Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
oraclelinuxOracleLinuxELSA-2023-4418
HistoryAug 02, 2023 - 12:00 a.m.

mod_auth_openidc:2.3 security update

2023-08-0200:00:00
linux.oracle.com
8
mod_auth_openidc
security update
cjose
cve-2023-37464
aes gcm decryption
jwe
rhbz#2223308
rebase
rhbz#2025368

EPSS

0.003

Percentile

65.9%

JSON

cjose
[0.6.1-3]

  • CVE-2023-37464 cjose: AES GCM decryption uses the Tag length from the actual
    Authentication Tag provided in the JWE
    Resolves: rhbz#2223308
    mod_auth_openidc
    [2.4.9.4-1]
  • Resolves: rhbz#2025368 - Rebase to new version
OSVersionArchitecturePackageVersionFilename
oracle linux8srccjose< 0.6.1-3.modulecjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.src.rpm
oracle linux8srcmod_auth_openidc< 2.4.9.4-1.modulemod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm
oracle linux8aarch64cjose< 0.6.1-3.modulecjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm
oracle linux8aarch64cjose-devel< 0.6.1-3.modulecjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.aarch64.rpm
oracle linux8aarch64mod_auth_openidc< 2.4.9.4-1.modulemod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.aarch64.rpm
oracle linux8srccjose< 0.6.1-3.modulecjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.src.rpm
oracle linux8srcmod_auth_openidc< 2.4.9.4-1.modulemod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.src.rpm
oracle linux8x86_64cjose< 0.6.1-3.modulecjose-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm
oracle linux8x86_64cjose-devel< 0.6.1-3.modulecjose-devel-0.6.1-3.module+el8.8.0+21137+b6cedbc2.x86_64.rpm
oracle linux8x86_64mod_auth_openidc< 2.4.9.4-1.modulemod_auth_openidc-2.4.9.4-1.module+el8.7.0+20769+fca4d9d0.x86_64.rpm

Related

debiancve 1
ubuntucve 1
nessus 22
openvas 10
redhat 7
ubuntu 1
osv 7
redhatcve 1
oraclelinux 1
fedora 3
cvelist 1
almalinux 2
alpinelinux 1
debian 2
rocky 1
veracode 1
prion 1
mageia 1
nvd 1
cve 1
debiancve
debiancve
CVE-2023-37464
2023-07-14 21:15:08
ubuntucve
ubuntucve
CVE-2023-37464
2023-07-14 00:00:00
nessus
nessus
Oracle Linux 8 : mod_auth_openidc:2.3 (ELSA-2023-4418)
2023-08-02 00:00:00
RHEL 8 : mod_auth_openidc:2.3 (RHSA-2023:4410)
2023-08-01 00:00:00
CentOS 8 : mod_auth_openidc:2.3 (CESA-2023:4418)
2023-08-01 00:00:00
openvas
openvas
Fedora: Security Advisory for cjose (FEDORA-2023-cf01e05114)
2023-09-13 00:00:00
openSUSE: Security Advisory for cjose (SUSE-SU-2023:3230-1)
2024-03-04 00:00:00
Fedora: Security Advisory for cjose (FEDORA-2023-151d5b3da1)
2023-09-13 00:00:00
redhat
redhat
(RHSA-2023:4409) Important: mod_auth_openidc:2.3 security update
2023-08-01 13:27:34
(RHSA-2023:4417) Important: cjose security update
2023-08-01 13:48:07
(RHSA-2023:4418) Important: mod_auth_openidc:2.3 security update
2023-08-01 13:49:42
ubuntu
ubuntu
JOSE for C/C++ vulnerability
2023-08-24 00:00:00
osv
osv
Important: mod_auth_openidc:2.3 security update
2023-08-01 00:00:00
CVE-2023-37464
2023-07-14 21:15:08
cjose vulnerability
2023-08-24 22:02:11
redhatcve
redhatcve
CVE-2023-37464
2023-07-18 05:04:24
oraclelinux
oraclelinux
cjose security update
2023-08-02 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: cjose-0.6.2.2-2.fc37
2023-09-10 01:20:43
[SECURITY] Fedora 38 Update: cjose-0.6.2.2-2.fc38
2023-09-10 01:21:04
[SECURITY] Fedora 39 Update: cjose-0.6.2.2-2.fc39
2023-09-15 19:05:38
cvelist
cvelist
CVE-2023-37464 Incorrect Authentication Tag length usage in AES GCM decryption in OpenIDC/cjose
2023-07-14 20:25:18
almalinux
almalinux
Important: cjose security update
2023-08-01 00:00:00
Important: mod_auth_openidc:2.3 security update
2023-08-01 00:00:00
alpinelinux
alpinelinux
CVE-2023-37464
2023-07-14 21:15:08
debian
debian
[SECURITY] [DSA 5472-1] cjose security update
2023-08-08 19:19:32
[SECURITY] [DLA 3515-1] cjose security update
2023-08-04 10:28:48
rocky
rocky
mod_auth_openidc:2.3 security update
2023-08-08 12:34:39
veracode
veracode
Weak Encryption
2023-07-19 09:31:48
prion
prion
Authentication flaw
2023-07-14 21:15:00
mageia
mageia
Updated cjose packages fix a security vulnerability
2023-12-19 01:41:39
nvd
nvd
CVE-2023-37464
2023-07-14 21:15:08
cve
cve
CVE-2023-37464
2023-07-14 21:15:08

EPSS

0.003

Percentile

65.9%

JSON
Related for ELSA-2023-4418
debiancve1ubuntucve1nessus22openvas10redhat7ubuntu1osv7redhatcve1oraclelinux1fedora3cvelist1almalinux2alpinelinux1debian2rocky1veracode1prion1mageia1nvd1cve1