3 matches found
CVE-2018-11759
CVE-2018-11759 affects the Apache Tomcat JK Connector (mod_jk) when used with Apache httpd: connector versions 1.2.0 through 1.2.44, due to edge-case handling in httpd path normalization, could allow exposure of application functionality via the reverse proxy and may bypass httpd access controls....
CVE-2018-1323
The issue (CVE-2018-1323) affects Apache Tomcat JK Connector (mod_jk) IIS/ISAPI integration: the ISAPI Connector 1.2.0–1.2.42 path normalization in jk_isapi_plugin.c could allow a specially crafted request to access application functionality via the reverse proxy that was not intended for clients...
CVE-2016-6808
CVE-2016-6808 affects the Apache Tomcat Connectors (mod_jk). Affected component: mod_jk (C connector for Tomcat) with a buffer overflow vulnerability in versions before 1.2.42. Root cause indicated as a buffer overflow in the connector, leading to potential impact on confidentiality, integrity, a...