Openidc Mod_auth_openidc

16 CVEs affecting Openidc Mod_auth_openidc. Latest disclosed: 2025-04-06. Critical: 0, High: 6.

Top CVEs affecting Openidc Mod_auth_openidc
CVESeverityScorePublishedSummary
CVE-2017-6413High8.62017-03-02The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.6 for the Apache HTTP Server does not skip OIDC_CLAIM…
CVE-2017-6062High8.62017-03-02The "OpenID Connect Relying Party and OAuth 2.0 Resource Server" (aka mod_auth_openidc) module before 2.1.5 for the Apache HTTP Server does not skip OIDC_CLAIM…
CVE-2024-24814High7.52024-02-13mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Part…
CVE-2023-28625High7.52023-04-03mod_auth_openidc is an authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality. I…
CVE-2021-20718High7.52021-05-20mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors.
CVE-2017-6059High7.52017-04-12Mod_auth_openidc.c in the Ping Identity OpenID Connect authentication module for Apache (aka mod_auth_openidc) before 2.14 allows remote attackers to spoof pag…
CVE-2019-20479Medium6.12020-02-20A flaw was found in mod_auth_openidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning.
CVE-2019-14857Medium6.12019-11-26A flaw was found in mod_auth_openidc before version 2.4.0.1. An open redirect issue exists in URLs with trailing slashes similar to CVE-2019-3877 in mod_auth_m…
CVE-2019-1010247Medium6.12019-07-19ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Redirecting the user to a phishing page or inter…
CVE-2021-32791Medium5.92021-07-26mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use…
CVE-2021-32785Medium5.32021-07-22mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use…
CVE-2022-23527Medium4.72022-12-14mod_auth_openidc is an OpenID Certified™ authentication and authorization module for the Apache 2.x HTTP server. Versions prior to 2.4.12.2 are vulnerable to O…
CVE-2021-39191Medium4.72021-09-03mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use…
CVE-2021-32786Medium4.72021-07-22mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use…
CVE-2021-32792Low3.12021-07-26mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating use…
CVE-2025-314922025-04-06mod_auth_openidc is an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party…