Lucene search
+L

18 matches found

ibm
ibm
added 2025/06/23 1:12 p.m.15 views

Security Bulletin: IBM DevOps Release addresses multiple vulnerabilities related to Apache Tomcat.

Summary IBM DevOps Release 7.0.0.4 addresses multiple vulnerabilities related to Apache Tomcat. Vulnerability Details CVEID:CVE-2024-46544 DESCRIPTION: Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk...

9.8CVSS7.8AI score0.06287EPSS
Exploits3Affected Software1
nessus
nessus
added 2025/01/18 12:0 a.m.8 views

SUSE SLES12 Security Update : apache2-mod_jk (SUSE-SU-2025:0143-1)

The remote SUSE Linux SLES12 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2025:0143-1 advisory. - Update to version 1.2.50: - CVE-2024-46544: Fixed incorrect default permissions vulnerabilitymay that could lead to information disclosure and/or...

5.9CVSS6AI score0.00326EPSS
Exploits0References4
openvas
openvas
added 2025/01/17 12:0 a.m.9 views

SUSE: Security Advisory (SUSE-SU-2025:0143-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS7.5AI score0.00326EPSS
Exploits0References2
osv
osv
added 2025/01/16 1:25 p.m.10 views

SUSE-SU-2025:0143-1 Security update for apache2-mod_jk

This update for apache2-modjk fixes the following issues: - Update to version 1.2.50: - CVE-2024-46544: Fixed incorrect default permissions vulnerabilitymay that could lead to information disclosure and/or denial of service. bsc1230916...

5.9CVSS7.5AI score0.00326EPSS
Exploits0References3
openvas
openvas
added 2025/01/15 12:0 a.m.10 views

openSUSE Security Advisory (SUSE-SU-2025:0102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.01257EPSS
Exploits0References5
nessus
nessus
added 2024/11/06 12:0 a.m.9 views

RHEL 9 : mod_jk (RHSA-2024:8929)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:8929 advisory. The modjk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. Security Fixes: modjk: information...

5.9CVSS6AI score0.00326EPSS
Exploits0References6
nessus
nessus
added 2024/11/06 12:0 a.m.12 views

RHEL 9 : mod_jk (RHSA-2024:8928)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:8928 advisory. The modjk module is a plugin for the Apache HTTP Server to connect it with the Apache Tomcat servlet engine. Security Fixes: modjk: information...

5.9CVSS6AI score0.00326EPSS
Exploits0References6
f5
f5
added 2024/11/04 7:44 p.m.16 views

K000148382: Apache Tomcat Connectors vulnerability CVE-2024-46544

Security Advisory Description Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors:...

5.9CVSS5.2AI score0.00326EPSS
Exploits0
nessus
nessus
added 2024/10/09 12:0 a.m.25 views

AlmaLinux 9 : mod_jk bug fix update (Medium) (ALSA-2024:7457)

The remote AlmaLinux 9 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2024:7457 advisory. The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstre...

5.9CVSS6AI score0.00326EPSS
Exploits0References2
nessus
nessus
added 2024/10/08 12:0 a.m.29 views

RHEL 9 : mod_jk update (Moderate) (RHSA-2024:7457)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:7457 advisory. The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes:...

5.9CVSS6AI score0.00326EPSS
Exploits0References6
redhat
redhat
added 2024/10/01 3:27 p.m.20 views

Moderate: Red Hat Security Advisory: mod_jk bug fix update

An update for modjk is now available for Red Hat Enterprise Linux 9.4. The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstream 1.2.50 release JIRA:RHEL-58855 Security fixes: modjk:...

5.9CVSS6.2AI score0.00326EPSS
Exploits0References3
osv
osv
added 2024/10/01 12:0 a.m.37 views

ALSA-2024:7457 Moderate: mod_jk bug fix update

The modjk module is an Apache HTTP Server plug-in that enables the Apache HTTP Server to connect with the Apache Tomcat servlet engine. Bug Fixes: Rebase to upstream 1.2.50 release JIRA:AlmaLinux-58855 Security fixes: modjk: information Disclosure / DoS CVE-2024-46544 JIRA:AlmaLinux-59800...

5.9CVSS5.7AI score0.00326EPSS
Exploits0References4
osv
osv
added 2024/09/27 1:30 a.m.8 views

MGASA-2024-0315 Updated apache-mod_jk packages fix security vulnerability

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. CVE-2024-46544...

5.9CVSS5.6AI score0.00326EPSS
Exploits0References3
nvd
nvd
added 2024/09/23 11:15 a.m.21 views

CVE-2024-46544

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...

5.9CVSS0.00326EPSS
Exploits0References3
cvelist
cvelist
added 2024/09/23 10:43 a.m.26 views

CVE-2024-46544 Apache Tomcat Connectors: mod_jk: local users can view and modify configuration

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...

0.00326EPSS
Exploits0References1
cve
cve
added 2024/09/23 10:43 a.m.110 views

CVE-2024-46544

CVE-2024-46544 affects Apache Tomcat Connectors (mod_jk) on Unix-like systems, with vulnerable versions 1.2.9-beta through 1.2.49. The issue is Incorrect Default Permissions that can allow local users to view/modify shared memory containing mod_jk configuration, potentially leading to information...

5.9CVSS5.7AI score0.00326EPSS
Exploits0References3Affected Software1
osv
osv
added 2024/09/23 10:43 a.m.32 views

CVE-2024-46544 Apache Tomcat Connectors: mod_jk: local users can view and modify configuration

Incorrect Default Permissions vulnerability in Apache Tomcat Connectors allows local users to view and modify shared memory containing modjk configuration which may lead to information disclosure and/or denial of service. This issue affects Apache Tomcat Connectors: from 1.2.9-beta through 1.2.49...

5.9CVSS6.2AI score0.00326EPSS
Exploits0References5
tomcat
tomcat
added 2024/09/23 10:43 a.m.17 views

Fixed in Apache Tomcat JK Connector 1.2.50

Moderate: Information disclosure / Denial of service CVE-2024-46544 Incorrect default permissions for the memory mapped file configured by the JkShmFile directive on Unix like systems allows local users to view and/or modify the contents of the shared memory containing modjk configuration and...

5.9CVSS7AI score0.00326EPSS
Exploits0Affected Software1
Rows per page
Query Builder