CLSA-2025-1763032400 mod_jk: Fix of CVE-2023-41081

CVE-2023-41081: fix authentication bypass by removing implicit mapping functionality in modjk...

Oracle Linux 9 : mod_jk / and / mod_proxy_cluster (ELSA-2024-2387)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2387 advisory. modjk 1.2.49-1 - Related: RHEL-27511 - Rebase to upstream 1.2.49 release modproxycluster 1.3.20-1 - Rebase modcluster to upstream 1.3.20.Final tag -...

httpd: Apache Tomcat Connectors (mod_jk) Information Disclosure

A vulnerability was found in Apache Tomcat Connectors modjk. Affected versions of this package are vulnerable to information exposure in the modjk component. This flaw allows an attacker to exploit the implicit mapping functionality, resulting in the unintended exposure of the status worker and...

[SECURITY] [DLA 3580-1] libapache-mod-jk security update

Debian LTS Advisory DLA-3580-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 24, 2023 https://wiki.debian.org/LTS Package : libapache-mod-jk Version : 1:1.2.46-1+deb10u2 CVE ID : CVE-2023-41081 Debian Bug : 1051956 The modjk component of Apache Tomcat...

CVE-2023-41081

A vulnerability was found in Apache Tomcat Connectors modjk. Affected versions of this package are vulnerable to information exposure in the modjk component. This flaw allows an attacker to exploit the implicit mapping functionality, resulting in the unintended exposure of the status worker and...

DEBIAN-CVE-2023-41081

Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, modjk would use an...

CVE-2023-41081

Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, modjk would use an...

Authentication flaw

Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, modjk would use an...

UBUNTU-CVE-2023-41081

Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, modjk would use an...

CVE-2023-41081 Apache Tomcat Connectors: Unexpected use of first declared worker in mod_jk for unmapped request

Important: Authentication Bypass CVE-2023-41081 The modjk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, modjk would use an...

Apache Tomcat Security Vulnerability

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server. The program implements support for Servlets and JavaServer Page JSP. A security vulnerability exists in Apache Tomcat, which stems from the fact that modjk uses an implicit mapping when the...

PT-2023-5210 · Apache +5 · Apache Tomcat Connectors +5

Name of the Vulnerable Software and Affected Versions: Apache Tomcat Connectors versions 1.2.0 through 1.2.48 Description: The mod jk component of Apache Tomcat Connectors is affected by an issue where, in certain circumstances, such as when a configuration includes "JkOptions +ForwardDirectories...