CVE-2021-32791: 
Apache HTTP Server vulnerability analysis and mitigation

CVE-2021-32791 affects modauthopenidc, an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party. The vulnerability was discovered in versions before 2.4.9 and was disclosed in July 2021 (GitHub Advisory).

The vulnerability stems from the AES GCM encryption implementation in modauthopenidc using static Initialization Vector (IV) and Additional Authenticated Data (AAD). This creates a static nonce, and since AES-GCM is a stream cipher, using the same key with a static nonce can lead to known cryptographic issues (GitHub Advisory).

The use of static IV and AAD with a reused key in AES GCM encryption could potentially compromise the security of encrypted data, as it violates cryptographic best practices and could make the encryption vulnerable to cryptographic attacks (GitHub Advisory).

The vulnerability was patched in version 2.4.9 by implementing dynamic values through the usage of cjose AES encryption routines. Users are advised to upgrade to version 2.4.9 or later. Note that the format of encrypted cache contents have changed, and existing server-side sessions cannot survive an update to 2.4.9. It is recommended to clear the cache contents before restarting the Apache server with the upgraded module (GitHub Release).