . oval:org.secpod.oval:def:504321 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix: * mod_auth_openidc: Open redirect in logout url when using URLs with leading slashes ... oval:org.secpod.oval:def:1504031 [1.8.8-7] - Fix a regression in the previous patches - Related: rhbz#1805748 - CVE-2019-20479 mod_auth_openidc: open redirect issue exists in URLs with slash and backslash [rhel-7] [1.8.8-6] - Resolves: rhbz#1805748 - CVE-2019-20479 mod_auth_openidc: open redirect issue exists in URLs with slash and ... oval:org.secpod.oval:def:1700416 An open redirect flaw was discovered in mod_auth_openidc, where it handles logout redirection. The module does not correctly validate the URL, allowing a URL with leading slashes to bypass the protection checks. A victim user may be tricked into visiting a trusted vulnerable web site, which would re ... oval:org.secpod.oval:def:2500082 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. oval:org.secpod.oval:def:205631 The mod_auth_openidc is an OpenID Connect authentication module for Apache HTTP Server. It enables an Apache HTTP Server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server. Security Fix: * mod_auth_openidc: Open redirect in logout url when using URLs with leading slashes ... oval:org.secpod.oval:def:1504511 cjose [0.6.1-2] - fix concatkdf big endian architecture problem. Upstream issue #77. [0.6.1-1] - upgrade to latest upstream 0.6.1 [0.5.1-3] - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild [0.5.1-2] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [0.5.1-1] - In ... |