Vulnerabilities > Openidc > MOD Auth Openidc > 1.8.0

DATE CVE VULNERABILITY TITLE RISK
2022-12-14 CVE-2022-23527 Open Redirect vulnerability in multiple products
mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server.
network
low complexity
openidc debian CWE-601
6.1
2021-09-03 CVE-2021-39191 mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
low complexity
openidc fedoraproject debian
6.1
2021-07-26 CVE-2021-32791 mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
high complexity
openidc fedoraproject
5.9
2021-07-26 CVE-2021-32792 mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
low complexity
openidc fedoraproject
6.1
2021-07-22 CVE-2021-32785 mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
low complexity
openidc netapp debian
7.5
2021-07-22 CVE-2021-32786 mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider.
network
low complexity
openidc fedoraproject
6.1
2020-02-20 CVE-2019-20479 Open Redirect vulnerability in multiple products
A flaw was found in mod_auth_openidc before version 2.4.1.
network
low complexity
openidc debian fedoraproject opensuse CWE-601
6.1
2019-11-26 CVE-2019-14857 Open Redirect vulnerability in Openidc MOD Auth Openidc
A flaw was found in mod_auth_openidc before version 2.4.0.1.
network
low complexity
openidc CWE-601
6.1
2019-07-19 CVE-2019-1010247 Cross-site Scripting vulnerability in Openidc MOD Auth Openidc
ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cross Site Scripting (XSS).
network
low complexity
openidc CWE-79
6.1
2017-04-12 CVE-2017-6059 Improper Input Validation vulnerability in Openidc MOD Auth Openidc
Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof page content via a malicious URL provided to the user, which triggers an invalid request.
network
low complexity
openidc CWE-20
7.5