mod_session vulnerabilities

Known vulnerabilities in the mod_session package. This does not include vulnerabilities belonging to this package’s dependencies.

Vulnerability	Vulnerable Version
M Incorrect Check of Function Return Value	<0:2.4.65-1.amzn2023.0.1
H Memory Leak	<0:2.4.64-1.amzn2023.0.1
H Improper Authentication	<0:2.4.64-1.amzn2023.0.1
H Server-Side Request Forgery (SSRF)	<0:2.4.64-1.amzn2023.0.1
H Improper Access Control	<0:2.4.64-1.amzn2023.0.1
H Reachable Assertion	<0:2.4.64-1.amzn2023.0.1
H Improper Output Neutralization for Logs	<0:2.4.64-1.amzn2023.0.1
H HTTP Response Splitting	<0:2.4.64-1.amzn2023.0.1
H Exposure of Resource to Wrong Sphere	<0:2.4.62-1.amzn2023
H Improper Encoding or Escaping of Output	<0:2.4.61-1.amzn2023
H Improper Encoding or Escaping of Output	<0:2.4.61-1.amzn2023
H Inclusion of Functionality from Untrusted Control Sphere	<0:2.4.61-1.amzn2023
H Improper Encoding or Escaping of Output	<0:2.4.61-1.amzn2023
H Information Exposure	<0:2.4.61-1.amzn2023
H Improper Input Validation	<0:2.4.61-1.amzn2023
H NULL Pointer Dereference	<0:2.4.61-1.amzn2023
M HTTP Response Splitting	<0:2.4.59-2.amzn2023
M Improper Input Validation	<0:2.4.59-2.amzn2023
H Resource Exhaustion	<0:2.4.58-1.amzn2023
H Resource Exhaustion	<0:2.4.58-1.amzn2023
H Out-of-bounds Read	<0:2.4.58-1.amzn2023
H HTTP Response Splitting	<0:2.4.56-1.amzn2023
H HTTP Response Splitting	<0:2.4.56-1.amzn2023
H HTTP Response Splitting	<0:2.4.55-1.amzn2023
H HTTP Request Smuggling	<0:2.4.55-1.amzn2023
H Out-of-bounds Write	<0:2.4.55-1.amzn2023
H Insufficient Verification of Data Authenticity	<0:2.4.54-3.amzn2023.0.4
H Information Exposure	<0:2.4.54-3.amzn2023.0.4
H Allocation of Resources Without Limits or Throttling	<0:2.4.54-3.amzn2023.0.4
H Allocation of Resources Without Limits or Throttling	<0:2.4.54-3.amzn2023.0.4
H Integer Overflow or Wraparound	<0:2.4.54-3.amzn2023.0.4
H Integer Overflow or Wraparound	<0:2.4.54-3.amzn2023.0.4
H Out-of-bounds Read	<0:2.4.54-3.amzn2023.0.4
H HTTP Request Smuggling	<0:2.4.54-3.amzn2023.0.4
H Integer Overflow or Wraparound	<0:2.4.54-3.amzn2023.0.4
H Out-of-bounds Write	<0:2.4.54-3.amzn2023.0.4
H HTTP Request Smuggling	<0:2.4.54-3.amzn2023.0.4
H Improper Initialization	<0:2.4.54-3.amzn2023.0.4
H Resource Exhaustion	<0:2.4.54-3.amzn2023.0.4
H NULL Pointer Dereference	<0:2.4.54-3.amzn2023.0.4

Vulnerability

Vulnerable Version

Incorrect Check of Function Return Value

<0:2.4.65-1.amzn2023.0.1

Memory Leak

<0:2.4.64-1.amzn2023.0.1

Improper Authentication

<0:2.4.64-1.amzn2023.0.1

Server-Side Request Forgery (SSRF)

<0:2.4.64-1.amzn2023.0.1

Improper Access Control

<0:2.4.64-1.amzn2023.0.1