CVE-2014-8566

Published November 15th, 2014

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.4

MEDIUM

Affected

PROJECT

Description

The mod_auth_mellon module before 0.8.1 allows remote attackers to obtain sensitive information or cause a denial of service (segmentation fault) via unspecified vectors related to a "session overflow" involving "sessions overlapping in memory."

Uninett/mod_auth_mellon

An Apache module with a simple SAML 2.0 service provider

GitHub

210