CVE-2014-8566
published 2014-11-15CVE-2014-8566: The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via…
medium6.4CVSS 3.1
AVNACLAuNCPINAP
The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory."
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libapache2-mod-auth-mellon | < libapache2-mod-auth-mellon 0.9.1 (bookworm) | libapache2-mod-auth-mellon 0.9.1 (bookworm) |
| oracle | linux | — | — |
| uninett | mod_auth_mellon | <= 0.8.0 | — |
CVSS provenance
nvd6.4MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:P
osv6.4MEDIUM