Information on source package libapache2-mod-auth-mellon

Available versions

ReleaseVersion
stretch0.12.0-2+deb9u1
buster0.14.2-1
bullseye0.17.0-1
bookworm0.18.0-1
sid0.18.0-1

Open issues

BugstretchbusterbullseyebookwormsidDescription
CVE-2021-3639vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedPrevent redirect to URLs that begin with '///'
CVE-2019-13038vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedmod_auth_mellon through 0.14.2 has an Open Redirect via the login?Retu ...

Resolved issues

BugDescription
CVE-2019-3878A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache ...
CVE-2019-3877A vulnerability was found in mod_auth_mellon before v0.14.2. An open r ...
CVE-2017-6807mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Tr ...
CVE-2016-2146The am_read_post_data function in mod_auth_mellon before 0.11.1 does n ...
CVE-2016-2145The am_read_post_data function in mod_auth_mellon before 0.11.1 does n ...
CVE-2014-8567The mod_auth_mellon module before 0.8.1 allows remote attackers to cau ...
CVE-2014-8566The mod_auth_mellon module before 0.8.1 allows remote attackers to obt ...

Security announcements

DSA / DLADescription
DSA-4414-1libapache2-mod-auth-mellon - security update

Search for package or bug name: Reporting problems