- Vulnerability/
- USN-4291-1
USN-4291-1: mod-auth-mellon vulnerability
First published: Mon Feb 24 2020(Updated: )
It was discovered that mod_auth_mellon incorrectly handled certain requests. An attacker could possibly use this issue to redirect a user to a malicious URL.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/libapache2-mod-auth-mellon | <0.14.2-1ubuntu1.19.10.1 | 0.14.2-1ubuntu1.19.10.1 |
| =19.10 | ||
| All of | ||
| ubuntu/libapache2-mod-auth-mellon | <0.13.1-1ubuntu0.2 | 0.13.1-1ubuntu0.2 |
| =18.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this mod-auth-mellon vulnerability?
The vulnerability ID for this mod-auth-mellon vulnerability is USN-4291-1.
What is the description of the mod-auth-mellon vulnerability?
The mod-auth-mellon vulnerability allows an attacker to redirect a user to a malicious URL.
Which software is affected by this mod-auth-mellon vulnerability?
The software affected by this mod-auth-mellon vulnerability is libapache2-mod-auth-mellon.
Which versions of Ubuntu are affected by this mod-auth-mellon vulnerability?
Ubuntu 19.10 and Ubuntu 18.04 are affected by this mod-auth-mellon vulnerability.
How can I fix the mod-auth-mellon vulnerability?
To fix the mod-auth-mellon vulnerability, update the libapache2-mod-auth-mellon package to version 0.14.2-1ubuntu1.19.10.1 for Ubuntu 19.10 or version 0.13.1-1ubuntu0.2 for Ubuntu 18.04.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/19.10
- version/ubuntu ubuntu/18.04