Max CVSS 7.8 Min CVSS 2.6 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2008-5519 2.6
The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat allows remote attackers to obtain sensitive information via an arbitrary request from an HTTP client, in opportunistic circumstances involving (1) a request from a different client t
13-02-2023 - 02:19 09-04-2009 - 15:08
CVE-2006-7197 7.8
The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.
13-02-2023 - 02:17 25-04-2007 - 20:19
CVE-2007-1860 5.0
mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 decodes request URLs within the Apache HTTP Server before passing the URL to Tomcat, which allows remote attackers to access protected pages via a crafted prefix JkMount, possibly in
13-02-2023 - 02:17 25-05-2007 - 18:30
CVE-2007-0774 7.5
Stack-based buffer overflow in the map_uri_to_worker function (native/common/jk_uri_worker_map.c) in mod_jk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitr
13-02-2023 - 02:17 04-03-2007 - 22:19
CVE-2007-0450 5.0
Directory traversal vulnerability in Apache HTTP Server and Tomcat 5.x before 5.5.22 and 6.x before 6.0.10, when using certain proxy modules (mod_proxy, mod_rewrite, mod_jk), allows remote attackers to read arbitrary files via a .. (dot dot) sequence
13-02-2023 - 02:17 16-03-2007 - 22:19
CVE-2018-1323 5.0
The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomca
15-04-2019 - 16:31 12-03-2018 - 16:29
CVE-2018-11759 5.0
The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs sup
15-04-2019 - 16:31 31-10-2018 - 20:29
CVE-2016-6808 7.5
Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42.
15-04-2019 - 16:30 12-04-2017 - 20:59
CVE-2014-8111 5.0
Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors.
15-04-2019 - 16:30 21-04-2015 - 17:59
Back to Top Mark selected
Back to Top