Apache · Mod Auth Openidc · CVE-2019-14857
**Name of the Vulnerable Software and Affected Versions**
mod auth openidc versions prior to 2.4.0.1
Apache HTTP Server (affected versions not specified)
**Description**
A flaw exists related to open redirect issues in URLs with trailing slashes. There is also an issue with insufficient protection of web pages in the mod auth digest component of the Apache HTTP Server, which could allow a remote attacker to gain unauthorized access to confidential information or execute arbitrary code.
**Recommendations**
For mod auth openidc versions prior to 2.4.0.1, update to version 2.4.0.1 or later.
For Apache HTTP Server, at the moment, there is no information about a newer version that contains a fix for this vulnerability.