rpm package
suse/apache2-mod_jk&distro=SUSE Linux Enterprise Server for SAP Applications 11 SP4
pkg:rpm/suse/apache2-mod_jk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-11759 | — | < 1.2.40-0.2.5.1 | 1.2.40-0.2.5.1 | Oct 31, 2018 | The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed | ||
| CVE-2014-8111 | — | < 1.2.40-0.2.5.1 | 1.2.40-0.2.5.1 | Apr 21, 2015 | Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors. |
- CVE-2018-11759Oct 31, 2018affected < 1.2.40-0.2.5.1fixed 1.2.40-0.2.5.1
The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed
- CVE-2014-8111Apr 21, 2015affected < 1.2.40-0.2.5.1fixed 1.2.40-0.2.5.1
Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors.