Tomcat JK ISAPI Connector
by Apache
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2016-6808 | Cri | 0.65 | 9.8 | 0.19 | Apr 12, 2017 | Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42. | ||
| CVE-2018-1323 | Hig | 0.52 | 7.5 | 0.44 | Mar 12, 2018 | The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then… | ||
| CVE-2018-11759 | 0.08 | — | 0.91 | Oct 31, 2018 | The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed… |
- risk 0.65cvss 9.8epss 0.19
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
- risk 0.52cvss 7.5epss 0.44
The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then…
- CVE-2018-11759Oct 31, 2018risk 0.08cvss —epss 0.91
The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed…