CVE-2014-8111
EPSS 3.7%libapache-mod-jk - security update
Published: 4/21/2015Modified: 4/28/2026
Also known as:DEBIAN-CVE-2014-8111
Description
Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rules for subtrees of previous JkMount rules, which allows remote attackers to access otherwise restricted artifacts via unspecified vectors.
Affected packages (3)
- Debian/libapache-mod-jkfrom 0, < 1:1.2.40+svn150520-1
- Debian/libapache-mod-jkfrom 0, < 1:1.2.30-1squeeze2
- Debian/libapache-mod-jkfrom 0, < 1:1.2.37-1+deb7u1