{"id":"RHSA-2022:1823","summary":"Red Hat Security Advisory: mod_auth_openidc:2.3 security update","modified":"2026-03-11T07:28:17.332762Z","published":"2024-09-16T06:47:21Z","upstream":["CVE-2021-32786","CVE-2021-32791","CVE-2021-32792","CVE-2021-39191"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2022:1823"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#moderate"},{"type":"ARTICLE","url":"https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.6_release_notes/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1986102"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1986395"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1986397"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2001646"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2022/rhsa-2022_1823.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-32786"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-32786"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32786"},{"type":"ARTICLE","url":"https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-xm4c-5wm5-jqv7"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-32791"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-32791"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32791"},{"type":"ARTICLE","url":"https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-px3c-6x7j-3r9r"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-32792"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-32792"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-32792"},{"type":"ARTICLE","url":"https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-458c-7pwg-3j7j"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2021-39191"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2021-39191"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-39191"},{"type":"ARTICLE","url":"https://github.com/zmartzone/mod_auth_openidc/security/advisories/GHSA-2pgf-8h6h-gqg2"}],"affected":[{"package":{"name":"cjose","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/cjose"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.6.1-2.module+el8+2454+f890a43a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:1823.json"}},{"package":{"name":"cjose-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/cjose-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.6.1-2.module+el8+2454+f890a43a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:1823.json"}},{"package":{"name":"cjose-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/cjose-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.6.1-2.module+el8+2454+f890a43a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:1823.json"}},{"package":{"name":"cjose-devel","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/cjose-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:0.6.1-2.module+el8+2454+f890a43a"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:1823.json"}},{"package":{"name":"mod_auth_openidc","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/mod_auth_openidc"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.7-11.module+el8.6.0+14082+b6f23e95"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:1823.json"}},{"package":{"name":"mod_auth_openidc-debuginfo","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/mod_auth_openidc-debuginfo"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.7-11.module+el8.6.0+14082+b6f23e95"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:1823.json"}},{"package":{"name":"mod_auth_openidc-debugsource","ecosystem":"Red Hat:enterprise_linux:8::appstream","purl":"pkg:rpm/redhat/mod_auth_openidc-debugsource"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:2.3.7-11.module+el8.6.0+14082+b6f23e95"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2022:1823.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}