Download
| Alert*
oval:org.secpod.oval:def:602129
An information disclosure flaw due to incorrect JkMount/JkUnmount directives processing was found in the Apache 2 module mod_jk to forward requests from the Apache web server to Tomcat. A JkUnmount rule for a subtree of a previous JkMount rule could be ignored. This could allow a remote attacker to ... oval:org.secpod.oval:def:89002184 This update for apache2-mod_jk fixes the following issues: Security issues fixed: - CVE-2018-11759: Fixed connector path traversal due to mishandled HTTP requests in httpd . - CVE-2014-8111: Apache Tomcat Connectors ignored JkUnmount rules for subtrees of previous JkMount rules, which allowed remot ... |