VYPR

Tomcat JK ISAPI Connector

by Apache

CVEs (3)

  • CVE-2016-6808CriApr 12, 2017
    risk 0.65cvss 9.8epss 0.19

    Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.

  • CVE-2018-1323HigMar 12, 2018
    risk 0.52cvss 7.5epss 0.44

    The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then…

  • CVE-2018-11759Oct 31, 2018
    risk 0.08cvss epss 0.91

    The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed…