Vulnerabilities (CVE)

Filtered by vendor Uninett Subscribe

Filtered by product Mod Auth Mellon

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2014-8566	2 Oracle, Uninett	2 Linux, Mod Auth Mellon	2019-12-27	6.4 MEDIUM	N/A
The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory."
CVE-2014-8567	2 Redhat, Uninett	7 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 4 more	2019-07-09	9.4 HIGH	N/A
The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.