rpm package
almalinux/mod_proxy_cluster
pkg:rpm/almalinux/mod_proxy_cluster
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-10306 | Med | 5.4 | < 1.3.22-1.el9_6.1 | 1.3.22-1.el9_6.1 | Apr 23, 2025 | A vulnerability was found in mod_proxy_cluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might | |
| CVE-2023-6710 | — | < 1.3.20-1.el9_4 | 1.3.20-1.el9_4 | Dec 12, 2023 | A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds | ||
| CVE-2023-41081 | — | < 1.3.20-1.el9_4 | 1.3.20-1.el9_4 | Sep 13, 2023 | Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requ |
- affected < 1.3.22-1.el9_6.1fixed 1.3.22-1.el9_6.1
A vulnerability was found in mod_proxy_cluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might
- CVE-2023-6710Dec 12, 2023affected < 1.3.20-1.el9_4fixed 1.3.20-1.el9_4
A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds
- CVE-2023-41081Sep 13, 2023affected < 1.3.20-1.el9_4fixed 1.3.20-1.el9_4
Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requ