Debian/libapache2-mod-auth-mellon — 11 CVEs

HIGH8.1CVE-2019-3878A vulnerability was found in mod_auth_mellon before v0.14.2.

from 0, < 0.14.2-1

HIGH7.5CVE-2016-2146The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to ca…

from 0, < 0.12.0-1

HIGH7.5CVE-2016-2145The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an error, which…

from 0, < 0.12.0-1

MEDIUM6.1A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly.

from 0, < 0.17.0-1+deb11u1

MEDIUM6.1libapache2-mod-auth-mellon - security update

from 0, < 0.14.2-1+deb10u1

MEDIUM6.1libapache2-mod-auth-mellon - security update

from 0, < 0.15.0-1

MEDIUM6.1libapache2-mod-auth-mellon - security update

from 0, < 0.12.0-2+deb9u1

MEDIUM6.1libapache2-mod-auth-mellon - security update

from 0, < 0.14.2-1

MEDIUM6.1mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a…

from 0, < 0.12.0-2

—The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation…

from 0, < 0.9.1

—The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logou…

from 0, < 0.9.0

pkg:Debian/libapache2-mod-auth-mellon

✅ Check your installed version

All known vulnerabilities