VYPR

rpm package

almalinux/mod_proxy_cluster

pkg:rpm/almalinux/mod_proxy_cluster

Vulnerabilities (3)

  • CVE-2024-10306MedApr 23, 2025
    affected < 1.3.22-1.el9_6.1fixed 1.3.22-1.el9_6.1

    A vulnerability was found in mod_proxy_cluster. The issue is that the directive should be replaced by the directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might

  • CVE-2023-6710Dec 12, 2023
    affected < 1.3.20-1.el9_4fixed 1.3.20-1.el9_4

    A flaw was found in the mod_proxy_cluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting (XSS) vulnerability. By adding a script on the alias parameter on the URL, it adds

  • CVE-2023-41081Sep 13, 2023
    affected < 1.3.20-1.el9_4fixed 1.3.20-1.el9_4

    Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requ