[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2019-3877":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T20:55:33.689Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":24,"aliases":25,"duplicate_of":9,"upstream":26,"downstream":27,"duplicates":42,"related":43,"reserved_at":9,"published_at":44,"modified_at":45,"state":46,"summary":47,"references_raw":56,"kevs":98,"epss":99,"epss_history":102,"metrics":365,"affected":382},"CVE-2019-3877","A vulnerability was found in mod_auth_mellon before v0.14.2. An open redirect in the logout URL allows requests with backslashes to pass through by assuming that it is a relative URL, while the browsers silently convert backslash characters into forward slashes treating them as an absolute URL. This mismatch allows an attacker to bypass the redirect URL validation logic in apr_uri_parse function.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-601","URL Redirection to Untrusted Site ('Open Redirect')","The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.","weakness","Draft","Base","Low",[20],{"id":21,"name":22,"techniques":23},"CAPEC-178","Cross-Site Flashing",[],[],[],[],[28,30,32,34,36,38,40],{"_key":29},"RHSA-2019:0766",{"_key":31},"RHSA-2019:3421",{"_key":33},"UBUNTU-CVE-2019-3877",{"_key":35},"USN-3924-1",{"_key":37},"USN-4597-1",{"_key":39},"DSA-4414-1",{"_key":41},"DEBIAN-CVE-2019-3877",[],[],"2019-03-27T12:19:19.000Z","2024-08-04T19:19:18.685Z","Modified",{"cisa_kev":48,"cisa_ransomware":48,"cisa_vendor":9,"epss_severity":49,"epss_score":50,"severity":51,"severity_score":52,"severity_version":53,"severity_source":54,"severity_vector":55,"severity_status":46},false,"low",0.00811,"medium",6.1,"v3.0","nvd","CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",[57,66,70,74,80,85,89,94],{"url":58,"sources":59,"tags":61},"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3877",[60,54],"cve.org",[62,63,64,65],"X Refsource CONFIRM","Issue Tracking","Patch","Third Party Advisory",{"url":67,"sources":68,"tags":69},"https://github.com/Uninett/mod_auth_mellon/issues/35",[60,54],[62,64,65],{"url":71,"sources":72,"tags":73},"https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8",[60,54],[62,64,65],{"url":75,"sources":76,"tags":77},"https://usn.ubuntu.com/3924-1/",[60,54],[78,79,65],"Vendor Advisory","X Refsource UBUNTU",{"url":81,"sources":82,"tags":83},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CNW5YMC5TLWVWNJEY6AIWNSNPRAMWPQJ/",[60,54],[78,84],"X Refsource FEDORA",{"url":86,"sources":87,"tags":88},"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X7NLAU7KROWNTHAYSA2S67X347F42L2I/",[60,54],[78,84],{"url":90,"sources":91,"tags":92},"https://access.redhat.com/errata/RHSA-2019:0766",[60,54],[78,93],"X Refsource REDHAT",{"url":95,"sources":96,"tags":97},"https://access.redhat.com/errata/RHSA-2019:3421",[60,54],[78,93],[],{"date":100,"score":50,"percentile":101},"2026-06-05",0.74632,[103,107,110,113,116,119,122,125,127,130,133,136,139,142,145,149,152,155,158,161,164,166,169,171,174,177,179,182,185,188,191,194,197,200,203,205,208,211,214,217,219,222,225,228,231,234,237,239,242,245,248,251,254,257,260,263,265,268,271,274,277,280,282,285,288,291,294,297,301,304,307,310,313,316,319,322,325,328,331,334,337,340,343,346,349,351,354,356,359,362],{"date":104,"score":105,"percentile":106},"2025-11-04",0.0061,0.68909,{"date":108,"score":105,"percentile":109},"2025-11-05",0.68895,{"date":111,"score":105,"percentile":112},"2025-11-06",0.68894,{"date":114,"score":105,"percentile":115},"2025-11-07",0.68906,{"date":117,"score":105,"percentile":118},"2025-11-08",0.68907,{"date":120,"score":105,"percentile":121},"2025-11-09",0.68897,{"date":123,"score":105,"percentile":124},"2025