CVE-2021-20718

HIGH

mod_auth_openidc 2.4.0-2.4.7 - Denial of Service

Title source: llm
STIX 2.1

Description

mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors.

References (6)

Core 6
Core References
Vendor Advisory x_refsource_misc
https://www.zmartzone.eu/
Product, Third Party Advisory x_refsource_misc
https://github.com/zmartzone/mod_auth_openidc
Third Party Advisory x_refsource_misc
https://jvn.jp/en/jp/JVN49704918/index.html
Third Party Advisory x_refsource_misc
https://www.oracle.com/security-alerts/cpujan2022.html

Scores

CVSS v3 7.5
EPSS 0.0185
EPSS Percentile 83.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-400
Status published
Products (4)
fedoraproject/fedora 33
fedoraproject/fedora 34
openidc/mod_auth_openidc 2.4.0 - 2.4.7
oracle/essbase < 21.3
Published May 20, 2021
Tracked Since Feb 18, 2026