62 matches found
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : Apache Tomcat Connectors vulnerability (USN-8369-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8369-1 advisory. It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like...
USN-8369-1: Apache Tomcat Connectors vulnerability
It was discovered that Apache Tomcat Connectors used incorrect default permissions for shared memory on Unix-like systems. A local attacker could possibly use this issue to view or modify modjk configuration data in shared memory, resulting in sensitive information exposure or a denial of service...
Improper Validation of Syntactic Correctness of Input
Overview org.apache.tomcat:coyote is a maven plugin for Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Improper Validation of Syntactic Correctness of Input in the processing of HTTP/2 request headers. An attacker can cause unexpected behavior or potentiall...
Improper Certificate Validation
Overview org.apache.tomcat:tomcat-coyote is a Tomcat Connectors and HTTP parser. Affected versions of this package are vulnerable to Improper Certificate Validation in getSSLHostConfig, which does not sufficiently account for all protocol host name inputs. An attacker can access sensitive...
MiracleLinux 9 : mod_jk-1.2.49-1.el9, mod_proxy_cluster-1.3.20-1.el9 (AXSA:2024-7930:01)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7930:01 advisory. httpd: Apache Tomcat Connectors modjk Information Disclosure CVE-2023-41081 modcluster/modproxycluster: Stored Cross site Scripting CVE-2023-6710...
EUVD-2014-7957
Malware in sbrugna...
EUVD-2023-45601
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-46544
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which...
SUSE CVE-2023-41081
Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, modjk would use an...
mod_jk: information Disclosure / DoS
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...
mod_jk: information Disclosure / DoS
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...
mod_jk: information Disclosure / DoS
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...
Mageia: Security Advisory (MGASA-2024-0315)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
mod_jk: information Disclosure / DoS
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...
mod_jk: information Disclosure / DoS
An Incorrect Default Permissions vulnerability was found in Apache Tomcat Connectors that allows local users to view and modify shared memory containing modjk configuration, which may lead to information disclosure and denial of service...
SUSE CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
DEBIAN-CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
UBUNTU-CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...