Mod Auth Mellon Project Mod Auth Mellon — known CVE vulnerabilities
Every CVE whose affected-product data names Mod Auth Mellon Project Mod Auth Mellon, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2019-3878 — CVSS 8.1 (high): A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache is configured as a reverse proxy and mod_auth_mellon is configured…
CVE-2019-13038 — CVSS 6.1 (medium): mod_auth_mellon through 0.14.2 has an Open Redirect via the login?ReturnTo= substring, as demonstrated by omitting the // after http: in…
CVE-2019-3877 — CVSS 5.8 (medium): A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass…