VulnerableCode Package Details - pkg:deb/debian/libapache2-mod-auth-mellon@0.9.1-1~bpo70%2B1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/libapache2-mod-auth-mellon@0.9.1-1~bpo70%2B1

Essentials
History (27)

purl	pkg:deb/debian/libapache2-mod-auth-mellon@0.9.1-1~bpo70%2B1

Next non-vulnerable version	0.17.0-1+deb11u1
Latest non-vulnerable version	0.17.0-1+deb11u1
Risk	3.6

Vulnerabilities affecting this package (7)

Vulnerability	Summary	Fixed by
VCID-a7h3-ujsg-vqhu Aliases: CVE-2017-6807	mod_auth_mellon: Cross-site session transfer vulnerability	0.12.0-2+deb9u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-bbdx-48p2-4fhw Aliases: CVE-2019-3878	security update	0.12.0-2+deb9u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.14.2-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-bj59-cvh7-bkdg Aliases: CVE-2016-2145	mod_auth_mellon: Missing error check when calling ap_get_client_block()	0.12.0-2+deb9u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-hb2c-3rxv-3kgk Aliases: CVE-2019-13038	mod_auth_mellon: Open Redirect via the login?ReturnTo= substring which could facilitate information theft	0.17.0-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-q6td-hjpx-uyba Aliases: CVE-2021-3639	mod_auth_mellon: Open Redirect vulnerability in logout URLs	0.17.0-1+deb11u1 Affected by 0 other vulnerabilities.
VCID-tbkm-srgg-67g7 Aliases: CVE-2019-3877	security update	0.12.0-2+deb9u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} 0.14.2-1 Affected by 2 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-z18x-abc1-nyek Aliases: CVE-2016-2146	mod_auth_mellon: Failure to limit amount of POST data submitted by client	0.12.0-2+deb9u1 Affected by 4 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T23:24:45.616642+00:00	Debian Oval Importer	Affected by	VCID-tbkm-srgg-67g7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:43:21.559658+00:00	Debian Oval Importer	Affected by	VCID-bbdx-48p2-4fhw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:20:38.314820+00:00	Debian Oval Importer	Affected by	VCID-a7h3-ujsg-vqhu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T22:06:42.716227+00:00	Debian Oval Importer	Affected by	VCID-hb2c-3rxv-3kgk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T21:14:41.089902+00:00	Debian Oval Importer	Affected by	VCID-z18x-abc1-nyek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T19:49:09.653047+00:00	Debian Oval Importer	Affected by	VCID-bj59-cvh7-bkdg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:21:47.652707+00:00	Debian Oval Importer	Affected by	VCID-q6td-hjpx-uyba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T14:37:20.643762+00:00	Debian Oval Importer	Affected by	VCID-bbdx-48p2-4fhw	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-15T14:23:05.608336+00:00	Debian Oval Importer	Affected by	VCID-tbkm-srgg-67g7	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.4.0
2026-04-11T23:00:13.418917+00:00	Debian Oval Importer	Affected by	VCID-tbkm-srgg-67g7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T22:19:56.521358+00:00	Debian Oval Importer	Affected by	VCID-bbdx-48p2-4fhw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:58:04.600874+00:00	Debian Oval Importer	Affected by	VCID-a7h3-ujsg-vqhu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T21:44:41.397324+00:00	Debian Oval Importer	Affected by	VCID-hb2c-3rxv-3kgk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T20:54:26.668444+00:00	Debian Oval Importer	Affected by	VCID-z18x-abc1-nyek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T19:31:28.533113+00:00	Debian Oval Importer	Affected by	VCID-bj59-cvh7-bkdg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T16:09:05.036846+00:00	Debian Oval Importer	Affected by	VCID-q6td-hjpx-uyba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T14:25:37.428495+00:00	Debian Oval Importer	Affected by	VCID-bbdx-48p2-4fhw	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-11T14:11:26.616737+00:00	Debian Oval Importer	Affected by	VCID-tbkm-srgg-67g7	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.3.0
2026-04-08T22:34:21.055508+00:00	Debian Oval Importer	Affected by	VCID-tbkm-srgg-67g7	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:56:03.517421+00:00	Debian Oval Importer	Affected by	VCID-bbdx-48p2-4fhw	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:35:16.998625+00:00	Debian Oval Importer	Affected by	VCID-a7h3-ujsg-vqhu	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T21:22:30.883743+00:00	Debian Oval Importer	Affected by	VCID-hb2c-3rxv-3kgk	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T20:33:53.624247+00:00	Debian Oval Importer	Affected by	VCID-z18x-abc1-nyek	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T19:14:50.857192+00:00	Debian Oval Importer	Affected by	VCID-bj59-cvh7-bkdg	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T16:01:40.420846+00:00	Debian Oval Importer	Affected by	VCID-q6td-hjpx-uyba	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-07T22:59:06.643833+00:00	Debian Oval Importer	Affected by	VCID-bbdx-48p2-4fhw	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0
2026-04-07T22:45:24.078604+00:00	Debian Oval Importer	Affected by	VCID-tbkm-srgg-67g7	https://www.debian.org/security/oval/oval-definitions-stretch.xml.bz2	38.1.0