VYPR

rpm package

almalinux/mod_jk

pkg:rpm/almalinux/mod_jk

Vulnerabilities (3)

  • CVE-2024-46544Sep 23, 2024
    affected < 1.2.50-1.el9_4.1fixed 1.2.50-1.el9_4.1

    Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing mod_jk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-

  • CVE-2023-6710Dec 12, 2023
    affected < 1.2.49-1.el9_4fixed 1.2.49-1.el9_4

    A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds

  • CVE-2023-41081Sep 13, 2023
    affected < 1.2.49-1.el9_4fixed 1.2.49-1.el9_4

    Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requ