Back to bug 2184118
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Pedro Sampaio | 2023-04-03 17:20:59 UTC | Depends On | 2184119 | |
| Pedro Sampaio | 2023-04-03 17:21:10 UTC | Blocks | 2184121 | |
| Guilherme de Almeida Suckevicz | 2023-04-03 18:21:43 UTC | Summary | CVE-2023-28625 mod_auth_openidc: NULL pointer dereference when `OIDCStripCookies` is set and a crafted cookie supplied | CVE-2023-28625 mod_auth_openidc: NULL pointer dereference when OIDCStripCookies is set and a crafted cookie supplied |
| Guilherme de Almeida Suckevicz | 2023-04-03 18:23:16 UTC | Summary | CVE-2023-28625 mod_auth_openidc: NULL pointer dereference when OIDCStripCookies is set and a crafted cookie supplied | CVE-2023-28625 mod_auth_openidc: NULL pointer dereference when OIDCStripCookies is set and a crafted Cookie header is supplied |
| Guilherme de Almeida Suckevicz | 2023-04-03 18:28:41 UTC | Depends On | 2184144, 2184145 | |
| Andre Boscatto | 2023-04-03 19:29:36 UTC | QA Contact | spoore | |
| CC | aboscatt | |||
| Assignee | security-response-team | thalman | ||
| Andre Boscatto | 2023-04-03 19:32:34 UTC | Assignee | thalman | security-response-team |
| QA Contact | spoore | |||
| Guilherme de Almeida Suckevicz | 2023-04-04 14:25:16 UTC | Doc Text | A flaw was found in mod_auth_openidc, an OpenID Certified™ authentication and authorization module for the Apache HTTP server. It is possible to trigger a NULL pointer dereference when `OIDCStripCookies` is set and a crafted `Cookie` header is supplied, leading to a segmentation fault and resulting in a Denial of Service. | |
| RaTasha Tillery-Smith | 2023-04-04 19:46:00 UTC | Doc Text | A flaw was found in mod_auth_openidc, an OpenID Certified™ authentication and authorization module for the Apache HTTP server. It is possible to trigger a NULL pointer dereference when `OIDCStripCookies` is set and a crafted `Cookie` header is supplied, leading to a segmentation fault and resulting in a Denial of Service. | A flaw was found in mod_auth_openidc, an OpenID Certified™ authentication and authorization module for the Apache HTTP server. It is possible to trigger a NULL pointer dereference when `OIDCStripCookies` is set and a crafted `Cookie` header is supplied, leading to a segmentation fault and a denial of service. |
| Red Hat Bugzilla | 2023-07-07 08:29:14 UTC | Assignee | security-response-team | nobody |
Back to bug 2184118