| Package | libapache2-mod-auth-openidc |
|---|---|
| Version | 2.1.6-1+deb9u2 (stretch) |
| Related CVEs | CVE-2021-32786 CVE-2021-32792 CVE-2021-39191 CVE-2022-23527 CVE-2023-28625 CVE-2024-24814 CVE-2025-3891 |
Several vulnerabilities were found in mod_auth_openidc, an OpenID Certified authentication and authorization module for the Apache 2.x HTTP server that implements the OpenID Connect Relying Party functionality.
An unauthenticated attacker may cause Denial-of-Service (DoS) through crafted HTTP requests, facilitate a fishing campaign leveraging open directions by sending crafted links to a victim, or inject JavaScript code (XSS).
-
CVE-2021-32786
oidc_validate_redirect_url()does not parse URLs the same way as most browsers do. As a result, this function can be bypassed and leads to an Open Redirect vulnerability in the logout functionality. -
CVE-2021-32792
XSS vulnerability in when using
OIDCPreservePost On. -
CVE-2021-39191
The 3rd-party init SSO functionality of mod_auth_openidc was reported to be vulnerable to an open redirect attack by supplying a crafted URL in the
target_link_uriparameter. -
CVE-2022-23527
When providing a logout parameter to the redirect URI, the existing code in oidc_validate_redirect_url() does not properly check for URLs that start with /\t, leading to an open redirect.
-
CVE-2023-28625
When
OIDCStripCookiesis set and a crafted cookie supplied, a NULL pointer dereference would occur, resulting in a segmentation fault. This could be used in a Denial-of-Service attack and thus presents an availability risk. -
CVE-2024-24814
Input validation on mod_auth_openidc_session_chunks cookie value makes the server vulnerable to a denial of service (DoS) attack.
-
CVE-2025-3891:
Denial of service when sending an empty Content-Type header when the OIDCPreservePost directive is enabled.
For Debian 9 stretch, these problems have been fixed in version 2.1.6-1+deb9u2.
We recommend that you upgrade your libapache2-mod-auth-openidc packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.