Known Vulnerabilities for Mod Auth Mellon by Uninett
Listed below are 6 of the newest known vulnerabilities associated with "Mod Auth Mellon" by "Uninett".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3639 | A flaw was found in mod_auth_mellon where it does not sanitize logout URLs properly. This issue could be used by an attacker ... | 6.1 - MEDIUM | 2022-08-22 | 2023-02-12 |
| CVE-2017-6807 | mod_auth_mellon before 0.13.1 is vulnerable to a Cross-Site Session Transfer attack, where a user with access to one web site... | 6.1 - MEDIUM | 2017-03-13 | 2017-03-15 |
| CVE-2016-2146 | The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote a... | 7.5 - HIGH | 2016-04-15 | 2016-04-25 |
| CVE-2016-2145 | The am_read_post_data function in mod_auth_mellon before 0.11.1 does not check if the ap_get_client_block function returns an... | 7.5 - HIGH | 2016-04-15 | 2016-04-25 |
| CVE-2014-8567 | The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a... | 9.4 - HIGH | 2014-11-14 | 2019-07-09 |
| CVE-2014-8566 | The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service ... | 6.4 - MEDIUM | 2014-11-15 | 2019-12-27 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Uninett | Mod Auth Mellon | 0.9.1 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.9.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.8.1 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.8.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.7.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.6.1 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.6.0 | - | All | All |
| Application | Uninett | Mod Auth Mellon | 0.6.0 | rc1 | All | All |
| Application | Uninett | Mod Auth Mellon | 0.5.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.4.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.14.2 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.14.1 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.14.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.13.1 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.13.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.12.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.11.1 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.11.0 | All | All | All |
| Application | Uninett | Mod Auth Mellon | 0.10.0 | All | All | All |