18 matches found
Security Bulletin: IBM DevOps Release addresses multiple vulnerabilities related to Apache Tomcat.
Summary IBM DevOps Release 7.0.0.4 addresses multiple vulnerabilities related to Apache Tomcat. Vulnerability Details CVEID:CVE-2024-46544 DESCRIPTION: Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk...
SUSE SLES12 Security Update : apache2-mod_jk (SUSE-SU-2025:0143-1)
The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:0143-1 advisory. - Update to version 1.2.50: - CVE-2024-46544: Fixed incorrect default permissions vulnerabilitymay that could lead to information disclosure and/or...
SUSE: Security Advisory (SUSE-SU-2025:0143-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2025:0143-1 Security update for apache2-mod_jk
This update for apache2-modjk fixes the following issues: - Update to version 1.2.50: - CVE-2024-46544: Fixed incorrect default permissions vulnerabilitymay that could lead to information disclosure and/or denial of service. bsc1230916...
openSUSE Security Advisory (SUSE-SU-2025:0102-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 9 : mod_jk (RHSA-2024:8928)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:8928 advisory. The modjk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. Security Fixes: modjk: information...
RHEL 9 : mod_jk (RHSA-2024:8929)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:8929 advisory. The modjk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. Security Fixes: modjk: information...
K000148382: Apache Tomcat Connectors vulnerability CVE-2024-46544
Security Advisory Description Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors:...
AlmaLinux 9 : mod_jk bug fix update (Medium) (ALSA-2024:7457)
The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:7457 advisory. The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstre...
RHEL 9 : mod_jk update (Moderate) (RHSA-2024:7457)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:7457 advisory. The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes:...
Moderate: Red Hat Security Advisory: mod_jk bug fix update
An update for modjk is now available for Red Hat Enterprise Linux 9.4. The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstream 1.2.50 release JIRA:RHEL-58855 Security fixes: modjk:...
ALSA-2024:7457 Moderate: mod_jk bug fix update
The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstream 1.2.50 release JIRA:AlmaLinux-58855 Security fixes: modjk: information Disclosure / DoS CVE-2024-46544 JIRA:AlmaLinux-59800...
MGASA-2024-0315 Updated apache-mod_jk packages fix security vulnerability
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. CVE-2024-46544...
CVE-2024-46544
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
CVE-2024-46544
CVE-2024-46544 affects Apache Tomcat Connectors (mod_jk) on Unix-like systems, with vulnerable versions 1.2.9-beta through 1.2.49. The issue is Incorrect Default Permissions that can allow local users to view/modify shared memory containing mod_jk configuration, potentially leading to information...
Fixed in Apache Tomcat JK Connector 1.2.50
Moderate: Information disclosure / Denial of service CVE-2024-46544 Incorrect default permissions for the memory mapped file configured by the JkShmFile directive on Unix like systems allows local users to view and/or modify the contents of the shared memory containing modjk configuration and...
CVE-2024-46544 Apache Tomcat Connectors: mod_jk: local users can view and modify configuration
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...
CVE-2024-46544 Apache Tomcat Connectors: mod_jk: local users can view and modify configuration
Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...