| Release | Version |
|---|---|
| bullseye | 1:1.2.48-1+deb11u1 |
| bullseye (security) | 1:1.2.48-1+deb11u2 |
| bookworm | 1:1.2.48-2+deb12u1 |
| trixie | 1:1.2.49-1 |
| sid | 1:1.2.49-1 |
| Bug | bullseye | bookworm | trixie | sid | Description |
|---|---|---|---|---|---|
| CVE-2024-46544 | fixed | vulnerable (no DSA) | vulnerable | vulnerable | Incorrect Default Permissions vulnerability in Apache Tomcat Connector ... |
| Bug | Description |
|---|---|
| CVE-2023-41081 | Important: Authentication Bypass CVE-2023-41081 The mod_jk component ... |
| CVE-2018-11759 | The Apache Web Server (httpd) specific code that normalised the reques ... |
| CVE-2018-1323 | The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1. ... |
| CVE-2016-6808 | Buffer overflow in Apache Tomcat Connectors (mod_jk) before 1.2.42. |
| CVE-2014-8111 | Apache Tomcat Connectors (mod_jk) before 1.2.41 ignores JkUnmount rule ... |
| CVE-2008-5519 | The JK Connector (aka mod_jk) 1.2.0 through 1.2.26 in Apache Tomcat al ... |
| CVE-2007-1860 | mod_jk in Apache Tomcat JK Web Server Connector 1.2.x before 1.2.23 de ... |
| CVE-2007-0774 | Stack-based buffer overflow in the map_uri_to_worker function (native/ ... |
| DSA / DLA | Description |
|---|---|
| DLA-3919-1 | libapache-mod-jk - security update |
| DLA-3580-1 | libapache-mod-jk - security update |
| DSA-4357-1 | libapache-mod-jk - security update |
| DLA-1609-1 | libapache-mod-jk - security update |
| DLA-240-1 | libapache-mod-jk - security update |
| DSA-3278-1 | libapache-mod-jk - security update |
| DSA-1810-1 | libapache-mod-jk - information |
| DSA-1312-1 | libapache-mod-jk |