Openidc Mod_auth_openidc
16 CVEs affecting Openidc Mod_auth_openidc. Latest disclosed: 2025-04-06. Critical: 0, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-6413 | High | 8.6 | 2017-03-02 | The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM… |
CVE-2017-6062 | High | 8.6 | 2017-03-02 | The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM… |
CVE-2024-24814 | High | 7.5 | 2024-02-13 | mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Part… |
CVE-2023-28625 | High | 7.5 | 2023-04-03 | mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. I… |
CVE-2021-20718 | High | 7.5 | 2021-05-20 | mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors. |
CVE-2017-6059 | High | 7.5 | 2017-04-12 | Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof pag… |
CVE-2019-20479 | Medium | 6.1 | 2020-02-20 | A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning. |
CVE-2019-14857 | Medium | 6.1 | 2019-11-26 | A flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_m… |
CVE-2019-1010247 | Medium | 6.1 | 2019-07-19 | ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Redirecting the user to a phishing page or inter… |
CVE-2021-32791 | Medium | 5.9 | 2021-07-26 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use… |
CVE-2021-32785 | Medium | 5.3 | 2021-07-22 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use… |
CVE-2022-23527 | Medium | 4.7 | 2022-12-14 | mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to O… |
CVE-2021-39191 | Medium | 4.7 | 2021-09-03 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use… |
CVE-2021-32786 | Medium | 4.7 | 2021-07-22 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use… |
CVE-2021-32792 | Low | 3.1 | 2021-07-26 | mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use… |
CVE-2025-31492 | | 2025-04-06 | mod_auth_openidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party… |