-11-10",0.68887,{"date":126,"score":105,"percentile":109},"2025-11-11",{"date":128,"score":105,"percentile":129},"2025-11-12",0.68918,{"date":131,"score":105,"percentile":132},"2025-11-13",0.68925,{"date":134,"score":105,"percentile":135},"2025-11-14",0.68934,{"date":137,"score":105,"percentile":138},"2025-11-15",0.68931,{"date":140,"score":105,"percentile":141},"2025-11-16",0.68928,{"date":143,"score":105,"percentile":144},"2025-11-17",0.68926,{"date":146,"score":147,"percentile":148},"2025-11-18",0.00512,0.63879,{"date":150,"score":147,"percentile":151},"2025-11-19",0.63891,{"date":153,"score":147,"percentile":154},"2025-11-20",0.63892,{"date":156,"score":105,"percentile":157},"2025-11-21",0.68944,{"date":159,"score":105,"percentile":160},"2025-11-22",0.6894,{"date":162,"score":105,"percentile":163},"2025-11-23",0.68929,{"date":165,"score":105,"percentile":129},"2025-11-24",{"date":167,"score":105,"percentile":168},"2025-11-25",0.68923,{"date":170,"score":105,"percentile":138},"2025-11-26",{"date":172,"score":105,"percentile":173},"2025-11-27",0.68933,{"date":175,"score":105,"percentile":176},"2025-11-28",0.68922,{"date":178,"score":105,"percentile":106},"2025-11-29",{"date":180,"score":105,"percentile":181},"2025-11-30",0.68903,{"date":183,"score":105,"percentile":184},"2025-12-01",0.69054,{"date":186,"score":105,"percentile":187},"2025-12-02",0.69062,{"date":189,"score":105,"percentile":190},"2025-12-03",0.69058,{"date":192,"score":105,"percentile":193},"2025-12-04",0.68898,{"date":195,"score":105,"percentile":196},"2025-12-05",0.68915,{"date":198,"score":105,"percentile":199},"2025-12-06",0.68919,{"date":201,"score":105,"percentile":202},"2025-12-07",0.68913,{"date":204,"score":105,"percentile":199},"2025-12-08",{"date":206,"score":105,"percentile":207},"2025-12-09",0.68948,{"date":209,"score":105,"percentile":210},"2025-12-10",0.68991,{"date":212,"score":105,"percentile":213},"2025-12-11",0.69011,{"date":215,"score":105,"percentile":216},"2025-12-12",0.69038,{"date":218,"score":105,"percentile":216},"2025-12-13",{"date":220,"score":105,"percentile":221},"2025-12-14",0.69042,{"date":223,"score":105,"percentile":224},"2025-12-15",0.69039,{"date":226,"score":105,"percentile":227},"2025-12-16",0.69048,{"date":229,"score":105,"percentile":230},"2025-12-17",0.6906,{"date":232,"score":105,"percentile":233},"2025-12-18",0.69091,{"date":235,"score":105,"percentile":236},"2025-12-19",0.69108,{"date":238,"score":105,"percentile":236},"2025-12-20",{"date":240,"score":105,"percentile":241},"2025-12-21",0.69092,{"date":243,"score":105,"percentile":244},"2025-12-22",0.69095,{"date":246,"score":105,"percentile":247},"2025-12-23",0.69093,{"date":249,"score":105,"percentile":250},"2025-12-24",0.69098,{"date":252,"score":105,"percentile":253},"2025-12-25",0.69125,{"date":255,"score":105,"percentile":256},"2025-12-26",0.69126,{"date":258,"score":105,"percentile":259},"2025-12-27",0.69172,{"date":261,"score":105,"percentile":262},"2025-12-28",0.69097,{"date":264,"score":105,"percentile":241},"2025-12-29",{"date":266,"score":105,"percentile":267},"2025-12-30",0.69105,{"date":269,"score":105,"percentile":270},"2025-12-31",0.6912,{"date":272,"score":105,"percentile":273},"2026-01-01",0.69292,{"date":275,"score":105,"percentile":276},"2026-01-02",0.69283,{"date":278,"score":105,"percentile":279},"2026-01-03",0.69282,{"date":281,"score":105,"percentile":253},"2026-01-04",{"date":283,"score":105,"percentile":284},"2026-01-05",0.69112,{"date":286,"score":105,"percentile":287},"2026-01-06",0.69122,{"date":289,"score":105,"percentile":290},"2026-01-07",0.69137,{"date":292,"score":105,"percentile":293},"2026-01-08",0.69154,{"date":295,"score":105,"percentile":296