Download
| Alert*
oval:org.secpod.oval:def:89000361
apache2-mod_auth_openidc is installed oval:org.secpod.oval:def:89003476 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-14857: Fixed an open redirect issue that exists in URLs with trailing slashes . oval:org.secpod.oval:def:89050445 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-20479: Fixed an open redirect issue in URLs with slash and backslash . oval:org.secpod.oval:def:89050612 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-14857: Fixed an open redirect issue that exists in URLs with trailing slashes . oval:org.secpod.oval:def:89000360 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2019-20479: Fixed an open redirect issue in URLs with slash and backslash . oval:org.secpod.oval:def:3300109 SUSE Security Update: Security update for apache2-mod_auth_openidc oval:org.secpod.oval:def:89048200 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url using tab character . - CVE-2021-39191: Fixed open redirect issue in target_link_uri parameter . oval:org.secpod.oval:def:89048704 This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied . oval:org.secpod.oval:def:89048796 This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url using tab character . * CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied . oval:org.secpod.oval:def:89047275 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2021-32785: format string bug via hiredis - CVE-2021-32786: open redirect in logout functionality - CVE-2021-32791: Hardcoded static IV and AAD with a reused key in AES GCM encryption - CVE-2021-32792: XSS when using OIDCP ... oval:org.secpod.oval:def:89051600 This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2024-24814: Fixed a denial of service when using `OIDCSessionType client-cookie` and manipulating cookies . oval:org.secpod.oval:def:89051602 This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2024-24814: Fixed a denial of service when using `OIDCSessionType client-cookie` and manipulating cookies . |