CVE-2014-8567

Published November 14th, 2014

View on NVD ↗

CVSS v3

N/A

CVSS v2

9.4

HIGH

Affected

PROJECT

Description

The mod_auth_mellon module before 0.8.1 allows remote attackers to cause a denial of service (Apache HTTP server crash) via a crafted logout request that triggers a read of uninitialized data.

Uninett/mod_auth_mellon

An Apache module with a simple SAML 2.0 service provider

GitHub

210