VYPR

rpm package

suse/apache2-mod_jk&distro=SUSE Linux Enterprise Server 11 SP4

pkg:rpm/suse/apache2-mod_jk&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4

Vulnerabilities (2)

  • CVE-2018-11759Oct 31, 2018
    affected < 1.2.40-0.2.5.1fixed 1.2.40-0.2.5.1

    The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed

  • CVE-2014-8111Apr 21, 2015
    affected < 1.2.40-0.2.5.1fixed 1.2.40-0.2.5.1

    Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors.