[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256488

 
 

909

 
 

199193

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
OVAL

SUSE-SU-2023:1837-1 -- SLES apache2-mod_auth_openidc

ID: oval:org.secpod.oval:def:89048796Date: (C)2023-06-02   (M)2024-01-02
Class: PATCHFamily: unix




This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url using tab character . * CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied .

Platform:
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server 12 SP4
Product:
apache2-mod_auth_openidc
Reference:
SUSE-SU-2023:1837-1
CVE-2022-23527
CVE-2023-28625
CVE    2
CVE-2023-28625
CVE-2022-23527
CPE    3
cpe:/o:suse:suse_linux_enterprise_server:12:sp4
cpe:/a:apache2:apache2-mod_auth_openidc
cpe:/o:suse:suse_linux_enterprise_server:12:sp5

© SecPod Technologies