pkg:Debian/libapache2-mod-auth-mellon

All known vulnerabilities

• HIGH8.1CVE-2019-3878A vulnerability was found in mod_auth_mellon before v0.14.2.
  from 0, < 0.14.2-1
• HIGH7.5CVE-2016-2146The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to ca…
  from 0, < 0.12.0-1
• HIGH7.5CVE-2016-2145The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an error, which…
  from 0, < 0.12.0-1
• MEDIUM6.1CVE-2021-3639A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly.
  from 0, < 0.17.0-1+deb11u1
• MEDIUM6.1CVE-2019-13038libapache2-mod-auth-mellon - security update
  from 0, < 0.14.2-1+deb10u1
• MEDIUM6.1CVE-2019-13038libapache2-mod-auth-mellon - security update
  from 0, < 0.15.0-1
• MEDIUM6.1CVE-2019-3877libapache2-mod-auth-mellon - security update
  from 0, < 0.12.0-2+deb9u1
• MEDIUM6.1CVE-2019-3877libapache2-mod-auth-mellon - security update
  from 0, < 0.14.2-1
• MEDIUM6.1CVE-2017-6807mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site running on a…
  from 0, < 0.12.0-2
• —CVE-2014-8566The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation…
  from 0, < 0.9.1
• —CVE-2014-8567The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logou…
  from 0, < 0.9.0