},"2026-01-09",0.6916,{"date":298,"score":299,"percentile":300},"2026-01-10",0.00598,0.68785,{"date":302,"score":299,"percentile":303},"2026-01-11",0.68776,{"date":305,"score":299,"percentile":306},"2026-01-12",0.68768,{"date":308,"score":299,"percentile":309},"2026-01-13",0.68767,{"date":311,"score":299,"percentile":312},"2026-01-14",0.68799,{"date":314,"score":299,"percentile":315},"2026-01-15",0.68805,{"date":317,"score":50,"percentile":318},"2026-01-16",0.73768,{"date":320,"score":50,"percentile":321},"2026-01-17",0.73767,{"date":323,"score":50,"percentile":324},"2026-01-18",0.73744,{"date":326,"score":50,"percentile":327},"2026-01-19",0.73731,{"date":329,"score":50,"percentile":330},"2026-01-20",0.73734,{"date":332,"score":50,"percentile":333},"2026-01-21",0.73738,{"date":335,"score":50,"percentile":336},"2026-01-22",0.73743,{"date":338,"score":50,"percentile":339},"2026-01-23",0.73772,{"date":341,"score":50,"percentile":342},"2026-01-24",0.73781,{"date":344,"score":50,"percentile":345},"2026-01-25",0.73765,{"date":347,"score":50,"percentile":348},"2026-01-26",0.73763,{"date":350,"score":50,"percentile":318},"2026-01-27",{"date":352,"score":50,"percentile":353},"2026-01-28",0.73783,{"date":355,"score":50,"percentile":353},"2026-01-29",{"date":357,"score":50,"percentile":358},"2026-01-30",0.73788,{"date":360,"score":50,"percentile":361},"2026-01-31",0.73794,{"date":363,"score":50,"percentile":364},"2026-02-01",0.73919,[366,373],{"source":60,"cvss_v2_0":9,"cvss_v3_0":367,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":368,"baseSeverity":369,"vectorString":370,"impactScore":371,"exploitabilityScore":372},5.8,"MEDIUM","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",2.3,10,{"source":54,"cvss_v2_0":374,"cvss_v3_0":379,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":375,"baseSeverity":9,"vectorString":376,"impactScore":377,"exploitabilityScore":378},4.3,"AV:N/AC:M/Au:N/C:N/I:P/A:N",2.9,8.6,{"baseScore":52,"baseSeverity":369,"vectorString":55,"impactScore":380,"exploitabilityScore":381},4.5,7.2,[383,394,400,411,418],{"ecosystem":9,"name":384,"vendor":385,"product":386,"cpe_part":387,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":388},"ubuntu linux","canonical","ubuntu_linux","o",[389,392],{"version":390,"is_range":48,"range_type":391,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04","cpe",{"version":393,"is_range":48,"range_type":391,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.10",{"ecosystem":9,"name":395,"vendor":396,"product":395,"cpe_part":387,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":397},"fedora","fedoraproject",[398],{"version":399,"is_range":48,"range_type":391,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"29",{"ecosystem":9,"name":401,"vendor":402,"product":403,"cpe_part":404,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":405},"mod auth mellon","mod_auth_mellon_project","mod_auth_mellon","a",[406],{"version":407,"is_range":408,"range_type":391,"version_start":9,"version_start_type":9,"version_end":409,"version_end_type":410,"fixed_in":9},"lt0.14.2",true,"0.14.2","excluding",{"ecosystem":9,"name":412,"vendor":413,"product":414,"cpe_part":387,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":415},"enterprise linux","redhat","enterprise_linux",[416],{"version":417,"is_range":48,"range_type":391,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0",{"ecosystem":9,"name":401,"vendor":419,"product":403,"cpe_part":404,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":420},"uninett",[421],{"version":422,"is_range":48,"range_type":60,"version_start":422,"version_start_type":423,"version_end":422,"version_end_type":423,"fixed_in":9},"v0.14.2","including"]