cpe:/a:uninett:mod_auth_mellon:0.11.0 cpe:/o:fedoraproject:fedora:23 CVE-2016-2146 2016-04-15T10:59:12.083-04:00 2016-04-25T09:58:22.127-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2016-04-17T10:51:58.317-04:00 FEDORA FEDORA-2016-5cf6959198 MLIST [modmellon] 20160309 security update: mod_auth_mellon version 0.11.1 CONFIRM https://github.com/UNINETT/mod_auth_mellon/pull/71 The am_read_post_data function in mod_auth_mellon before 0.11.1 does not limit the amount of data read, which allows remote attackers to cause a denial of service (worker process crash, web server deadlock, or memory consumption) via a large amount of POST data.