Vulnerability Database
Blog
FAQ
Docs
RHSA-2023:6940
See a problem?
Please try reporting it
to the source
first.
Source
https://access.redhat.com/errata/RHSA-2023:6940
Import Source
https://security.access.redhat.com/data/osv/RHSA-2023:6940.json
JSON Data
https://api.test.osv.dev/v1/vulns/RHSA-2023:6940
Related
CVE-2022-23527
CVE-2023-28625
Published
2024-09-16T11:42:27Z
Modified
2024-11-22T22:58:16Z
Severity
7.5 (High)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS Calculator
Summary
Red Hat Security Advisory: mod_auth_openidc:2.3 security and bug fix update
Details
References
https://access.redhat.com/errata/RHSA-2023:6940
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index
https://bugzilla.redhat.com/show_bug.cgi?id=2072469
https://bugzilla.redhat.com/show_bug.cgi?id=2141850
https://bugzilla.redhat.com/show_bug.cgi?id=2153655
https://bugzilla.redhat.com/show_bug.cgi?id=2184118
https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhsa-2023_6940.json
https://access.redhat.com/security/cve/CVE-2022-23527
https://www.cve.org/CVERecord?id=CVE-2022-23527
https://nvd.nist.gov/vuln/detail/CVE-2022-23527
https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-q6f2-285m-gr53
https://access.redhat.com/security/cve/CVE-2023-28625
https://www.cve.org/CVERecord?id=CVE-2023-28625
https://nvd.nist.gov/vuln/detail/CVE-2023-28625
https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-f5xw-rvfr-24qr
Affected packages
Red Hat:enterprise_linux:8::appstream
/
cjose
Package
Name
cjose
Purl
pkg:rpm/redhat/cjose
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.6.1-4.module+el8.9.0+19469+5b493da9
Red Hat:enterprise_linux:8::appstream
/
cjose-debuginfo
Package
Name
cjose-debuginfo
Purl
pkg:rpm/redhat/cjose-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.6.1-4.module+el8.9.0+19469+5b493da9
Red Hat:enterprise_linux:8::appstream
/
cjose-debugsource
Package
Name
cjose-debugsource
Purl
pkg:rpm/redhat/cjose-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.6.1-4.module+el8.9.0+19469+5b493da9
Red Hat:enterprise_linux:8::appstream
/
cjose-devel
Package
Name
cjose-devel
Purl
pkg:rpm/redhat/cjose-devel
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:0.6.1-4.module+el8.9.0+19469+5b493da9
Red Hat:enterprise_linux:8::appstream
/
mod_auth_openidc
Package
Name
mod_auth_openidc
Purl
pkg:rpm/redhat/mod_auth_openidc
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.9.4-5.module+el8.9.0+18723+672ccf5d
Red Hat:enterprise_linux:8::appstream
/
mod_auth_openidc-debuginfo
Package
Name
mod_auth_openidc-debuginfo
Purl
pkg:rpm/redhat/mod_auth_openidc-debuginfo
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.9.4-5.module+el8.9.0+18723+672ccf5d
Red Hat:enterprise_linux:8::appstream
/
mod_auth_openidc-debugsource
Package
Name
mod_auth_openidc-debugsource
Purl
pkg:rpm/redhat/mod_auth_openidc-debugsource
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0:2.4.9.4-5.module+el8.9.0+18723+672ccf5d
RHSA-2023:6940 - OSV